MonthJune 2018

8 Security Tips for a Hassle-Free Summer Vacation

It's easy to let your guard down when you're away. Hackers know that, too.

New Drupal Exploit Mines Monero for Attackers

A new exploit of a known vulnerability gives an attacker control of the Drupal-hosting server.

Supreme Court: Your digital location is protected by the Constitution

The U.S. Supreme Court today ruled that access to historical cell-site records of a person's location based on their mobile phone will require law enforcement to obtain a warrant before searching a person's historical location records.

This is the first time the high court has ruled on whether a phone subscriber has a legitimate expectation of privacy regarding a telephone company's records of their cellphone location data, according to Aloke Chakravarty, a partner in the Denver-based law firm of Snell & Wilmer.

"This is a landmark case for privacy, and how the court will deal with emerging technologies going forward," Chakravarty said via email. "It creates a new lens through which to view a government's ability to obtain third-party records where a criminal defendant neither possesses the records, doesn't have a property interest in them, may not even know they exist, and he cannot personally even access them."

To read this article in full, please click here

Cracking Cortana: The Dangers of Flawed Voice Assistants

Researchers at Black Hat USA will show how vulnerabilities in Microsoft's Cortana highlight the need to balance security with convenience.

‘Pay Up or Get WannaCry Hit’ Extortion Email Spreading

Sophos warns of a 'protection racket' scam email that threatens to infect victims with the ransomware variant if they don't pay the attackers.

‘Pay Up or Get WannaCry Hit’ Extortion Email Spreading

Sophos warns of a 'protection racket' scam email that threatens to infect victims with the ransomware variant if they don't pay the attackers.

White House Email Security Faux Pas?

The Executive Office of the President isn't complying with the DMARC protocol, but that has fewer implications than some headlines would suggest.

White House Email Security Faux Pas?

The Executive Office of the President isn't complying with the DMARC protocol, but that has fewer implications than some headlines would suggest.

Big Win10 1709 patch reinforces twice-a-month patching pace but, oddly, nothing new for 1803

Microsoft’s Windows 10 patching pace is so fast at this point that one Patch Tuesday doesn’t cover all the bases. Instead, we’re seeing one massive Cumulative Update on Patch Tuesday, and a second — typically large — grab bag of patches later in the month.

You have to wonder what’s happening, though, when Microsoft can deliver its second bundle of patches for 1709, 1703 and 1607 before the second patch for the latest version, 1803, sees light of day.

The Win10 patches

KB 4284822 for Win10 1709

To read this article in full, please click here

Apple pushes privacy theme in Safari for iOS 12, ‘Mojave’

Apple upgrades its Safari browser on macOS and iOS just once a year, making the refresh more strategic than most of its rivals, notably Google, which last year had eight separate opportunities to add features or functionality to Chrome.

The next Safari, which will be bundled with macOS 10.14 'Mojave' and iOS 12, and offered as a separate download for those who stick with macOS High Sierra (10.13) and Sierra (10.12), thus must make its enhancements count.

On the security and privacy side, Safari tries its hardest to build a case. Here are the important ways Apple's browser - which shed user share on both the desktop and on mobile over the past year - has staked its reputation for the next 12 months.

To read this article in full, please click here