small and medium business – Page 13 – Computer Security Articles

Credit to Author: Charlotte Trueman| Date: Wed, 10 Aug 2022 07:37:00 -0700

Microsoft has confirmed that a high-severity, zero-day security vulnerability is actively being exploited by threat actors and is advising all Windows and Windows Server users to apply its latest monthly Patch Tuesday update as soon as possible.

The vulnerability, known as CVE-2022-34713 or DogWalk, allows attackers to exploit a weakness in the Windows Microsoft Support Diagnostic Tool (MSDT). By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems.

To read this article in full, please click here

ComputerWorld Independent

5 best practices for secure collaboration

August 3, 2022 admin collaboration software, communications security, security practices, small and medium business, video

Credit to Author: CSO staff| Date: Wed, 03 Aug 2022 02:00:00 -0700

How successful companies are facing the challenges of securing emerging communication technologies.

ComputerWorld Independent

How to protect Windows 10 and 11 PCs from ransomware

August 2, 2022 admin Security, small and medium business, windows, Windows 10, windows 11

Credit to Author: Preston Gralla| Date: Tue, 02 Aug 2022 03:00:00 -0700

CryptoLocker. WannaCry. DarkSide. Conti. MedusaLocker. The ransomware threat isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world. It’s popular in large part because of the immediate financial payoff for attackers: It works by encrypting the files on your hard disk, then demands that you pay a ransom, frequently in Bitcoin or other cryptocurrency, to decrypt them.

But you needn’t be a victim. There’s plenty that Windows 10 and 11 users can do to protect themselves against it. In this article, I’ll show you how to keep yourself safe, including how to use an anti-ransomware tool built into Windows.

To read this article in full, please click here

ComputerWorld Independent

Apple's latest controversy: Expanded App Store advertising

August 1, 2022 admin apple, Mobile, Mobile Apps, privacy, small and medium business

Credit to Author: Jonny Evans| Date: Mon, 01 Aug 2022 09:03:00 -0700

Depending on how you look at it, Apple may be ramping up ways developers can reach out durectly to customers via its App Store – or building its own business at others’ expense.

What Apple is doing

Apple has had an advertising business of its own ever since Apple’s then CEO, Steve Jobs, introduced us to iAds in 2010. The scale of that offer was always limited to Apple’s platform, but the service arguably failed, with its technology living on in the form of ad slots in Apple News and the App Store.

Apple’s App Store currently hosts just two ad slots, one in the search tab and the other in Search results. You can tell when you are looking at an ad from the blue shade behind the graphic and a small blue badge that says “ad” – these ads are hard to mistake for content.

To read this article in full, please click here

ComputerWorld Independent

For SMBs, Microsoft offers a new layer of server protection

July 25, 2022 admin microsoft, Security, small and medium business, windows

Credit to Author: Susan Bradley| Date: Mon, 25 Jul 2022 09:00:00 -0700

Do you run a small business with on-premises servers?

Chances are, you rely on technology that includes servers, whether they’re Windows- or Linux-based. With that in mind, Microsoft recently announced it’s previewing “server protection for small business” — bundling the offering with Microsoft Defender for Business.

This is noteworthy because until now, most Endpoint Detection and Response (EDR) solutions have been expensive and typically only deployed by larger enterprises. (EDR is an integrated, layered approach to endpoint protection that combines real-time continuous monitoring and endpoint data analytics with rule-based automated response.)

To read this article in full, please click here

ComputerWorld Independent

With a light July Patch Tuesday, it's time to invest in your IT processes

July 15, 2022 admin microsoft, Security, small and medium business, windows

Credit to Author: Greg Lambert| Date: Fri, 15 Jul 2022 12:04:00 -0700

Though we get a reprieve from Exchange updates in this month’s Patch Tuesday update, more printer updates are on the way. Even with no updates for Microsoft Exchange or Visual Studio, Adobe is back with 15 critical updates for Adobe Reader. And Microsoft’s new patch deployment tool Auto-Patch is now live. (I always thought application testing was the main problem here, but actually getting patches deployed is still tough.)

Though the numbers are still quite high (with 86+ reported vulnerabilities), the testing and deployment profile for July should be fairly moderate. We suggest taking the time to harden your Exchange Server defenses and mitigation processes, and invest in your testing processes.

To read this article in full, please click here

ComputerWorld Independent

Now’s the time to prep for Microsoft’s Excel macro crackdown

July 11, 2022 admin microsoft, Security, small and medium business, windows

Credit to Author: Susan Bradley| Date: Mon, 11 Jul 2022 08:56:00 -0700

On July 8, Microsoft pulled back from its decision in February to block macros in Excel documents by default. Microsoft had said it would block Excel files that contained macros if they were downloaded from the internet. (Malicious actors use these lures as a way to launch attacks on networks; specifically, ransomware and other types of malicious activity can launched from a plain, old malicious spreadsheet.)

Microsoft still plans to put this blocking in place, but only after “a better experience.” In the meantime, there are actions you can take now so you won’t need to worry about the change in the future.

If you work for a firm that’s developed spreadsheets for your own internal office use, chances are the spreadsheet does not have a digital signature. Signing machos is similar to how websites use SSL certificates to validate the site is legit. The hardest part of the self-signing process is deciding whether you want to purchase a code-signing certificate or use the self-signed certificate process. (I can tell you from personal experience that trying to purchase a code-signing certificate is an expensive and cumbersome process. I don’t recommend that option, except for large enterprises where the code-signing process is routine.)

To read this article in full, please click here

ComputerWorld Independent

Apple slaps hard against ‘mercenary’ surveillance-as-a-service industry

July 7, 2022 admin apple, iOS, MacOS, Mobile, privacy, Security, small and medium business

Credit to Author: Jonny Evans| Date: Thu, 07 Jul 2022 06:17:00 -0700

Apple has struck a big blow against the mercenary “surveillance-as-a-service” industry, introducing a new, highly secure Lockdown Mode to protect individuals at the greatest risk of targeted attacks. The company is also offering millions of dollars to support research to expose such threats.

Starting in iOS 16, iPadOS 16 and macOS Ventura, and available now in the latest developer-only betas, Lockdown Mode hardens security defenses and limits the functionalities sometimes abused by state-sponsored surveillance hackers. Apple describes this protection as “sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.”

To read this article in full, please click here