Will Dormann – WindowsTechs.com

Microsoft Patch Tuesday, December 2022 Edition

Posted on December 14, 2022 by BrianKrebs

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday. Continue reading Microsoft Patch Tuesday, December 2022 Edition→

When Your Smart ID Card Reader Comes With Malware

Posted on May 18, 2022 by BrianKrebs

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. But many government employees aren’t issued an approved card reader device that lets them use these cards at home or remotely, and so turn to low-cost readers they find online. What could go wrong? Here’s one example. Continue reading When Your Smart ID Card Reader Comes With Malware→

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Posted on January 13, 2020 by BrianKrebs

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020. Continue reading Cryptic Rumblings Ahead of First 2020 Patch Tuesday→

Free Android apps with poor password security

Posted on April 16, 2018 by David Harley

CERT/CC report into poor password practice in Android apps.
The post Free Android apps with poor password security appeared first on Security Boulevard.
Continue reading Free Android apps with poor password security→

Who Makes the IoT Things Under Attack?

Posted on October 3, 2016 by BrianKrebs

As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware. Continue reading Who Makes the IoT Things Under Attack?→