Category Archives: Security tools

Microsoft Patch Tuesday, January 2023 Edition

Posted on by

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection. Continue reading Microsoft Patch Tuesday, January 2023 Edition

Microsoft Patch Tuesday, December 2022 Edition

Posted on by

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday. Continue reading Microsoft Patch Tuesday, December 2022 Edition

Researchers Quietly Cracked Zeppelin Ransomware Keys

Posted on by

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things,… Read More » Continue reading Researchers Quietly Cracked Zeppelin Ransomware Keys

LinkedIn Adds Verified Emails, Profile Creation Dates

Posted on by

For whatever reason, the majority of the phony LinkedIn profiles reviewed by this author have involved young women with profile photos that appear to be generated by artificial intelligence (AI) tools.

We’re seeing rapid advances in AI-based synthetic image generation technology and we’ve created a deep learning model to better catch profiles made with this technology. AI-based image generators can create an unlimited number of unique, high-quality profile photos that do not correspond to real people. Fake accounts sometimes use these convincing, AI-generated profile photos to make their fake LinkedIn profile appear more authentic. Continue reading LinkedIn Adds Verified Emails, Profile Creation Dates

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Posted on by

This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16, which includes a nifty new privacy and security feature called “Lockdown Mode.” And Adobe axed 63 vulnerabilities in a range of products. Continue reading Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Transacting in Person with Strangers from the Internet

Posted on by

Communities like Craigslist, OfferUp, Facebook Marketplace and others are great for finding low- or no-cost stuff that one can pick up directly from a nearby seller, and for getting rid of useful things that don’t deserve to end up in a landfill. But when dealing with strangers from the Internet, there is always a risk that the person you’ve agreed to meet has other intentions. Continue reading Transacting in Person with Strangers from the Internet

How 1-Time Passcodes Became a Corporate Liability

Posted on by

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Continue reading How 1-Time Passcodes Became a Corporate Liability

The Security Pros and Cons of Using Email Aliases

Posted on by

One way to tame your email inbox is to get in the habit of using unique email aliases when signing up for new accounts online. Adding a “+” character after the username portion of your email address — followed by a notation specific to the site you’re signing up at — lets you create an infinite number of unique email addresses tied to the same account. Aliases can help users detect breaches and fight spam. But not all websites allow aliases, and they can complicate account recovery. Here’s a look at the pros and cons of adopting a unique alias for each website. Continue reading The Security Pros and Cons of Using Email Aliases

Microsoft Patch Tuesday, July 2022 Edition

Posted on by

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet. Continue reading Microsoft Patch Tuesday, July 2022 Edition

Your Phone May Soon Replace Many of Your Passwords

Posted on by

Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. Experts say the changes should help defeat many types of phishing attacks and ease the overall password burden on Internet users, but caution that a true passwordless future may still be years away for most websites. Continue reading Your Phone May Soon Replace Many of Your Passwords