Four zero-days make July 's Patch Tuesday a 'patch now' update

Read more

4 collaboration security mistakes companies are still making

Before the pandemic, the business world took for granted that the vast majority of knowledge workers would be working in corporate offices most of the time. In the post-pandemic world, however, many employees can work from anywhere, at any time, and on any device with an internet connection.

When COVID-19 work-at-home mandates took effect around the world in early 2020, organizations rushed to adopt online collaboration tools. With capabilities ranging from voice- and videoconferencing to document co-authoring and project tracking, these tools helped teams communicate, work together, and share updates on various projects and initiatives from home or anywhere else.

To read this article in full, please click here

Read more

Apple warns that UK's Online Safety Bill puts people at 'greater risk'

Apple has raised its voice against a UK law that will dramatically undermine secure commerce and trust online, warning it could put UK citizens at risk.

And Apple is not alone. More than 80 civil society organizations, academics, and experts from 23 nations have warned against the UK government’s decision, which would turn the UK into the first democracy to require routine surveillance of people’s private chats.

The current UK government’s Online Safety Bill includes the power to force encrypted messaging tools such as WhatsApp, Signal, and iMessage to scan messages.

To read this article in full, please click here

Read more

With one June Patch Tuesday update, Microsoft falls short

I’ve tracked Microsoft’s Windows patches for years and closely watched all of the changes the company has made. I remember when you had to install updates in a certain order — and watch for which one had to be installed first. I remember the arrival of automated patching using Software Update Services (later called Windows Server Update Services). I’ve seen how we went from a system where each vulnerability was patched individually to what we now have: cumulative patching.

The ideal patch is self-contained. Install, reboot, get back to your work. It causes no side effects. It protects the operating system. And you forget about it because it does what it’s supposed to do.

To read this article in full, please click here

Read more

June's Patch Tuesday updates focus on Windows, Office

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Read more

How and why to use FIDO Security Keys for Apple ID

In a world that needs Apple’s recently-improved Lockdown Mode to protect good people against bad ones, high-risk individuals should consider using physical security keys to protect their Apple ID.

What are Security Keys and what do they do?

Security keys are small devices that look a little like thumb drives. Apple at WWDC 2020 confirmed plans to support FIDO authentication beginning with iOS 14 and macOS 11; now, with the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple lets you use them to verify your Apple ID, replacing a passcode. They become one of the two forms of identification you require with two-factor authentication (2FA).

To read this article in full, please click here

Read more

WWDC: 18+ ways Apple plans to make you more secure

Vision Pro, Apple Silicon, Macs, new enterprise tools — and privacy protection were all among the many WWDC announcements Apple made this week.

Introducing these protections, Craig Federighi, Apple’s senior vice president for  software engineering said: “We are focused on keeping our users in the driver’s seat when it comes to their data by continuing to provide industry-leading privacy features and the best data security in the world.

To read this article in full, please click here

Read more

Cisco brings generative AI to Webex and Cisco Security Cloud

Cisco is adding new generative AI capabilities to its Webex collaboration platform, aimed at increasing productivity through automated meeting and conversation summaries.

The new offerings, announced at the Cisco Live! customer event in Las Vegas on Wednesday, include summarization capabilities that allow users to catch up on missed meetings or focus on the most important action items from a call. The capabilities also extend to Cisco’s asynchronous Vidcast tool and the Webex Contact Center.

To read this article in full, please click here

Read more