July 24, 2024
Via: CSO OnlineCrowdStrike has blamed a hole in its testing software for the release of a defective content update that hobbled millions of Windows computers worldwide on Friday, July 19. The hole caused CrowdStrike’s Content Validator tool to miss a flaw in […]
July 19, 2024
Via: CSO OnlineCrowdStrike has admitted to pushing out a bad software update, causing many Windows machines running the affected software to crash. The problem, apparently affecting its Falcon platform, brought down servers at airlines, locked up computers at banks, and hurt healthcare […]
May 13, 2024
Via: CSO OnlineMicrosoft has hinted at a possible end to NTLM a few times, but with quite a few Windows 95 or 98 in use that do not support the alternative, Kerberos, it won’t be an easy job to do. There is […]
September 5, 2023
Via: CSO OnlineMicrosoft has decided to disallow Transport Layer Security (TLS) versions 1.0 and 1.1 in the Windows operating system in a bid to increase the security posture of its customers and encourage modern protocol adoption. The company has warned that the […]
April 12, 2023
Via: CSO OnlineMicrosoft patched over 100 vulnerabilities this week in its products, including a zero-day privilege escalation flaw used in the wild by a ransomware gang. However, another critical vulnerability that can be easily exploited to take over Windows systems remotely over […]
January 11, 2023
Via: CSOThe Scattered Spider cybercrime group has recently been observed attempting to deploy a malicious kernel driver using a tactic called bring your own vulnerable driver (BYOVD) — a warning to security professionals that the technique, which exploits longstanding deficiencies in […]
April 15, 2022
Via: CSOAmong the over 100 vulnerabilities fixed by Microsoft this week during its monthly patch cycle is one that has the security community very worried. It’s a critical remote code execution (RCE) vulnerability located in the Windows Remote Procedure Call (RPC) […]
October 13, 2021
Via: CSOThe US Cybersecurity and Infrastructure Security Agency (CISA) has designated October as Cybersecurity Awareness Month. In honor of this event, I urge you to take the month of October to become more aware of your computer and network assets. Inventory […]
June 17, 2021
Via: CSOAs the core of Windows enterprise networks, Active Directory, the service that handles user and computer authentication and authorization, has been well studied and probed by security researchers for decades. Its public key infrastructure (PKI) component, however, has not received […]
Security, Software, Technology
May 26, 2021
Via: CSOOlder protocols are hard to kill. From consumer-based protocols like SMBv1 to network-based protocols like Windows NT LAN Manager (NTLM), we typically need time and planning to move off protocols that we rely on. Many of us are still using […]
October 15, 2020
Via: ITWorld NetworkingIf there’s going to be a successful cyberattack on the 2020 U.S election, you can be sure Windows will be involved. It’s the world’s biggest exposed attack vector and the weapon of choice of cybercriminals and intelligence agencies the world […]
June 9, 2020
Via: CSOMicrosoft fixed 129 vulnerabilities today across its entire range of software products, from Windows and Office to Visual Studio, Azure DevOps and Microsoft Apps for Android. Eleven of those flaws are critical and should be patched immediately, but one particular […]
May 9, 2019
Via: CSOMicrosoft’s April 24 decision to remove the “Maximum Password Age” (forced expiration) default from Microsoft Windows has sparked a lot of discussion. The default (and recommended) maximum password age had been 45 to 60 days, depending on the OS version. […]
March 18, 2019
Via: RCR Wireless NewsChinese vendor Huawei Technologies confirmed that it has a proprietary operating systems for both smartphones and computers, which the vendor plans to use in the event of an eventual ban by the U.S. government, German publication Die Welt reported, citing […]
January 31, 2019
Via: CSOThe AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Only five of the 16 products tested earned a perfect rating of 6 for each of those criteria: Kaspersky […]
January 18, 2019
Via: Computerworld NetworkingIf you can’t get to your router’s admin page using the Edge browser, there’s a reason why. Microsoft broke it with this month’s cumulative updates. Yesterday, Microsoft appended this warning to all of its Windows 10 January cumulative update pages […]
May 22, 2018
Via: CSOA big problem in the computer security world is that practitioners aren’t skeptical enough, don’t question purported authority statements, and often don’t ask the right questions. It’s a theme I see over and over, and it leads defenders to enacting […]
February 13, 2018
Via: CSOWith the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security posture and offer more security choices. You no […]
May 9, 2017
Via: Toms IT ProClicking around in a Windows GUI to add, remove and change firewall rules doesn’t sound like a fun time. Perhaps if you’re configuring a single computer or server it might not be so bad, but who does that anymore in […]
March 13, 2017
Via: CSOIs your computer running slower than usual? Are you getting lots of pop-ups? Have you seen other weird problems crop up? If so, your PC might be infected with a virus, spyware, or other malware—even if you have an antivirus […]