MOZILLA STOPS FTP SUPPORT IN FIREFOX 90
2021-07-25 10:22:58       Slashdot
A post on Mozilla`s security blog calls FTP `by now one of the oldest protocols still in use` - and it`s suffering from `a number of serious security issues.` The biggest security risk is that FTP transfers data in cleartext, allowing attackers to steal, spoof and even modify the data transmitted. To date, many malware distribution campaigns launch their attacks by compromising FTP servers and downloading malware on an end user`s device using the FTP protocol. Aligning with our intent to deprecate non-secure HTTP and increase the percentage of secure connections, we, as well as other major web browsers, decided to discontinue support of the FTP protocol. Removing FTP brings us closer to a fully-secure web which is on a path to becoming HTTPS only and any modern automated upgrading mechanisms such as HSTS or also Firefox`s HTTPS-Only Mode, which automatically upgrade any connection to become secure and encrypted do not apply to FTP. The FTP protocol itself has been disabled by default since version 88 and now the time has come to end an era and discontinue the support for this outdated and insecure protocol - Firefox 90 will no longer support the FTP protocol.

KASPERSKY WARNS FAKE WINDOWS 11 INSTALLERS ARE SPREADING MALWARE
2021-07-25 10:22:46       Slashdot
Long-time Slashdot reader Ammalgam writes: If you`re planning to install Windows 11, you should make sure you download it from official sources. This is because, people who are using pirated or fake methods to get Windows 11 are also downloading malware along with it, according to Kaspersky. The particular file referenced is called 86307_windows 11 build 21996.1 x64 + activator.exe. While it sounds like it includes Windows 11 build 21996.1, and an installer that will automatically activate Windows for you there are some red flags. First, it`s only 1.75GB, so while people who want to install Windows 11 might think that`s a large file that could be Windows, a real Windows 11 ISO is about 4.87GB... `The 1.75 GB file looks legitimate. But most of this space consists of one DLL file that contains a lot of useless information,` explains Mint. And Kaspersky adds that `it even comes with a license agreement (which few people read) calling it a `download manager for 86307_windows 11 build 21996.1 x64 + activator` and noting that it would also install some sponsored software. If you accept the agreement, a variety of malicious programs will be installed on your machine.`

WHAT WINDOWS 11 MEANS: WE`LL BE STUCK WITH MILLIONS OF WINDOWS 10 ZOMBIES
2021-06-29 20:02:00       Slashdot
An anonymous reader quotes a report from ZDNet, written by David Gewirtz: Windows 11 won`t run on many current Windows machines. We do know (we think) that only certain processors will be supported, only 64-bit machines will be supported, and only machines with a TPM chip will run Windows 11. What does that mean for you and me? It means that many machines will be left behind. They will become the walking dead, unable to upgrade, but still shambling along. My biggest concern, of course, is security. For those who pay, Windows 7 security updates will be available through January 2023. It`s not easy for smaller businesses and individuals to get that support, but it`s there. Mainstream support for Windows 8 and 8.1 is over, but extended support is available through January 2023. WIndows 10 support, especially for those abandoned by Windows 11`s restrictive update policy, will end in October 2025, but Ed tells me he thinks that will be extended. That`s good news because there are roughly 1.3 billion Windows 10 devices out there. How many won`t be able to upgrade? That`s not a question we know the answer to now, but [ZDNet`s guru of all things Windows, Ed Bott] tells me he`s working on constructing an estimate, so keep checking back into his column. Some machines will be left behind despite owners` preferences. Many others will remain behind because their owners either don`t know how, don`t care, or refuse to upgrade. Others can`t upgrade, because they`re reliant on legacy software that only runs on older machines. No matter the reason, expect millions of Windows 10 machines to be in the wild for a decade or more -- each an ever-increasing magnet for malware, each an ever-increasing danger to other machines they might encounter and infect. All that brings me back to my machines and yours. Even if you and I are stuck on Windows 10, we still have a good four years of support. That gives us four years to come up with a replacement plan, which is more than enough time. For those of you who will choose `hell no, I won`t go,` it gives you time to ascertain security risks of running unprotected, and find ways to protect those legacy machines.\n \n\n \n

MICROSOFT ROLLS OUT VISUALLY UPDATED OFFICE PREVIEW, PLUS NATIVE 64-BIT OFFICE FOR ARM
2021-06-29 12:15:00       Slashdot
Microsoft has released a visually `refreshed` version of its Office desktop apps for both Windows 10 and 11. Microsoft officials said this new Office refresh will `shine` on Windows 11 but still work on Windows 10. Microsoft also is releasing its first publicly available test build of 64-bit Office for Windows on Arm today. From a report: The updated Office uses Fluent design across Word, Excel, PowerPoint, OneNote, Outlook, Access, Project, Publisher, and Visio. The updated apps are meant to look similar to the Windows 11 OS, design-wise. Via the updated Office interface, Office is set to match users` Windows themes, including black (Dark Mode), white, colorful, or dark gray. The Quick Access toolbar is hidden by default in the name of simplifying the interface. The refreshed Office is available to Office Insider testers running Beta Channel builds. Those who don`t want it can turn off the `Coming Soon` feature at the top right hand corner of the menu. Testers can toggle between the new and existing interface to move between the current and newly updated Office apps.\n \n\n \n

MICROSOFT CLARIFIES STANCE ON WINDOWS 11 MINIMUM SYSTEM REQUIREMENTS
2021-06-28 15:20:00       Slashdot
Neowin: Microsoft today released the first-ever Windows 11 build to Insiders in the Dev channel, bringing build 22000.51. While most of the announced features made it to the build, there are a few missing ones such as support for Android apps. The firm also posted a few known issues for the release. In addition to the build, the company has also posted clarification about the confusion surrounding the minimum system requirements. The firm starts off by acknowledging that there has been confusion caused by the PC Health Check tool, something that was updated late last week after negative feedback from users about the lack of clarity on Windows 11 compatibility. It says that the tool was `not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn`t meet upgrade requirements,` which is why the company is taking down the tool to address the feedback, adding that the tool will be `back online` later in the fall, closer to the general availability of Windows 11. In a blog post, the company adds: [...] Using the principles above, we are confident that devices running on Intel 8th generation processors and AMD Zen 2 as well as Qualcomm 7 and 8 Series will meet our principles around security and reliability and minimum system requirements for Windows 11. As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles.\n \n\n \n

ROCKY LINUX 8.4 ACHIEVES FIRST GENERAL AVAILABILITY RELEASE, PROVES POPULAR
2021-06-26 21:37:00       Slashdot
`When Red Hat killed off CentOS Linux in a highly controversial December 2020 announcement, Gregory Kurtzer immediately announced his intention to recreate CentOS with a new distribution named after his deceased mentor,` Ars Technica reported in February. And this week, `The Rocky Enterprise Software Foundation has announced general availability (GA) of Rocky Linux 8.4,` reports ZDNet. `It`s an important milestone because it`s the first Rocky Linux general availability release ever.` Huge companies, including Disney, GoDaddy, Rackspace, Toyota and Verizon, relied on CentOS, and they were reportedly not happy about RedHat`s decision... It turns out that Kurtzer`s decision has been a popular one. Besides quickly building up an army of hundreds of contributors for the project, Rocky Linux 8.4 - which follows the May 18 release of Red Hat`s RHEL 8.4 - was downloaded at least 10,000 times within half a day of its release... `If we extrapolate the count to include our other mirrors we are probably at least 3-4x that (if not even way more)!` boasts Kurtzer in a LinkedIn post. `Lots of reports coming in of people and organizations already replacing their CentOS systems (and even other Linux distributions) with Rocky. The media is flying off the hook and business analysts also validating to me personally that Rocky Linux might soon be the most utilized Linux operating system used in enterprise and cloud!` Rocky Linux 8.4 took seven months for the newly formed community to release, and is available for x86_64 and ARM64 (aarch64) architecture hardware in various ISOs. `Sufficient testing has been performed such that we have confidence in its stability for production systems,` explains a blog post at RockyLinux.org, adding that free community support is available through the forums as well as live chat avaiable through IRC and Rocky Linux Mattermost. `Paid commercial support is currently available through CIQ...` `Corporations come and go, their interests as transient as they are self-serving. But a community persists, and that`s who we dedicate Rocky Linux to: you.` Rocky is more than the next free and open, community enterprise operating system. It`s a community. A commitment to an ideal bigger than the sum of its parts, and a promise that our principles - embedded even within our repositories and ISOs - are immutable... This is just the beginning, and the Rocky Enterprise Software Foundation is more than just Rocky Linux - it`s a home for those that believe that open source isn`t just a switch that can be toggled at will, and that projects that many rely on not be subject to the whims of a few. To this point, you can easily find all of our sources, our build infrastructure, Git repositories, and everything else anyone would need to fork our work and ensure that it continues if need be... When we announced our release candidate, we asked you to come build the next free, open, community enterprise operating system with us. Now we`re asking you for more: join us as we build our community. They also thanked 11 sponsors and partners for contributing `resources, financial backing, software, and infrastructure.`\n \n\n \n

MICROSOFT ADMITS TO MISTAKENLY SIGNING A MALICIOUS MALWARE ROOTKIT
2021-06-26 17:34:00       Slashdot
Bleeping Computer reports: Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called `Netfilter,` is in fact a rootkit that was observed communicating with Chinese command-and-control IPs. G Data malware analyst Karsten Hahn first took notice of this event last week and was joined by the wider infosec community in tracing and analyzing the malicious drivers bearing the seal of Microsoft... This incident has once again exposed threats to software supply-chain security, except this time it stemmed from a weakness in Microsoft`s code-signing process. G Data writes: We forwarded our findings to Microsoft who promptly added malware signatures to Windows Defender and are now conducting an internal investigation. At the time of writing it is still unknown how the driver could pass the signing process. In a Friday blog post, Microsoft said it was contacting other antivirus software vendors `so they can proactively deploy detections,` but also emphasized the attack`s limited scope: The actor`s activity is limited to the gaming sector specifically in China and does not appear to target enterprise environments. We are not attributing this to a nation-state actor at this time. The actor`s goal is to use the driver to spoof their geo-location to cheat the system and play from anywhere. The malware enables them to gain an advantage in games and possibly exploit other players by compromising their accounts through common tools like keyloggers. It`s important to understand that the techniques used in this attack occur post exploitation, meaning an attacker must either have already gained administrative privileges in order to be able to run the installer to update the registry and install the malicious driver the next time the system boots or convince the user to do it on their behalf. We will be sharing an update on how we are refining our partner access policies, validation and the signing process to further enhance our protections. There are no actions customers should take other than follow security best practices and deploy Antivirus software such as Windows Defender for Endpoint.\n \n\n \n

WINDOWS USERS SURPRISED BY WINDOWS 11`S SHORT LIST OF SUPPORTED CPUS
2021-06-26 14:34:00       Slashdot
Slashdot reader thegarbz writes: While a lot of focus has been on the TPM requirements for Windows 11, Microsoft has since updated its documentation to provide a complete list of supported processors. At present the list includes only Intel 8th Generation Core processors or newer, and AMD Ryzen Zen+ processors or newer, effectively limiting Windows 11 to PC less than 4-5 years old. Notably absent from the list is the Intel Core i7-7820HQ, the processor used in Microsoft`s current flagship $3500+ Surface Studio 2. This has prompted many threads on Reddit from users angry that their (in some cases very new) Surface PC is failing the Windows 11 upgrade check. The Verge confirms: Windows 11 will only support 8th Gen and newer Intel Core processors, alongside [Intel`s 2016-era] Apollo Lake and newer Pentium and Celeron processors. That immediately rules out millions of existing Windows 10 devices from upgrading to Windows 11... Windows 11 will also only support AMD Ryzen 2000 and newer processors, and 2nd Gen or newer [AMD] EPYC chips. You can find the full list of supported processors on Microsoft`s site... Originally, Microsoft noted that CPU generation requirements are a `soft floor` limit for the Windows 11 installer, which should have allowed some older CPUs to be able to install Windows 11 with a warning, but hours after we published this story, the company updated that page to explicitly require the list of chips above. Many Windows 10 users have been downloading Microsoft`s PC Health App (available here) to see whether Windows 11 works on their systems, only to find it fails the check... This is the first significant shift in Windows hardware requirements since the release of Windows 8 back in 2012, and the CPU changes are understandably catching people by surprise. Microsoft is also requiring a front-facing camera for all Windows 11 devices except desktop PCs from January 2023 onwards. `In order to run Windows 11, devices must meet the hardware specifications,` explains Microsoft`s official compatibility page for Windows 11. `Devices that do not meet the hardware requirements cannot be upgraded to Windows 11.`\n \n\n \n

MICROSOFT SAYS NEW BREACH DISCOVERED IN PROBE OF SUSPECTED SOLARWINDS HACKERS
2021-06-25 23:30:00       Slashdot
An anonymous reader quotes a report from Reuters: Microsoft said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds and Microsoft. Microsoft said it had warned the affected customers. `A sophisticated Nation-State associated actor that Microsoft identifies as NOBELLIUM accessed Microsoft customer support tools to review information regarding your Microsoft Services subscriptions,` the warning reads in part. The U.S. government has publicly attributed the earlier attacks to the Russian government, which denies involvement. After commenting on a broader phishing campaign that it said had compromised a small number of entities, Microsoft said it had also found the breach of its own agent, who it said had limited powers. The agent could see billing contact information and what services the customers pay for, among other things. `The actor used this information in some cases to launch highly-targeted attacks as part of their broader campaign,` Microsoft said. Microsoft warned affected customers to be careful about communications to their billing contacts and consider changing those usernames and email addresses, as well as barring old usernames from logging in. Microsoft said it was aware of three entities that had been compromised in the phishing campaign. It did not immediately clarify whether any had been among those whose data was viewed through the support agent, or if the agent had been tricked by the broader campaign. Microsoft did not say whether the agent was at a contractor or a direct employee.\n \n\n \n

MICROSOFT`S SHAREHOLDERS DEMAND RIGHT-TO-REPAIR
2021-06-25 17:59:00       Slashdot
An anonymous reader quotes a report from Motherboard: Microsoft shareholders have filed a resolution demanding the company seriously consider making its products easier to repair. As You Sow, a non-profit that specializes in shareholder advocacy, delivered the shareholder resolution on Thursday. According to As You Sow, the right-to-repair is important to Microsoft`s shareholders because discarded electronics are destroying the world`s environment, and Microsoft has pledged to help it stop. `Microsoft is a corporate leader in pledging to take substantial action to reduce climate emissions; yet our Company actively restricts consumer access to device repairability, undermining our sustainability commitments by failing to recognize a fundamental principle of electronics sustainability: that overall device environmental impact is principally determined by the length of its useful lifetime,` the shareholders` resolution said. In a 2020 blog post, Microsoft said it will invest in climate innovation and eliminate single-use plastics, but it`s been quiet about repair. `Microsoft positions itself as a leader on climate and the environment, yet facilitates premature landfilling of its devices by restricting consumer access to device reparability,` Kelly McBee, waste program coordinator for As You Sow, said in a press release. `To take genuine action on sustainability and ease pressure on extraction of limited resources including precious metals, the company must extend the useful life of its devices by facilitating widespread access to repair.` The shareholder resolution is demanding that the Board `prepare a report, at reasonable cost and omitting proprietary information, on the environmental and social benefits of making Company devices more easily repairable by consumers and independent repair shops.` Shareholders want this report to assess the `benefits or harms of making instructions, parts, and/or tools for our products more readily available` and `the impact of potential state and federal legislation that requires all electronics companies to improve repair access and repairability.`\n \n\n \n

WINDOWS 11 DROPS SKYPE AS A DEFAULT APP
2021-06-24 21:30:00       Slashdot
Microsoft is shoving Skype out of sight in favor of Microsoft Teams, which gets a highlight spot in the new center-aligned taskbar and deep integration into Windows. The Verge reports: Today`s Windows 11 news is all about where Microsoft sees computing going over the next few years, but it`s just as much the story of how Skype has flourished and ebbed since its $8.5 billion acquisition a decade ago. Five years ago, Skype was the big name in internet calling and video, and Microsoft made it an `inbox app` for Windows 10 that was included at installation and launched at startup by default. Now, after a pandemic year that has had more people using their PCs for voice and video than ever before, Skype was nowhere to be seen in the Windows 11 presentation or materials. The future vision that Microsoft had for Skype everywhere has turned into a reality -- but that reality made competitors Zoom and FaceTime into household names instead. Back in June, when Microsoft made Teams available for personal accounts, the company still paid lip service to Skype, saying, `For folks that just want a very purpose-built app, Skype is a great solution, and we support it and encourage it.` But now, if you want to use Skype, you`re going to have to go find it in the Microsoft Store like any other app. A company spokesperson tells The Verge: `Skype is no longer an inbox app for new devices that run Windows 11. The Skype app is available to download through the Microsoft Store for free.`; Skype joins OneNote, Paint 3D, and 3D Viewer as the apps that will no longer come with the OS.\n \n\n \n

WINDOWS 11 REQUIRES AN INTERNET CONNECTION AND MICROSOFT ACCOUNT AT SETUP
2021-06-24 19:30:00       Slashdot
Slashdot reader xack points out that Windows 11, Microsoft`s next version of its desktop operating system, will require a Microsoft account and internet connection for setup. They write: Based on Microsoft`s official requirements you need an internet connection to install Windows 11. This means people without internet access at home, especially in rural and poorer households, won`t be able to use Windows 11. I hope Microsoft fixes this problem before release. Previous versions of Windows `would let you opt out of Microsoft accounts by creating a local account instead,` notes The Verge. `It`s possible you`ll still be able to use a local account afterwards.` As for the internet requirement, The Verge says it `may make sense since Windows 11 will largely be delivered via a Windows Update, like many of the updates to Windows 10, so you`d need an internet connection to install it on your PC.` Microsoft is also changing the Windows 11 minimum requirements, though they are only slightly higher than what`s required to run Windows 10.\n \n\n \n

MICROSOFT IS CHANGING THE WINDOWS 11 MINIMUM REQUIREMENTS
2021-06-24 17:30:00       Slashdot
The specs required to run Microsoft`s new Windows 11 OS are only slightly higher than Windows 10`s current requirements. All you`ll need is a 64-bit CPU (or SoC), 4GB of RAM, and 64GB of storage. The Verge reports: This marks the end of Windows support for older 32-bit hardware platforms, even though it will continue to run 32-bit software. The fastest way to find out if your system can handle Windows 11 is to download Microsoft`s PC Health App, which will automatically tell you if your specs and settings are ready for the new OS. The system requirements listed by Microsoft are [available here].\n \n\n \n

MICROSOFT WILL BUNDLE ITS RIVAL TO SLACK INTO WINDOWS 11
2021-06-24 12:58:00       Slashdot
Microsoft, which has unveiled a new version of Windows for the first time in six years, said it will integrate its Teams chat and videoconferencing software directly into the operating system. From a report: Teams has seen a huge surge in users during the pandemic, boosting Microsoft in a product category where it`s been trying to catch up with Slack and Zoom. The latest personal computer operating system, Windows 11, also features a new design and will offer changes to the app store.\n \n\n \n

MICROSOFT ANNOUNCES WINDOWS 11 WILL BE ABLE TO RUN ANDROID APPS
2021-06-24 12:03:00       Slashdot
Microsoft has announced that Windows 11 will support Android apps via the Amazon App Store. From a report: These apps will be locally installed, meaning they will show up in the Taskbar and Start menu and not require your smartphone to function. Microsoft didn`t go into much detail, but it`s likely that Android apps on Windows 11 are powered by Microsoft`s Windows Subsystem for Linux 2. These apps will be discoverable in the Microsoft Store.\n \n\n \n

MICROSOFT ANNOUNCES WINDOWS 11
2021-06-24 11:27:00       Slashdot
After weeks of leaks and hype, Microsoft today officially announced Windows 11, the next version of its desktop operating system. From a report: While the company may have once said that Windows 10 was the last version of Windows, forgoing major point launches for a regular cadence of bi-annual upgrades, but it clearly believes that the changes -- and especially the redesigned user interface -- in this update warrant a new version number. Microsoft plans to release Windows 11 to the general public by the holidays, so we can probably expect it sometime around late November. Before that, we`ll likely see a slew of public betas. If you followed along with the development and eventual demise of Windows 10X, Microsoft`s operating system with a simplified user interface for dual- and (eventually) single-screen laptops, a lot of what you`re seeing here will feel familiar, down to the redesigned Start menu. Indeed, if somebody showed you screenshots of Windows 11 and early previews of Windows 10X, you`d have a hard time telling them apart. As Microsoft Chief Product Officer Panos Panay noted in today`s announcement, the overall idea behind the design is to make you feel `an incredible sense of calm,` but at the same time, the Windows team has also worked to make it a lot faster. Windows Updates, for example, are supposed to be 40 percent faster, but Panay also noted that starting up your machine and even browsing should feel much faster.\n \n\n \n

MICROSOFT FIGHTS BACK AGAINST WINDOWS 11 LEAK
2021-06-21 10:42:00       Slashdot
Mark Wilson writes: Just a few days ago -- before it has even been officially announced -- Windows 11 leaked online and remains available to download from numerous sites. The Windows 11 ISO torrent spread like wildfire, and now Microsoft is fighting back. The company has issued a slew of DMCA takedown notices to various sites it says are distributing `a leaked copy of the unreleased Windows 11.` Unsurprisingly, an article entitled `How to Download and Install Windows 11 Right Now` caught the eyes of Microsoft lawyers. The company has issued a slew of DMCA takedown notices to various sites it says are distributing `a leaked copy of the unreleased Windows 11.` Unsurprisingly, an article entitled `How to Download and Install Windows 11 Right Now` caught the eyes of Microsoft lawyers.\n \n\n \n

FIREFOX BEGINS TESTING SPONSORS ON SOME USERS` DEFAULT HOME PAGE/NEW TAB PAGES
2021-06-20 00:04:00       Slashdot
Earlier this year a new support page appeared at support.Mozilla.org describing sponsored shortcuts (or sponsored tiles), `an experimental feature currently being tested by a small percentage of Firefox users in a limited number of markets.` Mozilla works with advertising partners to place sponsored tiles on the Firefox default home page (or New Tab page) that would be useful to Firefox users. Mozilla is paid when users click on sponsored tiles.... [W]e only work with advertising partners that meet our privacy standards for Firefox. When you click on a sponsored tile, Firefox sends anonymized technical data to our partner through a Mozilla-owned proxy service. The code for this proxy service is available on GitHub for interested technical audiences. This data does not include any personally identifying information and is only shared when you click on a Sponsored shortcut.... You can disable a specific Sponsored tile... You can also disable Sponsored shortcuts altogether. Describing the as-yet-experimental feature, Engadget wrote a story headlined `Don`t freak out: Firefox is testing advertisements in new tabs.` These are just the tests, still mainly aimed at fresh installs of the Firefox web browser and always to beta users, before the rollout of sponsored tiles. It does sound like adverts are in the pipe, but it depends on the reaction to Mozilla`s initial tests. Mozilla`s Jonathan Nightingale says that, last time around, the reaction wasn`t as positive as his company hoped. `It didn`t go over well,` he states. Further, he insists that Firefox won`t become `a mess of logos sold to the highest bidder; without user control, without user benefit.` Long-time Slashdot reader angryargus says they spotted the feature when they noticed an Ebay advertisement, but appreciated the ability to opt out, and suggested the feature is `an annoying tradeoff off using a browser that`s not as directly funded by a search engine.`\n \n\n \n

REPORT FINDS PHONE NETWORK ENCRYPTION WAS DELIBERATELY WEAKENED
2021-06-17 16:06:00       Slashdot
A weakness in the algorithm used to encrypt cellphone data in the 1990s and 2000s allowed hackers to spy on some internet traffic, according to a new research paper. Motherboard: The paper has sent shockwaves through the encryption community because of what it implies: The researchers believe that the mathematical probability of the weakness being introduced on accident is extremely low. Thus, they speculate that a weakness was intentionally put into the algorithm. After the paper was published, the group that designed the algorithm confirmed this was the case. Researchers from several universities in Europe found that the encryption algorithm GEA-1, which was used in cellphones when the industry adopted GPRS standards in 2G networks, was intentionally designed to include a weakness that at least one cryptography expert sees as a backdoor. The researchers said they obtained two encryption algorithms, GEA-1 and GEA-2, which are proprietary and thus not public, `from a source.` They then analyzed them and realized they were vulnerable to attacks that allowed for decryption of all traffic. When trying to reverse-engineer the algorithm, the researchers wrote that (to simplify), they tried to design a similar encryption algorithm using a random number generator often used in cryptography and never came close to creating an encryption scheme as weak as the one actually used: `In a million tries we never even got close to such a weak instance,` they wrote. `This implies that the weakness in GEA-1 is unlikely to occur by chance, indicating that the security level of 40 bits is due to export regulations.` Researchers dubbed the attack `divide-and-conquer,` and said it was `rather straightforward.` In short, the attack allows someone who can intercept cellphone data traffic to recover the key used to encrypt the data and then decrypt all traffic. The weakness in GEA-1, the oldest algorithm developed in 1998, is that it provides only 40-bit security. That`s what allows an attacker to get the key and decrypt all traffic, according to the researchers.\n \n\n \n

FBI'S RECOVERY OF COLONIAL PIPELINE BITCOIN RANSOM HIGHLIGHTS HOW THE 'BAN CRYPTO TO STOP RANSOMWARE' CRIES WERE WRONG AGAIN
2021-06-16 16:47:00       TechDirt
\n Last month we highlighted what seemed like a fairly silly Wall Street Journal op-ed arguing that banning cryptocurrency was the best way to stop ransomware, in response (mainly) to the well publicized ransomware attack on Colonial Pipeline, which resulted in the company shutting down the flow of oil while it sorted things out. As we pointed out, not only was the idea of banning cryptocurrency unworkable, it was unlikely to do much to stop ransomware. Unfortunately, it appears that a number of other cryptocurrency haters jumped on this moment to push the idea even further , claiming that `society has a Bitcoin problem.` \n \n Of course, part of the key narrative in all of these pieces is that cryptocurrency and Bitcoin in particular, somehow make it easier for criminals to `get away` with these kinds of ransom demands, highlighting that it is somewhat easier to move around large values of Bitcoin than cash. However, as we noted in our original piece, the idea that cryptocurrency allows criminals to `get away` seemed extremely overblown, as we`ve seen plenty of cases where criminals using cryptocurrency were caught. And, as if to put an exclamation point on all of this, soon after the huge moral panic, the FBI announced that it had recovered over half of the money Colonial Pipeline had paid . \n \n And, as the FBI special agent`s affidavit showed , this was done in part by tracking how the money flowed across the public ledger. The NY Times ran an article noting that the FBI`s recovery of the money here `upends the idea that Bitcoin is untraceable.` A bunch of long time Bitcoin/cryptocurrency followers scoffed at the NY Times article, because they`ve long known that Bitcoin`s public ledger has always made it so that transactions are traceable. But it`s actually important for people not deeply in the Bitcoin space to understand this as well. And the problem with so many of the `ransomware is really a cryptocurrency problem` articles, was that they implied otherwise -- that cryptocurrency was somehow totally and completely untraceable. \n \n As the NY Times article explains, what`s important here is that it demonstrates that for all the hand wringing about cryptocurrencies and ransomware, the reality is that law enforcement is evolving with the times, and using the same kind of law enforcement detective work it`s supposed to use to solve crimes. \n \n Yet for the growing community of cryptocurrency enthusiasts and investors, the fact that federal investigators had tracked the ransom as it moved through at least 23 different electronic accounts belonging to DarkSide, the hacking collective, before accessing one account showed that law enforcement was growing along with the industry. \n \n Thats because the same properties that make cryptocurrencies attractive to cybercriminals the ability to transfer money instantaneously without a banks permission can be leveraged by law enforcement to track and seize criminals funds at the speed of the internet. \n \n That`s an important point and one that often gets lost in the FUD surrounding new technologies (such as encryption) that might make law enforcement`s job slightly more complex in the short run. But, at the same time, law enforcement needs to learn to adapt, not by undermining these technologies, but understanding how they work, and understanding how to do the actual legwork to trace those abusing the technology for criminal purposes. \n \n So rather than jumping to the conclusion that we need to ban this or that technology because it makes it slightly more challenging for law enforcement, this is actually an example showing how if law enforcement does their job properly, the technology is not the problem. \n

WINDOWS 11 SCREENSHOTS LEAK, SHOW NEW START MENU AND MORE
2021-06-15 13:00:00       Slashdot
Screenshots of Microsoft`s upcoming Windows 11 operating system have appeared online today. Originally published at Chinese site Baidu, the screenshots show off the new Windows 11 user interface and Start menu. The UI changes look very similar to what was originally found in Windows 10X before Microsoft canceled that project in favor of Windows 11. From a report: App icons are now centered on the taskbar, with a new Start button and menu. The Start menu is a simplified version of what currently exists in Windows 10, without Live Tiles. It includes pinned apps and the ability to quickly shut down or restart Windows 11 devices. The operating system is identified as Windows 11 Pro in screenshots, and we can confirm they are genuine. Microsoft has been dropping hints that it`s ready to launch Windows 11. The software giant is holding a special Windows event to reveal its next OS on June 24th. The event starts at 11AM ET, and the event invite includes a window that creates a shadow with an outline that looks like the number 11.\n \n\n \n

WINDOWS 10 TO BE RETIRED IN 2025, AS NEW OS UNVEILS
2021-06-15 07:42:12       BBC Technology News
From October 2025, there will be no new updates or security fixes for Windows 10.

MICROSOFT RAISES ALARM FOR NEW WINDOWS ZERO-DAY ATTACKS
2021-06-08 14:27:58       Security Week
\n Microsofts Patch Tuesday will take on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild. \n \n read more \n

WINDOWS 10 NOTIFIES USERS THEY SHOULD MAKE BING THEIR BROWSER`S DEFAULT SEARCH ENGINE
2021-06-06 17:41:00       Slashdot
Today ZDNet`s `Technically Incorrect` columnist Chris Matyszczyk discussed a new pop-up message that`s now appearing in Windows 10`s notification center. It`s warning Windows users that `Microsoft recommends different browser settings. Want to change them?` The notification adds that you`ll get `Search that gives you back time and money.` And `fast and secure search results with Bing.` Oh, yes. Bing, the MySpace to Google`s Facebook, is still being pushed. I learned that this Bing-pushing is pushing Windows users` buttons. There`s a little Reddit thread where you`ll see laments such as: `You`re not the first to have this Microsoft Annoyance. Apparently, there are thousands in front of you.` The most poignant, perhaps, was this: `Miserably I get this despite using Edge AND having Bing set as my default search engine... (the latter of which for Microsoft Rewards). I think the `problem` is that not ALL of my browsers had Bing as the default search engine? Which is ridiculous because I never use Chrome or Firefox anyway. But after clicking the popup, it ludicrously opened up all my browsers....` What`s most distressing is the lack of any attempt at charm or humor in these notifications. Are they all written by engineers? Or robots, perhaps...? Perhaps Microsoft believes that irritation works. Perhaps it simply has no better ideas to persuade anyone to try Bing. And really, it`s not as if Redmond is alone in pursuing this sort of communication. Why, I`ve even had Apple notifying me of its angry feelings whenever I open, oh, Microsoft Edge.\n \n\n \n

WHY IT`S A BIG DEAL THAT NO ONE CARES ABOUT THE NEXT VERSION OF WINDOWS
2021-06-05 18:34:00       Slashdot
The New York Times` `On Tech` newsletter observes that Microsoft releasing a new version of Windows is now `basically a nonevent.` `This shows technology has evolved from a succession of Big Bang moments to something so meshed into our lives that we often don`t notice it.` The last version of Windows as we knew it was arguably released in 2012. I was a reporter at The Wall Street Journal at the time, and my professional life that year was dominated by the unveiling of Windows 8 - including the anticipation, the strategy around it, and its eventual reception. But that was basically the end of an era. New releases of Windows since then have become progressively less major. A significant reason is that personal computers are no longer the center of our digital lives. A new iPhone model gets a lot of attention - although it shouldn`t get so much - but a refresher to Windows doesn`t. Still, the supremacy of smartphones is an insufficient explanation. Windows beginning around 2015 began to get regularly tweaked under the hood - just like Netflix, Facebook, and every app on your smartphone as well as the software that runs the phone itself. In other words, Windows just changes in dribs and drabs all of the time without most people noticing. Instead of waiting years to get a fresh computer, we`re effectively getting a new PC with every tweak. The new edition of Windows will remodel the look of the software and improve features like reordering apps. But because Microsoft incrementally revises Windows, new versions of the software matter less to most people. This shift for Windows was part of a remarkable transformation at Microsoft. The company`s obsession with Windows threatened to relegate Microsoft to tech irrelevancy. Then Microsoft hired a new chief executive in 2014, and suddenly Windows wasn`t the beating heart of the company anymore. That shows just how much institutions can change. But more than that, a Windows launch morphing from a big thing to something a professional tech writer didn`t see coming reflects what technology has become. It`s no longer strictly the shiny new object that comes out of a box every once in a while. Technology is all around us all the time, and it`s perfectly normal.\n \n\n \n

MICROSOFT TO UNVEIL NEW VERSION OF WINDOWS ON JUNE 24
2021-06-02 18:10:00       Slashdot
After teasing Windows 10`s next UI refresh last week, Microsoft confirmed Wednesday that `the next generation of Windows` will be announced on June 24. CNBC reports: Windows, the dominant operating system for personal computers, is the source of 14% of total revenue for Microsoft, one of the most valuable companies in the world. The company has pushed two updates each year to its Windows 10 operating system since it first became available in 2015. Nadella made the Windows remarks last week shortly after the company announced that it won`t ship Windows 10X. That operating system was initially designed for dual-screen devices such as the Surface Neo, which has been delayed. The company is working on an update to Windows with the code name Sun Valley, that includes a more modern look, with rounded corners coming to components such as the Start menu. Microsoft could ship a revamp of its Windows app store, which would allow developers to use third-party commerce systems, alongside the Sun Valley update. The event will be held online at 11 a.m. ET, according to an invitation the company sent to reporters. Nadella will be there, along with Panos Panay, Microsoft`s chief product officer, who has been the face of the company`s Surface devices, the invitation said.\n \n\n \n

FIREFOX 89 ARRIVES WITH CONTROVERSIAL PROTON INTERFACE
2021-06-02 10:41:29       Slashdot

Mozilla`s Firefox 89 releases to the general public today complete with the new Proton interface which simplifies the browser`s menus and alters the tabs bar beyond anything we`ve seen from previous Firefox releases or other web browsers. From a report: This update also improves macOS integration and includes further privacy enhancements. The first thing that people will notice in this update is the Proton interface, the browser chrome and toolbar have been simplified so that redundant and less frequently used features have been removed, menus have been altered so that the most used features are prominent and visual noise has been reduced.

Proton also updates prompts so they have a cleaner appearance and unnecessary alerts and messages have been removed. The attached tabs have also been supplanted by floating tabs; Mozilla says the rounded design of the active tab `signals the ability to easily move the tab as needed.` While almost everyone will support cleaner menus, the new tabs are drawing the ire of some who are not pleased with the radical departure from the traditional look and feel of tabs.


AMAZON DEVICES WILL SOON AUTOMATICALLY SHARE YOUR INTERNET WITH NEIGHBORS
2021-06-01 11:15:20       Slashdot
If you use Alexa, Echo, or any other Amazon device, you have just over a week to opt out of an experiment that leaves your personal privacy and security hanging in the balance. From a report: On June 8, the merchant, Web host, and entertainment behemoth will automatically enroll the devices in Amazon Sidewalk. The new wireless mesh service will share a small slice of your Internet bandwidth with nearby neighbors who don`t have connectivity and help you to their bandwidth when you don`t have a connection. By default, Amazon devices including Alexa, Echo, Ring, security cams, outdoor lights, motion sensors, and Tile trackers will enroll in the system. And since only a tiny fraction of people take the time to change default settings, that means millions of people will be co-opted into the program whether they know anything about it or not. The Amazon webpage linked above says Sidewalk `is currently only available in the US.` [...] Amazon has published a white paper detailing the technical underpinnings and service terms that it says will protect the privacy and security of this bold undertaking. To be fair, the paper is fairly comprehensive, and so far no one has pointed out specific flaws that undermine the encryption or other safeguards being put in place. But there are enough theoretical risks to give users pause.

MILLIONS CAN NOW RUN LINUX GUI APPS IN WINDOWS 10
2021-05-30 11:34:00       Slashdot
`You can now use GUI app support on Windows Subsystem for Linux (WSL),` Microsoft announced this week, `so that all the tools and workflows of Linux run on your developer machine.` Bleeping Computer has already tested it running Gnome`s file manager Nautilus, the open-source application monitor/task manager Stacer, the backup software Timeshift, and even the game Hedgewars. Though it`s currently available only to the millions who`ve registered for Windows 10 `Insider Preview` builds, it`s already drawing positive reviews. `With the Windows Subsystem for Linux, developers no longer need to dual-boot a Windows and Linux system,` argues the Windows Central site, `as you can now install all the Linux stuff a developer would need right on top of Windows instead.` Finally formally announced at this week`s annual Microsoft Build conference, the new functionality runs graphical Linux apps `seamlessly,` according to Tech Radar, calling the feature `highly anticipated.` Arguably, one of the biggest, and surely the most exciting update to the Windows 10 WSL, Microsoft has been working on WSLg for quite a while and in fact first demoed it at last year`s conference, before releasing the preview in April... Microsoft recommends running WSLg after enabling support for virtual GPU (vGPU) for WSL, in order to take advantage of 3D acceleration within the Linux apps.... WSLg also supports audio and microphone devices, which means the graphical Linux apps will also be able to record and play audio. Keeping in line with its developer slant, Microsoft also announced that since WSLg can now help Linux apps leverage the graphics hardware on the Windows machine, the subsystem can be used to efficiently run Linux AI and ML workloads... If WSLg developers are to be believed, the update is expected to be generally available alongside the upcoming release of Windows. Bleeping Computer explains that WSLg launches a `companion system distro` with Wayland, X, and Pulse Audio servers, calling its bundling with Windows 10 `an exciting development as it blurs the lines between Linux and Windows 10, and fans get the benefits of both worlds.`\n \n\n \n

MICROSOFT IS FINALLY RETIRING INTERNET EXPLORER IN 2022
2021-05-20 11:26:59       Slashdot

Microsoft is finally retiring Internet Explorer next year, after more than 25 years. The aging web browser has largely been unused by most consumers for years, but Microsoft is putting the final nail in the Internet Explorer coffin on June 15th, 2022, by retiring it in favor of Microsoft Edge. From a report: `We are announcing that the future of Internet Explorer on Windows 10 is in Microsoft Edge,` says Sean Lyndersay, a Microsoft Edge program manager. `The Internet Explorer 11 desktop application will be retired and go out of support on June 15, 2022, for certain versions of Windows 10.` While the Long-Term Servicing Channel (LTSC) of Windows 10 will still include Internet Explorer next year, all consumer versions will end support of the browser. Microsoft doesn`t make it clear (and we`re checking), but it`s likely that we`ll finally see the end of Internet Explorer being bundled in Windows either in June 2022 or soon after.

NOTE: This is significant news especially considering that IE is the only browser currently supporting the Java applet plugin.


WINDOWS DEFENDER BUG FILLS WINDOWS 10 BOOT DRIVE WITH THOUSANDS OF FILES
2021-05-06 11:11:53       Slashdot
A Windows Defender bug creates thousands of small files that waste gigabytes of storage space on Windows 10 hard drives. BleepingComputer reports: The bug started with Windows Defender antivirus engine 1.1.18100.5 and will cause the C:/ProgramData/Microsoft/Windows Defender/Scans/History/Store folder to be filled up with thousands of files with names that appear to be MD5 hashes. From a system seen by BleepingComputer, the created files range in size from 600 bytes to a little over 1KB. While the system we looked at only had approximately 1MB of files, other Windows 10 users report that their systems have been filled up with hundreds of thousands of files, which in one case, used up 30GB of storage space. On smaller SSD system drives (C:), this can be a considerable amount of storage space to waste on unnecessary files. According to Deskmodder, who first reported on this issue, the bug has now been fixed in the latest Windows Defender engine, version 1.1.18100.6.

TWO MORE WINDOWS 10 UPDATES WILL REMOVE ADOBE FLASH FOR GOOD
2021-05-05 10:22:02       Slashdot
Microsoft is preparing to issue two more Windows 10 updates in June and July that will eliminate unsupported Adobe Flash Player from Windows PCs for good. ZDNet reports: The update KB4577586 called `Update for Removal of Adobe Flash Player` has been available as an optional update since October and now looks set for a broader deployment. Flash Player officially reached end of life on December 31, 2020 as per an announcement by Adobe and major browser makers in 2017. `Starting in June 2021, the KB4577586 `Update for Removal of Adobe Flash Player` will be included in the Preview Update for Windows 10, version 1809 and above platforms. It will also be included in every subsequent Latest Cumulative Update,` Microsoft said. `As of July 2021, the KB4577586 `Update for Removal of Adobe Flash Player` will be included in the Latest Cumulative Update for Windows 10, versions 1607 and Windows 10, version 1507. The KB will also be included in the Monthly Rollup and the Security Only Update for Windows 8.1, Windows Server 2012, and Windows Embedded 8 Standard,` it added.

GOOGLE CHROME HIT IN ANOTHER MYSTERIOUS ZERO-DAY ATTACK
2021-04-21 09:57:51       Slashdot

Google late Tuesday shipped another urgent security patch for its dominant Chrome browser and warned that attackers are exploiting one of the zero-days in active attacks. This is the fourth in-the-wild Chrome zero-day discovered so far in 2021 and the continued absence of IOC data or any meaningful information about the attacks continue to raise eyebrows among security experts.

The newest Chrome update -- 90.0.4430.85 -- is available for Windows, Mac and Linux users and is being rolled out via the browser`s automatic update mechanism. The vulnerability being exploited is identified as CVE-2021-21224 and simply described as a `type confusion` in the V8 Chrome rendering engine. Google credited the Jose Martinez (tr0y4) from VerSprite Inc. for reporting the vulnerability. `Google is aware of reports that exploits for CVE-2021-21224 exist in the wild,` the company said, with no additional details.


CRITICAL ZOOM VULNERABILITY TRIGGERS REMOTE CODE EXECUTION WITHOUT USER INPUT
2021-04-09 17:25:00       Slashdot
An anonymous reader quotes a report from ZDNet: A zero-day vulnerability in Zoom which can be used to launch remote code execution (RCE) attacks has been disclosed by researchers. The researchers from Computest demonstrated a three-bug attack chain that caused an RCE on a target machine, and all without any form of user interaction. As Zoom has not yet had time to patch the critical security issue, the specific technical details of the vulnerability are being kept under wraps. However, an animation of the attack in action demonstrates how an attacker was able to open the calculator program of a machine running Zoom following its exploit. As noted by Malwarebytes, the attack works on both Windows and Mac versions of Zoom, but it has not -- yet -- been tested on iOS or Android. The browser version of the videoconferencing software is not impacted. Computest researchers Daan Keuper and Thijs Alkemade earned themselves $200,000 for this Zoom discovery, as it was part of the Pwn2Own contest. In a statement to Tom`s Guide, Zoom thanked the Computest researchers and said the company was `working to mitigate this issue with respect to Zoom Chat.` In-session Zoom Meetings and Zoom Video Webinars are not affected. `The attack must also originate from an accepted external contact or be a part of the target`s same organizational account,` Zoom added. `As a best practice, Zoom recommends that all users only accept contact requests from individuals they know and trust.`\n \n\n \n

VERIZON RECALLS 2.5 MILLION HOTSPOT DEVICES DUE TO FIRE HAZARD
2021-04-08 21:25:00       Slashdot
Verizon is recalling 2.5 million hotspot devices after discovering that the lithium ion battery can overheat, creating a fire and burning hazard. CNBC reports: The recall impacts Ellipsis Jetpack mobile hotspots imported by Franklin Wireless Corp and sold between April 2017 and March 2021. The affected models are labeled: MHS900L, MHS900LS and MHS900LPP. Verizon disclosed the recall Thursday alongside a notice from the U.S. Consumer Product Safety Commission (CPSC). A Verizon spokesperson said just over 1 million of the recalled devices are currently in use, meaning currently or recently used by customers. According to the recall notice posted by the CPSC, Verizon had received 15 reports of the hotspots overheating. Six of those reports included incidents of fire damage to bedding or flooring and two involved minor burn injuries. Some of the hotspots were supplied to students by their schools to continue remote learning, according to the recall notice. Parents who received hotspots from their children`s schools are advised to contact the schools about receiving a replacement. Other customers can request a replacement by going to ellipsisjetpackrecall.expertinquiry.com or calling 855-205-2627.\n \n\n \n

ATTACKS LEVERAGING MICROSOFT EXCHANGE VULNERABILITIES `HAVE ESCALATED`, DOUBLING EVERY THREE HOURS
2021-03-14 14:16:17       Slashdot
Attacks that leverage Microsoft Exchange vulnerabilities `have escalated,` warns CNN. They cite a senior White House official saying the window for updating exposed servers is incredibly short -- `measured in hours, not days.` On Thursday, Microsoft and security researchers warned that the vulnerabilities are now being combined with another potent cybersecurity threat: ransomware, which locks up a computer or a network`s files and holds them hostage until the victim pays a fee. `We have detected and are now blocking a new family of ransomware being used after an initial compromise of unpatched on-premises Exchange Servers,` Microsoft said in a tweet. Security experts at Palo Alto Networks estimated Thursday that at least 20,000 US-based Exchange servers remain unpatched and vulnerable to exploitation, and as many as 80,000 around the globe. Other security researchers say the pace of attacks against Exchange servers is rising as opportunistic hackers seek to take advantage of the opening found by Hafnium, the group Microsoft has said is responsible for the original breaches and is `assessed to be state-sponsored and operating out of China.` The number of attempted attacks against organizations has been doubling every two to three hours, according to Check Point Research, which monitors the internet for malicious activity.

MICROSOFT CRITICIZED FOR REMOVING EXCHANGE EXPLOIT FROM GITHUB
2021-03-14 14:15:51       Slashdot
`Microsoft-owned GitHub has removed a proof-of-concept (PoC) exploit for critical ProxyLogon bugs in Microsoft Exchange, causing a backlash from security researchers,` reports Inside.com`s Developer newsletter: The exploit has recently led to infections of as many as 100,000 servers. Microsoft rushed out patches last week for the vulnerabilities in response to a number of Chinese groups exploiting the bugs. `This is huge, removing a security researcher`s code from GitHub against their own product and which has already been patched. This is not good,` Dave Kennedy, founder of TrustedSec, tweeted. `It`s unfortunate that there`s no way to share research and tools with professionals without also sharing them with attackers, but many people (like me) believe the benefits outweigh the risks,` tweeted Tavis Ormandy, a member of Google`s Project Zero.

MICROSOFT IS ENDING SUPPORT FOR THE OLD NON-CHROMIUM EDGE
2021-03-11 10:32:31       Slashdot
Support for Microsoft`s original Edge browser is ending today. Legacy Edge, as it is now called, will no longer receive security updates, and anyone still using it should start the process of switching to something else. The Verge reports: Legacy Edge was originally codenamed `Spartan` and was included with Windows 10 as the operating system`s default web browser before it was officially named Edge. The Edge mantle is being taken up by Microsoft`s Chromium-based browser, which was in beta throughout 2019 and officially launched in January 2020. This means Edge (the old Edge, that is) survived just over a year alongside its replacement. Microsoft also says Legacy Edge will automatically be removed by the April Windows 10 update, with the new Edge being installed in its stead.

US ISSUES WARNING AFTER MICROSOFT SAYS CHINA HACKED ITS MAIL SERVER PROGRAM
2021-03-04 10:29:57       Slashdot

An anonymous reader quotes a report from NBC News:

The U.S. has issued an emergency warning after Microsoft said it caught China hacking into its mail and calendar server program, called Exchange. The perpetrator, Microsoft said in a blog post, is a hacker group that the company has `high confidence` is working for the Chinese government and primarily spies on American targets. The latest software update for Exchange blocks the hackers, prompting the U.S. Cybersecurity and Infrastructure Security Agency to issue a rare emergency directive that requires all government networks do so.

CISA, the U.S.`s primary defensive cybersecurity agency, rarely exercises its authority to demand the entire U.S. government take protective steps to protect its cybersecurity. The move was necessary, the agency announced, because the Exchange hackers are able `to gain persistent system access.` All government agencies have until noon Friday to download the latest software update. In a separate blog post, Microsoft Vice President Tom Burt wrote that the hackers have recently spied on a wide range of American targets, including disease researchers, law firms and defense contractors. There was no immediate indication that the hack led to significant exploitation of U.S. government computer networks. But the announcement marks the second instance in recent months that the U.S. scrambled to address a widespread hacking campaign believed be the work of foreign government spies.


MICROSOFT STARTS REMOVING FLASH FROM WINDOWS DEVICES
2021-02-18 10:33:15       Slashdot
Microsoft has begun deploying this week KB4577586, a Windows update that permanently removes the Adobe Flash Player software from Windows devices.

From a report: The update was formally announced last year at the end of October when Microsoft and other browser makers were preparing for the impending Flash end-of-life, scheduled for the end of 2020. According to a support document published at the time, the update was initially supposed to be optional. System administrators who wanted to remove Flash before the EOL date could access the Microsoft Update Catalog, download the KB4577586 packages, and remove Flash to avoid any security-related issues. But this week, multiple Windows 10 users reported that Microsoft is now forcibly installing KB4577586 on their devices and removing Flash support from the OS.

While users might think this would cause issues for some enterprises, it actually does not. Last year, Adobe introduced a time bomb in the Flash Player code that prevents the Flash Player app from playing content after January 12.


NSA WARNS AGAINST USING DOH INSIDE ENTERPRISE NETWORKS
2021-01-16 11:22:45       Slashdot

The US National Security Agency has published this week a guide on the benefits and risks of encrypted DNS protocols, such as DNS-over-HTTPS (DoH), which have become widely used over the past two years. From a report: The US cybersecurity agency warns that while technologies like DoH can encrypt and hide user DNS queries from network observers, they also have downsides when used inside corporate networks.

`DoH is not a panacea,` the NSA said in a security advisory [PDF] published today, claiming that the use of the protocol gives companies a false sense of security, echoing many of the arguments presented in a ZDNet feature on DoH in October 2019. The NSA said that DoH does not fully prevent threat actors from seeing a user`s traffic and that when deployed inside networks, it can be used to bypass many security tools that rely on sniffing classic (plaintext) DNS traffic to detect threats. Furthermore, the NSA argues that many of today`s DoH-capable DNS resolver servers are also externally hosted, outside of the company`s control and ability to audit.


MICROSOFT REMINDS ORGANIZATIONS OF UPCOMING PHASE IN PATCHING ZEROLOGON VULNERABILITY
2021-01-16 11:22:00       Security Week
Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability.

ADOBE FLASH IS OFFICIALLY DEAD AFTER 25 YEARS WITH CONTENT BLOCKED STARTING TODAY
2021-01-13 11:33:27       Slashdot

When a user attempts to load a Flash game or content in a browser such as Chrome, the content now fails to load and instead displays a small banner that leads to the Flash end-of-life page on Adobe`s website. While this day has long been coming, with many browsers disabling Flash by default years ago, it is officially the end of a 25-year era for Flash, first introduced by Macromedia in 1996 and acquired by Adobe in 2005.

Mac Rumors reports: `Since Adobe will no longer be supporting Flash Player after December 31, 2020 and Adobe will block Flash content from running in Flash Player beginning January 12, 2021, Adobe strongly recommends all users immediately uninstall Flash Player to help protect their systems,` the page reads.

Adobe has instructions for uninstalling Flash on Mac, but note that Apple removed support for Flash outright in Safari 14 last year. Adobe first announced its plans to discontinue Flash in 2017. `Open standards such as HTML5, WebGL, and WebAssembly have continually matured over the years and serve as viable alternatives for Flash content,` the company explained.

Adobe does not intend to issue Flash Player updates or security patches any longer, so it is recommended that users uninstall the plugin.


FIREFOX TO BLOCK BACKSPACE KEY FROM WORKING AS `BACK` BUTTON
2021-01-13 11:31:26       Slashdot
Mozilla developers plan to remove support for using the Backspace key as a Back button inside Firefox. From a report: The change is currently active in the Firefox Nightly version and is expected to go live in Firefox 86, scheduled to be released next month, in late February 2021. The removal of the Backspace key as a navigational element didn`t come out of the blue. It was first proposed back in July 2014, in a bug report opened on Mozilla`s bug tracker. At the time, Mozilla engineers argued that many users who press the Backspace key don`t always mean to navigate to the previous page (the equivalent of pressing the Back button).

MICROSOFT PATCH TUESDAY: 83 VULNERABILITIES, 10 CRITICAL, 1 ACTIVELY EXPLOITED
2021-01-12 13:59:23       Security Week
\n Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a `critical` bug in the Defender security product that`s being actively exploited. \n \n read more \n

ADOBE NOW SHOWS ALERTS IN WINDOWS 10 TO UNINSTALL FLASH PLAYER
2021-01-05 10:57:30       Slashdot
With the Flash Player officially reaching the end of life tomorrow, Adobe has started to display alerts on Windows computers recommending that users uninstall Flash Player. From a report: When Flash Player is installed, it creates a scheduled task named `Adobe Flash Player PPAPI Notifier` that executes the following command: `C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_465_pepper.exe` -update pepperplugin. When this command is executed, it is now displaying an alert thanking users for using Adobe Flash Player and then recommending that they uninstall the program due to its looming end of life. Further reading: Adobe Flash is about to die, but classic Flash games will live on.

ADOBE RELEASES THE LAST FLASH UPDATE EVER
2021-01-05 10:48:51       Slashdot
Adobe has released the final scheduled update to its Flash Player plugin, weeks before Flash`s official retirement. The Verge reports: As noted on Adobe`s site, yesterday marked the last update for Flash outside mainland China, which has a separate version of the software. Adobe will stop supporting Flash on December 31st, 2020, and it will block Flash content from running on January 12th, 2021. Adobe offered a brief farewell in its release notes. `We want to take a moment to thank all of our customers and developers who have used and created amazing Flash Player content over the last two decades,` the note says. `We are proud that Flash had a crucial role in evolving web content across animation, interactivity, audio, and video. We are excited to help lead the next era of digital experiences.`

MICROSOFT EXPOSES ADROZEK, MALWARE THAT HIJACKS CHROME, EDGE, AND FIREFOX
2021-01-05 10:48:34       Slashdot
Microsoft has raised the alarm today about a new malware strain that infects users` devices and then proceeds to modify browsers and their settings in order to inject ads into search results pages. From a report: Named Adrozek, the malware has been active since at least May 2020 and reached its absolute peak in August this year when it controlled more than 30,000 browsers each day. But in a report today, the Microsoft 365 Defender Research Team believes the number of infected users is much, much higher. Microsoft researchers said that between May and September 2020, they observed `hundreds of thousands` of Adrozek detections all over the globe. Based on internal telemetry, the highest concentration of victims appears to be located in Europe, followed by South and Southeast Asia. Microsoft says that, currently, the malware is distributed via classic drive-by download schemes. Users are typically redirected from legitimate sites to shady domains where they are tricked into installing malicious software. The boobytrapped software installs the Androzek malware, which then proceeds to obtain reboot persistence with the help of a registry key.

MICROSOFT WILL START FORCE UPGRADING WINDOWS 10 FOR SOME USERS
2021-01-05 10:48:19       Slashdot
Ammalgam shares a report from The Redmond Cloud: Starting this month, Microsoft will begin forcing some users to upgrade to Windows 10 version 1909 or version 2004 if they don`t update their PC manually. This is coming after Microsoft announced that it`s ending support for Windows 10 version 1903, including Windows 10 Home and Windows 10 Pro. If you`re on Windows 10 version 1903, you`ll be force upgraded to version 1909 later this month. If you`re on Windows 10 version 1909, you`ll be forcefully upgraded to Windows 10 version 2004 (May 2020 Update) by the spring of next year. If you`re still using last year`s Windows 10 versions, it`s better to attempt the upgrade manually. [...] The process is expected to start this week and expand over the course of the next month before Windows 10 version 21H1 update is ready for production channels.

MICROSOFT PLANNING `SWEEPING VISUAL REJUVENATION OF WINDOWS`
2021-01-05 10:48:09       Slashdot
Microsoft is planning a `sweeping visual rejuvenation of Windows` that is designed to signal to users of the operating system that `Windows is BACK.` From a report: That`s according to a job listing posted by Microsoft recently, advertising for a software engineering role in the Windows Core User Experiences team: `On this team, you`ll work with our key platform, Surface, and OEM partners to orchestrate and deliver a sweeping visual rejuvenation of Windows experiences to signal to our customers that Windows is BACK and ensure that Windows is considered the best user OS experience for customers.` Microsoft quietly removed references to this `sweeping visual rejuvenation` this morning, after several Windows enthusiasts spotted the job listing over the weekend.

DEFEATING TRUMP, JOE BIDEN DECLARED WINNER OF US PRESIDENTIAL ELECTIONS
2020-11-07 15:52:50       Slashdot
`BIDEN WINS` declares the all-caps headline at CNN.com.

And the headline at NBC News reads `JOE BIDEN DEFEATS DONALD TRUMP TO WIN THE WHITE HOUSE, NBC NEWS PROJECTS.`

NBC News reports: Joe Biden became president-elect Saturday after winning the pivotal state of Pennsylvania, NBC News projected.

The former vice president amassed 273 Electoral College votes after winning Pennsylvania`s 20 electors, according to NBC News, surpassing the 270 needed to win the White House and defeat President Donald Trump.

Biden`s victory capped one of the longest and most tumultuous campaigns in modern history, in which he maintained an aggressive focus on Trump`s widely criticized handling of the Covid-19 pandemic. A majority of voters said rising coronavirus cases were a significant factor in their vote, according to early results from the NBC News Exit Poll of early and Election Day voters.

Biden regularly criticized Trump as unfit for office and positioned his campaign as a `battle for the soul of America.` He promised from the outset of his run to heal and unite the country if he won, and made central to his closing message a pledge to represent both those who voted for him as well as those who didn`t when he got to the White House.

As president, Biden will immediately be confronted with a bitterly divided nation in the throes of a pandemic that has already killed 236,000 Americans.


GOOGLE DISCLOSES WINDOWS ZERO-DAY EXPLOITED IN THE WILD
2020-10-31 10:57:22       Slashdot

This issue will not be addressed for at least 10 days. If you are running Chrome on Windows, consider switching to Firefox for the next couple of weeks at least.

------------8<--------------

Security researchers from Google have disclosed today a zero-day vulnerability in the Windows operating system that is currently under active exploitation. From a report:

The zero-day is expected to be patched on November 10, which is the date of Microsoft`s next Patch Tuesday, according to Ben Hawkes, team lead for Project Zero, Google`s elite vulnerability research team. On Twitter, Hawkes said the Windows zero-day (tracked as CVE-2020-17087) was used as part of a two-punch attack, together with another a Chrome zero-day (tracked as CVE-2020-15999) that his team disclosed last week. The Chrome zero-day was used to allow attackers to run malicious code inside Chrome, while the Windows zero-day was the second part of this attack, allowing threat actors to escape Chrome`s secure container and run code on the underlying operating system -- in what security experts call a sandbox escape.


NEW WINDOWS 10 UPDATE PERMANENTLY REMOVES ADOBE FLASH
2020-10-29 14:55:00       Slashdot

Microsoft has released a Windows update that removes Adobe`s Flash Player before it reaches end of support on December 31, 2020. ZDNet reports:

Update KB4577586 is part of Microsoft`s effort to follow through with plans it announced along with Adobe, Apple, Facebook, Google, and Mozilla in 2017 to end support for Flash by December 2020. The Flash-removing update is available for all supported versions of Windows 10 and Windows Server, as well as Windows 8.1.

This new update removes Flash Player from Windows devices and cannot be uninstalled, Microsoft says in a new support note. However, it isn`t rolling out via Windows Server Update Service (WSUS) just yet, and the update needs to be downloaded and installed from the Microsoft Update Catalog. It will become available to WSUS in early 2021, but admins can import it to WSUS manually today. Microsoft is releasing the Flash-removing update ahead of the end of support so that enterprise customers can test the impact on business applications when Flash is removed from a Windows PC or server. But the company says it will continue to deliver Flash security updates until support ends.

Microsoft has also detailed two methods that users and admins can follow to continue using Flash Player after the update is installed. Users can reset a device to an earlier system restore point. However, users need to explicitly enable this feature and a system restore point must have been created on the Windows device before the update is applied. The other option is to reinstall Windows without applying the update.


MICROSOFT WILL FORCIBLY STOP LOADING SOME URLS IN INTERNET EXPLORER TO MOVE USERS TO EDGE
2020-10-26 10:43:00       Slashdot
Big changes are coming to Internet Explorer. Starting next month, users trying to access certain websites will see IE refuse to load the URL and automatically open the site in Edge instead. From a report: This forced IE-to-Edge behavior is part of Microsoft`s Internet Explorer deprecation plans. Microsoft has been gradually rolling out the feature for testing purposes for some Windows users since the release of Edge 84 this summer. However, with the release of Edge 87, scheduled for next month, Microsoft plans to enable the forced IE-to-Edge action for all IE users.\n \n\n \n

GOOGLE PATCHED AN ACTIVELY-EXPLOITED ZERO-DAY BUG IN CHROME
2020-10-25 01:34:00       Slashdot
`Google released an update to its Chrome browser that patches a zero-day vulnerability in the software`s FreeType font rendering library that was actively being exploited in the wild, Threatpost reported this week: Security researcher Sergei Glazunov of Google Project Zero discovered the bug which is classified as a type of memory-corruption flaw called a heap buffer overflow in FreeType. Glazunov informed Google of the vulnerability on Monday. Project Zero is an internal security team at the company aimed at finding zero-day vulnerabilities. By Tuesday, Google already had released a stable channel update, Chrome version 86.0.4240.111, that deploys five security fixes for Windows, Mac and amp; Linux - among them a fix for the zero-day, which is being tracked as CVE-2020-15999 and is rated as high risk. `Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild,` Prudhvikumar Bommana of the Google Chrome team wrote in a blog post announcing the update Tuesday... `The fix is also in today`s stable release of FreeType 2.10.4,` Ben Hawkes, technical lead for the Project Zero team, tweeted. Meanwhile, security researchers took to Twitter to encourage people to update their Chrome browsers immediately to avoid falling victim to attackers aiming to exploit the flaw... In addition to the FreeType zero day, Google patched four other bugs - three of high risk and one of medium risk - in the Chrome update released this week... So far in the last 12 months Google has patched three zero-day vulnerabilities in its Chrome browser.\n \n\n \n

CHROME CAUGHT EXEMPTING GOOGLE SITES FROM USER REQUESTS TO DELETE DATA
2020-10-24 23:34:00       Slashdot
This week the Verge reported: If you ask Chrome to delete all cookies and site data whenever you quit the browser, it`s reasonable to expect that this policy applies to all websites. Recently, though, a bug in the browser meant data wasn`t being removed for two sites in particular: Google and YouTube. This problem was first documented by iOS developer Jeff Johnson on his blog. Johnson found that in Chrome version 86.0.4240.75, `local storage` data for Google.com and YouTube.com stuck around even after restarting the browser. We`ve been able to replicate similar behavior... The Register notes that Chrome`s behavior could allow Google to stash cookie-style data as site data, allowing it to track users even when they think they`re being careful by deleting their cookie and site data every time they close the browser. In a statement, Google said it was aware of the issue and was working on a fix... At least one of the affected sites, YouTube, appears to have already been fixed. After we upgraded the Chrome browser to version 86.0.4240.111, YouTube`s local storage data seems to successfully purge after a restart, although the data from Google.com still sticks around.\n \n\n \n

FIREFOX `SITE ISOLATION` FEATURE ENTERS USER TESTING, EXPECTED NEXT YEAR
2020-10-22 14:07:00       Slashdot
An anonymous reader shares a report: Site Isolation is a modern browser security feature that works by separating each web page and web iframes in their own operating system process in order to prevent sites from tampering or stealing with each other`s data. The feature was first deployed with Google Chrome in mid-2018, with the release of Chrome 67. Although initially, Site Isolation was meant to be deployed as a general improvement to Chrome`s security posture, the feature came just in time to serve as a protective measure against the Spectre vulnerability impacting modern CPUs. Seeing the feature`s success, Mozilla also announced plans to support it with the Firefox browser in February 2019, as part of an internal project codenamed Fission. For both Google and Mozilla, implementing Site Isolation was a time-consuming operation, requiring engineers to re-write large chunks of their browsers` internal architecture. The process took about two years for both Google and Mozilla. While Site Isolation is now a stable feature inside Chrome, this work is now nearing its completion inside Firefox. According to an update to the Project Fission wiki page, Site Isolation can now be enabled inside versions of Firefox Nightly, the Firefox version where new features are tested.\n \n\n \n

MICROSOFT FORCES WINDOWS 10 RESTARTS -- TO INSTALL `UNSOLICITED, UNWANTED` OFFICE APPS
2020-10-19 03:34:00       Slashdot
The Verge`s senior news editor complains that without permission, Windows 10 restarted to install `unsolicited, unwanted web app versions of Word, PowerPoint, Excel and Outlook onto my computer.` OK, it`s not as bad as when my entire computer screen got taken over by an unwanted copy of Microsoft Edge. That was truly egregious. No, this time Microsoft is merely sneaking unwanted web apps onto my PC - and using my Windows 10 Start Menu as free advertising space. Did I mention that icons for Microsoft Office apps have magically appeared in my Start Menu, even though I`ve never once installed Office on this computer? These aren`t full free copies of Office, by the way. They`re just shortcuts to the web version you could already access in any web browser of your choice, which double as advertisements to pay for a more fully featured copy... They`re the latest proof that Microsoft doesn`t respect your ownership of your own PC, the latest example of Microsoft installing anything it likes in a Windows update up to and including bloatware, and the latest example of Microsoft caring more about the bottom line than whether a few people might lose their work when Windows suddenly shuts down their PC. Luckily, I didn`t lose any work today, but a friend of mine recently did... Microsoft seems to think our computers are free advertising space, a place where it can selfishly promote its other products - even though they were told roundly in the `90s that even bundling a web browser was not OK. Now, they`re bundling a browser you can`t uninstall, and a set of PWA web apps that launch in that same browser. (Yes, they fire up Edge even if you`ve set a different browser as default.)\n \n\n \n

NORTHERN VIRGINIA SCHOOL SYSTEM HACKED, DATA HELD FOR RANSOM
2020-09-14 15:04:20       Security Week
Virginia`s Fairfax County School System has been hacked and the attackers are seeking a ransom payment to keep them from disclosing stolen personal information.

IS THE US ABOUT TO SPLIT THE INTERNET?
2020-08-27 11:36:56       Slashdot

The BBC reports: U.S. Secretary of State Mike Pompeo says he wants a `clean` internet. What he means by that is he wants to remove Chinese influence, and Chinese companies, from the internet in the U.S. But critics believe this will bolster a worrying movement towards the breaking up of the global internet. The so called `splinternet` is generally used when talking about China, and more recently Russia. The idea is that there`s nothing inherent or pre-ordained about the internet being global.

For governments that want to control what people see on the internet, it makes sense to take ownership of it. The Great Firewall of China is the best example of a nation putting up the internet equivalent of a wall around itself. You won`t find a Google search engine or Facebook in China. What people didn`t expect was that the U.S. might follow China`s lead. They`re reacting to U.S. president Trump`s executive order to block all transactions with TikTok`s parent company (starting September 20) to `address the national emergency with respect to the information and communication technology supply chain.`

An opinion piece in the New York Times calls the move a `foolish and dangerous edict` that`s `deeply misguided and unproductive` which suggests that `the United States, like China, no longer believes in a global internet.`

In the BBC`s article Alan Woodward, a security expert at the University of Surrey, calls the U.S. decision `shocking.` `The U.S. government has for a long time criticised other countries for controlling access to the internet and now we see the Americans doing the same thing.


MILLIONS OF ANDROID PHONES AT RISK DUE TO `ACHILLES` FLAW IN QUALCOMM CHIPS
2020-08-27 11:34:14       Slashdot

`Researchers have found that Qualcomm`s Snapdragon chip, one of the most widely used in Android phones, has hundreds of bits of vulnerable code that leaves millions of Android users at risk,` reports Gizmodo: To back up a bit, Qualcomm is a major chip supplier to several well-known tech companies.

In 2019, its Snapdragon series of processors could be found on nearly 40% of all Android smartphones, including high-profile flagship phones from Google, Samsung, Xiaomi, LG, and OnePlus.

Researchers from Check Point, a cybersecurity firm, found the digital signal processor (DSP) in Qualcomm Snapdragon chips had over 400 pieces of vulnerable code. The vulnerabilities, altogether dubbed `Achilles,` can impact phones in three major ways. Attackers would only have to convince someone to install a seemingly benign app that bypasses usual security measures. Once that`s done, an attacker could turn the affected phone into a spying tool. They`d be able to access a phone`s photos, videos, GPS, and location data. Hackers could potentially also record calls and turn on the phone`s microphones without the owner ever knowing.

Alternatively, an attacker could choose to render the smartphone completely unusable by locking all the data stored on it in what researchers described as a `targeted denial-of-service attack.` Lastly, bad actors could also exploit the vulnerabilities to hide malware in a way that would be unknown to the victim, and unremovable.

Part of why so many vulnerabilities were found is that the DSP is a sort of `black box.` It`s difficult for anyone other than the manufacturer of the DSP to review what makes them work...

The article notes that Qualcomm has no evidence of the vulnerability being exploited in the wild, adding that the company has `reportedly since fixed the issue.` But they also note that it`s still up to individual phone makers to push out the relavant security paches, `which could take some time.


MICROSOFT WILL BID FAREWELL TO INTERNET EXPLORER AND LEGACY EDGE IN 2021
2020-08-18 10:14:24       Slashdot

Microsoft will end support for Internet Explorer 11 across its Microsoft 365 apps and services next year.

The Verge reports: In exactly a year, on August 17th, 2021, Internet Explorer 11 will no longer be supported for Microsoft`s online services like Office 365, OneDrive, Outlook, and more. Microsoft is also ending support for Internet Explorer 11 with the Microsoft Teams web app later this year, with support ending on November 30th. While it`s still going to take some time to pry enterprise users of Internet Explorer 11 away, Microsoft is hoping that the new Internet Explorer legacy mode in the Chromium-based Microsoft Edge browser will help. It will continue to let businesses access old sites that were specifically built for Internet Explorer, until Microsoft fully drops support for Internet Explorer 11 within Windows 10. Microsoft`s move to stop supporting Internet Explorer 11 with its main web properties is a good first step, though.

Alongside the support changes, Microsoft is also planning to drop support for its existing legacy version of Microsoft Edge on March 9th, 2021. After the end of support date, the legacy version of Edge will no longer receive security updates. Microsoft has been moving existing Windows 10 users over to new its Chromium-based Edge browser, and the company says new devices and future Windows feature updates will all include the new Edge browser.


WINDOWS 10: HOSTS FILE BLOCKING TELEMETRY IS NOW FLAGGED AS A RISK
2020-08-04 10:03:00       Slashdot
AmiMoJo writes: Starting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a `Severe` security risk. Windows 10 users are reporting that Windows Defender had started detectingmodified HOSTS files as a `SettingsModifier:Win32/HostsFileHijack` threat. So it seems that Microsoft had recently updated their Microsoft Defender definitions to detect when their servers were added to the HOSTS file. Users who utilize HOSTS files to block Windows 10 telemetry suddenly caused them to see the HOSTS file hijack detection. Users who intentionally modify their HOSTS file can allow this `threat,` but it may enable all HOSTS modifications, even malicious ones, going forward.\n \n\n \n

RED HAT SECURITY UPDATE RENDERS SYSTEMS UNBOOTABLE
2020-07-31 11:20:00       Slashdot
PAjamian writes: A recently released Red Hat update for the BootHole Vulnerability (firehose link) is causing systems to become unbootable. It is widely reported that updates to the shim, grub2 and kernel packages in RHEL and CentOS 7 and 8 are leaving various systems that use secure boot unbootable. Current recommendations are to avoid updating your system until the issue is resolved, or at least avoid updating the shim, grub2 and kernel packages. Update, shared by PAjamian: Red Hat is now recommending that users do not apply grub2, fwupd, fwupdate or shim updates until new packages are available.\n \n\n \n

MICROSOFT TO REMOVE ALL SHA-1 WINDOWS DOWNLOADS NEXT WEEK
2020-07-30 14:04:00       Slashdot
Microsoft announced this week plans to remove all Windows-related file downloads from the Microsoft Download Center that are cryptographically signed with the Secure Hash Algorithm 1 (SHA-1). From a report: The files will be removed next Monday, on August 3, the company said on Tuesday. The OS maker cited the security of the SHA-1 algorithm for the move. `SHA-1 is a legacy cryptographic hash that many in the security community believe is no longer secure. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks,` it said. Most software companies have recently begun abandoning the SHA-1 algorithm after a team of academics broke the SHA-1 hashing function at a theoretical level in February 2016.\n \n\n \n

ADOBE FLASH PLAYER END OF LIFE
2020-06-24 13:36:40      
Adobe will stop distributing and updating Flash Player after December 31, 2020 with three years advance notice, we believed that would allow sufficient time for developers, designers, businesses, and other parties to migrate existing Flash content as needed to new, open standards Adobe will be removing Flash Player download pages from its site and Flash-based content will be blocked from running in Adobe Flash Player after the EOL Date.

ETERNAL DARKNESS FLAW IN WINDOWS 10
2020-06-10 10:58:03      

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that hackers are actively exploiting a previously patched flaw in Windows 10 that goes by multiple names, among them Eternal Darkness and SMBGhost. Both sound ominous, and for good reason. If left unpatched, an attacker could gain unauthorized remote access to a target system and wreak havoc.

Even though this was patched in March, a user on Twitter recently posted a proof-of-concept exploit to GitHub that allows an attacker to execute malicious code remotely, along with a video showcasing the exploit. This code has been used in the wild to attack Windows 10 PCs that have not been patched recently.


BEWARE OF EMAILS IMPERSONATING `MICROSOFT TEAMS` NOTIFICATIONS
2020-05-04 11:37:44       Slashdot

Researchers at the email security company Abnormal Security have discovered `a multi-prong Microsoft Teams impersonation attack` involving `convincingly-crafted emails impersonating the automated notification emails from Microsoft Teams,` reports Forbes:

The aim, simply to steal employee Microsoft Office 365 login credentials. To date, the researchers report that as many as 50,000 users have been subject to this attack as of May 1.

This is far from your average phishing scam, however, and comes at precisely the right time to fool already stressed and somewhat disoriented workers. Instead of the far more commonly used `sort of look-alike` alerts and notifications employed by less careful cybercriminals, this new campaign is very professional in approach. `The landing pages that host both attacks look identical to the real webpages, and the imagery used is copied from actual notifications and emails from this provider,` the researchers said. The attackers are also using newly-registered domains that are designed to fool recipients into thinking the notifications are from an official source...

As far as the credential-stealing payload is concerned, this is delivered in an equally meticulous way. With multiple URL redirects employed by the attackers, concealing the real hosting URLs, and so aiming to bypass email protection systems, the cybercriminals will eventually drive the user to the cloned Microsoft Office 365 login page.


HACKERS UPDATE AGE-OLD EXCEL 4.0 MACRO ATTACK
2020-04-20 13:28:56       Threatpost

XLS files sent via emails appear password protected but arent, opening automatically to install malware from compromised macros, according to researchers.

Beware of XLS files sent from unknown sources or unexpectantly from know ones.

When in doubt, confirm with the sender via phone, email or other means.


SERIOUS VULNERABILITIES PATCHED IN CHROME, FIREFOX
2020-04-09 17:01:43       Security Week
Both Google and Mozilla released new versions of their browsers this week, addressing a variety of high-severity vulnerabilities, some of which could lead to remote code execution.

U.S. GOVERNMENT: UPDATE CHROME 80 NOW, MULTIPLE SECURITY CONCERNS CONFIRMED
2020-04-05 17:08:34       SlashDot

Part of America`s Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency (CISA) `has advised users to update Google Chrome as new high-rated security vulnerabilities have been found,` reports Forbes:

In an April 1 posting, CISA confirmed that Google Chrome version 80.0.3987.162 `addresses vulnerabilities that an attacker could exploit to take control of an affected system,` be that Windows, Mac or Linux. It went on to state that it `encourages` users and administrators to apply the update. It`s not just CISA that is warning about the need to update Google Chrome. The Center for Internet Security (CIS) is a non-profit entity that works to safeguard both private and public organizations against cyber threats. In a multi-state information sharing and analysis center (MS-ISAC) advisory, it has also warned of multiple vulnerabilities in Google Chrome.

The most severe of these could allow an attacker to achieve arbitrary code execution within the context of the browser... All it would take for an attacker to exploit the vulnerabilities is to get the user to visit, by way of a phishing attack or even redirection from a compromised site, a maliciously crafted web page.

Beside three high-rated vulnerabilities, Forbes reports that `a further five security vulnerabilities were discovered by the Google internal security team using a combination of internal audits and fuzzing.`


MOZILLA PATCHES CRITICAL VULNERABILITIES IN FIREFOX, FIREFOX ESR
2020-04-04 15:33:20       CERT/CC

Original release date: April 3, 2020

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit these vulnerabilities to take control of an affected system. These vulnerabilities have been detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Mozilla`s security advisory for Firefox 74.0.1 and Firefox ESR 68.6.1 and apply the necessary updates.n


ZOOM VIDEO CONFERENCING
2020-04-02 11:43:19      

Security and privacy issues revolving around the Zoom video conferencing software continue to grow.

Please consider Zoom as non-approved for MABB computers.

If you MUST video conference, consider using Skype instead.

https://www.skype.com/en/get-skype/

WATCH OUT: THIS VERIZON SMISHING SCAM IS CRAZY REALISTIC
2020-02-16 10:10:56      

The scam text message says, `Your Verizon account security needs validation` and invites you to tap a link to `validate your account.` Once you do, you end up at a phishing website that looks almost exactly like Verizon`s real website. The fake website asks for your My Verizon mobile number or user ID and password. After you provide those, it`ll ask for your account PIN. Finally, it requests all your personal details to `identify yourself.`

For smishing scams, this is convincing work. The website looks real and authentic - if you don`t look too hard at the address, which isn`t actually Verizon`s actual website... At the end of the process, the phishing website thanks you for providing your information and `redirects you to the home page.` For maximum deception, the phishing website actually redirects you to Verizon`s real website at the end of the process. If you don`t look too close, you might be deceived into thinking you were on Verizon`s website the whole time.

What`s the game? We didn`t provide real Verizon account details, so we can`t say for sure. The scammer will probably try to take over your Verizon account, order smartphones on credit, and stick you with the bill.


HUGE JAVA AND OTHER ORACLE PRODUCT PATCH
2020-01-16 17:12:53       The Register
House of Larry delivers massive update for 93 products. Oracle has released a sweeping set of security patches across the breadth of its software line.

CRITICAL WINDOWS UPDATES RELEASED
2020-01-14 15:18:16      

Monthly updates for Windows and other Microsoft products have been released. Included are critical updates to the cryptographic library for Windows 10 and Server 2016. It is essentail that these are installed in a timely manner.

Leave your laptop/desktop on, online and logged out over night for the next several days AND check manually to ensure that you have all updates installed.

Do NOT depend solely on alerts from IT.

This month also marks the end of life of support for Windows 7. This month`s will be the last offical updates for that operating system.

You are advised to stop using Windows 7 online in any capacity.


CRYPTIC RUMBLINGS AHEAD OF FIRST 2020 PATCH TUESDAY
2020-01-14 12:03:09       Slashdot
Brian Krebs:

Sources tell KrebsOnSecurity that Microsoft is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to branches of the U.S. military and to other high-value customers/targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements preventing them from disclosing details of the flaw prior to Jan. 14, the first Patch Tuesday of 2020. According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles `certificate and cryptographic messaging functions in the CryptoAPI.` The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

NSA said on Tuesday that it spotted the vulnerability and reported it to Microsoft. NSA said Microsoft will report later today that it has seen no active exploitation of this vulnerability. NSA`s Director of Cybersecurity, Anne Neuberger, says the critical cryptographic vulnerability resides in Windows 10 and Windows Server 2016, and that the concern about this particular flaw is that it `makes trust vulnerable.`


MOZILLA PATCHES CRITICAL VULNERABILITY
2020-01-08 14:58:42       CERT/CC
Original release date: January 8, 2020 \nMozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.\n \nThe Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.\n This product is provided subject to this Notification and this Privacy and amp; Use policy.\n

`IRANIAN HACKERS` CLAIM BREACH OF US GOVT WEBSITE
2020-01-06 10:42:36       Security Week
A group claiming to be hackers from Iran breached the website of a little-known US government agency on Saturday and posted messages vowing revenge for Washington`s killing of top military commander Qasem Soleimani.

FAKE WINDOWS UPDATE DELIVERS CYBORG RANSOMWARE
2019-11-19 13:19:33       Security Week

A malicious spam campaign that informs victims it contains a critical Windows update instead leads to the installation of Cyborg ransomware, researchers have found. Further, they were able to access its builder, which can be used to create malware variants.

The email-based threat, discovered recently by researchers at Trustwave, is unique in a few ways, researchers unveiled in a blog post on Tuesday. For instance, the attached file purports to be in .jpg format, even though it opens an .exe file.

Another unique aspect is that the emails contain a two-sentence subject, Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update! but it has just one sentence in its email body, researchers said. Typically, malicious emails include a longer, socially engineered message intended to lure victims into clicking malicious files.

https://threatpost.com/windows-update-cyborg-ransomware/150407/

PHISHING ATTACKS AT HIGHEST LEVEL IN THREE YEARS
2019-11-07 15:26:36       Net-Security

The number of phishing attacks continued to rise into the autumn of 2019, according to APWG. The total number of phishing sites detected in July through September 2019 was 266,387.

This was up 46 percent from the 182,465 seen in the second quarter of 2019, and almost double the 138,328 seen in Q4 2018. This is the worst period for phishing that the APWG has seen in three years, since the fourth quarter of 2016.

more


ANDROID BUG LETS HACKERS PLANT MALWARE VIA NFC BEAMING
2019-11-05 10:58:28       Slashdot

Google patched last month an Android bug that can let hackers spread malware to a nearby phone via a little-known Android OS feature called NFC beaming. NFC beaming works via an internal Android OS service known as Android Beam. This service allows an Android device to send data such as images, files, videos, or even apps, to another nearby device using NFC (Near-Field Communication) radio waves, as an alternative to WiFi or Bluetooth. Typically, apps (APK files) sent via NFC beaming are stored on disk and a notification is shown on screen. The notification asks the device owner if he wants to allow the NFC service to install an app from an unknown source. But, in January this year, a security researcher named Y. Shafranovich discovered that apps sent via NFC beaming on Android 8 (Oreo) or later versions would not show this prompt. Instead, the notification would allow the user to install the app with one tap, without any security warning.

The CVE-2019-2114 bug resided in the fact that the Android Beam app was also whitelisted, receiving the same level of trust as the official Play Store app. Google said this wasn`t meant to happen, as the Android Beam service was never meant as a way to install applications, but merely as a way to transfer data from device to device. The October 2019 Android patches removed the Android Beam service from the OS whitelist of trusted sources. However, many millions of users remain at risk. If users have the NFC service and the Android Beam service enabled, a nearby attacker could plant malware (malicious apps) on their phones.

Since most newly-sold devices have the NFC feature enabled by default, you`ll have to disable Android Beam and NFC or update your phone to receive the October 2019 security updates if you want to protect yourself from this bug.


KEEPING PERSONAL AND BUSINESS DATA SECURE
2019-10-23 16:21:50      

People are curious. They simply cannot resist peeking at others` screens, reading unattended documents in printers, and otherwise sticking their noses anywhere and everywhere.

A recent study indicates that a large percentage of people make efforts to protect their own information, but routinely `invade` the information of others. Old-timers will recognize `Mrs. Kravitz` as the nosy neighbor lady on the `60s TV show `Bewitched` as a great example of this curiosity getting the better of people.

The take-away from the study is that you might want to alter some of your habits:

  • Don`t leave documents in the printer for longer than necessary.
  • Pay attention to who`s around you when you use your phone or computer.
  • Lock or log out of your computer or phone when you are away from it.
  • You might also be a little more conscious of other people`s privacy, and reign in your own innate curiosity. Do you really need to know private details of your co-workers` personal lives that they haven`t elected to share with you? Ask yourself how you would feel if the roles were reversed?

    Obviously, all this applies to company data as well, along with the added aspect that mishandling of information could have ramifications on the future of the company and your own personal trajectory.


    ATTACKERS EXPLOIT NEW 0-DAY VULNERABILITY GIVING FULL CONTROL OF ANDROID PHONES
    2019-10-06 13:59:58       Slashdot

    Attackers are exploiting a zero-day vulnerability in Google`s Android mobile operating system that can give them full control of at least 18 different phone models, reports Ars Technica, including four different Pixel models, a member of Google`s Project Zero research group said on Thursday night. The post also says there`s evidence the vulnerability is being actively exploited.

    An anonymous reader quotes Ars Technica:

    Exploits require little or no customization to fully root vulnerable phones. The vulnerability can be exploited two ways: (1) when a target installs an untrusted app or (2) for online attacks, by combining the exploit with a second exploit targeting a vulnerability in code the Chrome browser uses to render content. `The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device,` Stone wrote. `If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox....`

    Google representatives wrote in an email: `Pixel 3 and 3a devices are not vulnerable to this issue, and Pixel 1 and 2 devices will be protected with the October Security Release, which will be delivered in the coming days. Additionally, a patch has been made available to partners in order to ensure the Android ecosystem is protected against this issue.`

    The use-after-free vulnerability originally appeared in the Linux kernel and was patched in early 2018 in version 4.14, without the benefit of a tracking CVE. That fix was incorporated into versions 3.18, 4.4, and 4.9 of the Android kernel. For reasons that weren`t explained in the post, the patches never made their way into Android security updates.

    https://arstechnica.com/information-technology/2019/10/attackers-exploit-0day-vulnerability-that-gives-full-control-of-android-phones/

    HACKERS TURN TO OPENDOCUMENT FORMAT TO AVOID AV DETECTION
    2019-10-02 09:47:14       ThreatPost
    Malware laced OpenDocument files target Microsoft Office, OpenOffice and LibreOffice users. Please assign the same cautions to ODT files and other OpenOffice documents that you would to Microsoft Office documents and PDFs. More: https://threatpost.com/hackers-turn-to-opendocument/148817/

    HACK BREAKS PDF ENCRYPTION, OPENS CONTENT TO ATTACKERS
    2019-10-02 09:30:16       ThreatPost

    PDFex can bypass encryption and password protection in most PDF readers and online validation services, allowing unauthorized parties to read content and forge documents.

    Expect updates for Adobe Acrobat, Firefox, and other applications with PDF soon.

    In the meantime, be wary of apparently signed and verified PDF files and do not depend exclusively on PDF encryption to protect company information.

    More information here: https://threatpost.com/hack-breaks-pdf-encryption/148834/.


    APPLE HITS BACK AT GOOGLE OVER IPHONE HACK REPORT
    2019-09-09 06:01:51       Silicon Security
    Fight, fight. Google security researchers overstated the level of threat to iPhone users, Apple alleges

    GOOGLE SAYS HACKERS HAVE PUT `MONITORING IMPLANTS` IN IPHONES FOR YEARS
    2019-08-31 13:04:53       Slashdot

    An unprecedented iPhone hacking operation, which attacked `thousands of users a week` until it was disrupted in January, has been revealed by researchers at Google`s external security team. From a report:

    The operation, which lasted two and a half years, used a small collection of hacked websites to deliver malware on to the iPhones of visitors. Users were compromised simply by visiting the sites: no interaction was necessary, and some of the methods used by the hackers affected even fully up-to-date phones.

    Once hacked, the user`s deepest secrets were exposed to the attackers. Their location was uploaded every minute; their device`s keychain, containing all their passwords, was uploaded, as were their chat histories on popular apps including WhatsApp, Telegram and iMessage, their address book, and their Gmail database. The one silver lining is that the implant was not persistent: when the phone was restarted, it was cleared from memory unless the user revisited a compromised site. However, according to Ian Beer, a security researcher at Google: `Given the breadth of information stolen, the attackers may nevertheless be able to maintain persistent access to various accounts and services by using the stolen authentication tokens from the keychain, even after they lose access to the device.`

    more

    INTERNET EXPLORER 11 END OF LIFE
    2019-08-22 14:19:50      

    Internet Explorer 11 is being less and less updated by Microsoft. They obviously would like to see it go away.

    We are trusting it less each day to remain safe and secure. It also is woefully short on support for modern web technologies like HTML5 and CSS3.

    Please start using Firefox as your default and primary browser. The Bookmark manager in Firefox should help you import your Favorites from Internet Explorer without much heartache.

    Most laptops should already have Firefox installed. Just allow it to be your default browser, and hold IE11 in reserve for any sites that you access that still require Java or other old technologies not supported by Firefox.


    HACKERS CAN BREAK INTO AN IPHONE JUST BY SENDING A TEXT
    2019-08-08 23:10:03      

    https://media.wired.com

    Casey Chin

    When you think about how hackers could break into your smartphone, you probably imagine it would start with clicking a malicious link in a text, downloading a fraudulent app, or some other way you accidentally let them in. It turns out that`s not necessarily sonot even on the iPhone, where simply receiving an iMessage could be enough to get yourself hacked.

    At the Black Hat security conference in Las Vegas on Wednesday, Google Project Zero researcher Natalie Silvanovich is presenting multiple so-called `interaction-less` bugs in Apple`s iOS iMessage client that could be exploited to gain control of a user`s device. And while Apple has already patched six of them, a few have yet to be patched.


    ONLY YOU CAN PREVENT RANSOMWARE!
    2019-07-30 22:59:08      

    Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization. Sometimes all it takes is one unsuspecting user to infect an entire organization.

    The concept behind ransomware, a well-known form of malicious software, is quite simple: Lock and encrypt a victims computer data, then demand a ransom to restore access. In many cases, the victim must pay the cybercriminal within a set amount of time or risk losing access forever. And since were dealing with criminals here, paying the ransom doesnt ensure access will be restored.

    Ransomware is the online form of the bullys game of keep-away. The bully could hold your personal files hostage, keeping you from your documents, photos, and financial information. Those files are still on your computer, right in front of you, but theyre encrypted now, making them unreadable. In 2017, the average ransom demand was US$522 a high price to pay for getting your own property back.

    Types of ransomware

    Ransomware can come in many shapes and sizes. Some variants may be more harmful than others, but they all have one thing in common: a ransom. The five types of ransomware are:

    • Crypto malware. This is a well-known form of ransomware and can cause a great deal of damage. One of the most familiar examples is the 2017 WannaCry ransomware attack, which targeted thousands of computers around the world and spread itself within corporate networks globally.
    • Lockers. This kind of ransomware is known for infecting your operating system to completely lock you out of your computer, making it impossible to access any of your files or applications.
    • Scareware. This is fake software that acts like an antivirus or a cleaning tool. Scareware often claims to have found issues on your computer, demanding money to resolve the issue. Some types of scareware lock your computer, while others flood your screen with annoying alerts and pop-up messages.
    • Doxware. Commonly referred to as leakware, doxware threatens to publish your stolen information online if you dont pay the ransom. As more people store sensitive files and personal photos on their computers, its understandable that many individuals panic and pay the ransom when their files have been hijacked.
    • RaaS. Otherwise known as Ransomware as a Service, RaaS is a type of malware hosted anonymously by a hacker. These criminals handle everything from distributing the ransomware and collecting payments to managing decryptors software that restores data access in exchange for their cut of the ransom.

    Ransomware remains a popular means of attack, and new ransomware families are discovered every year. Reported attacks in the U.S. dropped from 2,673 in 2016 to 1,783 in 2017. However, the threat of ransomware is still incredibly active on the internet, so you should take precautions to help avoid becoming a victim.

    Dos and donts of ransomware:

    Ransomware is a profitable market for cybercriminals and can be difficult to stop. Prevention is the single most important aspect of protecting your personal data. To deter cybercriminals and help protect yourself from a ransomware attack, keep in mind these dos and donts:

    • Do use security software. To help protect your data, install and use a trusted security suite that offers more than just antivirus features.
    • Do keep your security software up to date. New ransomware variants appear on a regular basis, so having up-to-date internet security software will help protect you against cyberattacks.
    • Do update your operating system and other software. Software updates frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.
    • Dont automatically open email attachments. Email is one of the main methods for delivering ransomware. Avoid opening emails and attachments from unfamiliar or untrusted sources.
    • Do be wary of any email attachment that advises you to enable macros to view its content. Once enabled, macro malware can infect multiple files. Unless you are absolutely sure the email is genuine, from a trusted source, delete the email.
    • Do back up important data to an external hard drive. Attackers can gain leverage over their victims by encrypting valuable files and making them inaccessible. If the victim has backup copies, the hacker no longer holds the upper hand. Backup files allow victims to restore their files once the infection has been cleaned up. Ensure that backups are appropriately protected or stored offline so that attackers cant access them.
    • Do use cloud services. This can help mitigate a ransomware infection, since many cloud services retain previous versions of files, allowing you to roll back to the unencrypted form.
    • Dont pay the ransom. You could be wondering, But wont I get my files back if I pay the ransom? You might, but you might not. Sensing desperation, a cybercriminal could ask you to pay again and again, extorting money from you but never releasing your data.

    Ransomware bullies make a living by preying on the innocent. With new ransomware variants popping up frequently, you want to do what you can to minimize your exposure. By following these simple dos and donts, you can help protect your computer data and personal information from ransomware.


    YOUTUBE POLICY ON REMOVING INSTRUCTIONAL HACKING CONTENT CAUSES INFOSEC COMMUNITY OUTRAGE
    2019-07-04 05:25:25       incidents.org

    MICROSOFT PATCHES `WORMABLE` FLAW IN WINDOWS XP, 7 AND WINDOWS 2003
    2019-05-14 17:30:00       Slashdot
    Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a `wormable` flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. From a report: The vulnerability (CVE-2019-0708) resides in the `remote desktop services` component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates. Microsoft said the company has not yet observed any evidence of attacks against the dangerous security flaw, but that it is trying to head off a serious and imminent threat.\n \n\n \n

    INTEL CPUS RELEASED IN LAST 8 YEARS IMPACTED BY NEW ZOMBIELOAD SIDE-CHANNEL ATTACK
    2019-05-14 13:22:00       Slashdot
    Academics have discovered a new class of vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU. From a report: The leading attack in this new vulnerability class is a security flaw named Zombieload, which is another side-channel attack in the same category as Meltdown, Spectre, and Foreshadow. Just like the first three, Zombieload is exploited by taking advantage of the speculative execution process, which is an optimization technique that Intel added to its CPUs to improve data processing speeds and performance. For more than a year, academics have been poking holes in various components of the speculative execution process, revealing ways to leak data from various CPU buffer zones and data processing operations. Meltdown, Spectre, and Foreshadow have shown how various CPU components leak data during the speculative execution process. Today, an international team of academics -- including some of the people involved in the original Meltdown and Spectre research -- along with security researchers from Bitdefender have disclosed a new attack impacting the speculative execution process. This one is what researchers have named a Microarchitectural Data Sampling (MDS) attack, and targets a CPU`s microarchitectural data structures, such as the load, store, and line fill buffers, which the CPU uses for fast reads/writes of data being processed inside the CPU. [...] In a research paper published today, academics say that all Intel CPUs released since 2011 are most likely vulnerable. Processors for desktops, laptops, and (cloud) servers are all impacted, researchers said on a special website they`ve set up with information about the Zombieload flaws.\n \n\n \n

    A GLITCH IS BREAKING ALL FIREFOX EXTENSIONS
    2019-05-04 18:56:13       Slashdot
    UPDATE: This appears to be resolved.
    Did you just open Firefox only to find all of your extensions disabled and/or otherwise not working? You`re not alone, and it`s nothing you did. From a report: Reports are pouring in of a glitch that has spontaneously disabled effectively all Firefox extensions. Each extension is now being listed as a `legacy` extension, alongside a warning that it `could not be verified for use in Firefox and has been disabled.` A ticket submitted to Mozilla`s Bugzilla bug tracker first hit at around 5:40 PM Pacific, and suggests the sudden failure is due to a code signing certificate built into the browser that expired just after 5 PM (or midnight on May 4th in UTC time). Because the glitch stems from an underlying certificate, re-installing extensions won`t work -- if you try, you`ll likely just be met with a different error message. Getting extensions back for everyone is going to require Mozilla to issue a patch.

    MICROSOFT BLOCKS WINDOWS 2019 UPDATE ON PCS THAT USE USB STORAGE OR SD CARDS
    2019-05-04 09:55:37       Slashdot
    Microsoft has published a support document today warning Windows 10 users that the impending May 2019 Update may not install on their systems if they use external USB storage devices or SD cards. From a report: The OS maker cited problems with `inappropriate drive reassignment` as the main reason for blocking the May 2019 Update. `Inappropriate drive reassignment can occur on eligible computers that have an external USB device or SD memory card attached during the installation of the May 2019 update,` the company said. `For this reason, these computers are currently blocked from receiving the May 2019 Update.`

    MOZILLA SAYS IT WILL BAN FIREFOX ADD-ONS WITH OBFUSCATED CODE
    2019-05-02 13:01:00       Slashdot
    DarkRookie2 writes: As Mozilla continues to try to make it safer than ever to use Firefox, the organization has updated its Add-on Policy so that any updates that include obfuscated code are explicitly banned. Mozilla has also set out in plain terms its blocking process for add-ons and extensions. While there is nothing surprising here, the clarification should mean that there are fewer causes for disputes when an add-on is blocklisted. The updated Add-on policy comes into force on June 10, so add-on developers have a little more than a month to take note of the changes and comply. Mozilla says that the move is designed to help it better deal with malicious extensions. Mozilla also plans to be more aggressive towards taking down extensions that break its policies, with a heavy focus on security issues. ZDNet adds: [...] Starting with June 10, Mozilla`s team will also be more aggressive in blocking and disabling Firefox add-ons in users` browsers that are found to be violating one of the company`s policies.`We will continue to block extensions for intentionally violating our policies, critical security vulnerabilities, and will also act on extensions compromising user privacy or circumventing user consent or control,` Nieman said.\n \n\n \n

    PUTIN SIGNS LAW TO CREATE AN INDEPENDENT RUSSIAN INTERNET
    2019-05-02 12:05:00       Slashdot
    Russia is one step closer to creating its own, independent internet -- at least legally speaking. Russian President Vladimir Putin has signed into law new measures that would enable the creation of a national network, able to operate separately from the rest of the world, according to documents posted on a government portal this week. From a report: For now, the network remains largely theoretical though, with few practical details disclosed. In concept, the new law aims to protect Russia from foreign online restrictions by creating what the Kremlin calls a `sustainable, secure and fully functioning` local internet. The legislation takes effect in November, state news agency RIA-Novosti reported. According to a summary from RIA-Novosti, the law calls for the creation of a monitoring and a management center supervised by Roskomnadzor, Russia`s telecoms agency. The state agency will be charged with ensuring the availability of communication services in Russia in extraordinary situations. During such situations, it would also be empowered to cut off external traffic exchange, creating a purely Russian web.\n \n\n \n

    INTERNET EXPLORER ZERO-DAY LETS HACKERS STEAL FILES FROM WINDOWS PCS
    2019-04-12 06:26:20       incidents.org

    WINDOWS 10 COULD AUTOMATICALLY UNINSTALL BUGGY WINDOWS UPDATES
    2019-03-12 18:50:00       Slashdot
    Microsoft is reportedly working on a new functionality that will automatically remove botched updates from Windows 10 to fix startup issues and other bugs preventing the PC from booting. `The support document was quietly published a couple of hours ago and for some reasons, Microsoft has also blocked the search engines from crawling or indexing the page,` reports Windows Latest. `In the document, Microsoft explains that Windows may automatically install updates in order to keep your device secure and smooth.` From the report: Due to various reasons, including software and driver compatibility issues, Windows Updates are vulnerable to mistakes and hardware errors. In some cases, Windows Update may fail to install. After installing a recent update, if your PC experience startup failures and automatic recovery attempts are unsuccessful, Windows may try to resolve the failure by uninstalling recently installed updates. In this case, users may receive a notification with the following message: `We removed some recently installed updates to recover your device from a startup failure.` Microsoft says that Windows will also automatically block the problematic updates from installing automatically for the next 30 days. During these 30 days, Microsoft and its partners will investigate the failure and attempt to fix the issues. When the issues are fixed, Windows will again try to install the updates. Users still have the freedom to reinstall the updates. If you believe that the update should not be removed, you can manually reinstall the driver or quality updates which were uninstalled earlier.\n \n\n \n