Computerworld Security

We’re told that one of the best ways to stay secure is to make sure our computers are patched. But we need to always be aware that at any given time, there are several vulnerabilities probably known and in use by attackers. The good news is that the number of days between when a bug is identified and when it’s patched is slowly going down, according to the Google Project Zero. It tracks how long it’s taking vendors to patch bugs and found that “in 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is a significant acceleration from an average of about 80 days [three] years ago.”To read this article in full, please click here

US President Biden and EU President von der Leyen say deal underscores shared values over data privacy and security surrounding transatlantic information sharing.

Gather ’round, kiddos — ’cause it’s time for a story.Once upon a time, Chrome was a lean, mean browsing machine. It was the scrappy lightweight kid in a block filled with clunky old blobs of blubber. People had never seen a browser so fast, so thoughtfully constructed! It stripped everything down to the essentials and made the act of browsing the web both pleasant and secure — qualities that were anything but standard back in that prehistoric era.Chrome was “minimalist in the extreme,” as The New York Times put it — with “extremely fast” page loads and a “snappy” user interface, in the words of Ars Technica. Its sandbox-centric setup and emphasis on supporting web-based applications made the program “the first true Web 2.0 browser,” as some other tech website opined.To read this article in full, please click here

Each time we experience an Apple iCloud, Spotify, Slack, Verizon, Google, Peloton, or any other form of server-based outage, we’re reminded that everyone should have multiple layers of backup to maintain data and work to ensure key services still work when servers go down.To read this article in full, please click here

One of the dirty little secrets of many businesses, perhaps even most, is that far more of them than ever admit to it have been hacked. Still others end up paying ransomware, but they’ve never revealed this deep, dark secret. After all, who wants to admit to the world — and their customers — that they’ve been caught with their security pants down.Well, things are about to change. In the recently signed $1.5 trillion government funding bill were new cybersecurity laws requiring companies to quickly report data breaches and ransomware payments. To read this article in full, please click here

Companies and governments have, shall we say, interesting relations. Just ask any Chinese tech company in recent days.  But, while they’re losing billions, companies in war-mongering countries like Russia have an even harder row to hoe. How can Russian companies support Russia’s unprovoked invasion of Ukraine?You may say they can’t, but that just shows you haven’t studied history. When money and ethics are weighed against each other, money usually wins. For example, such American-as-apple-pie-and-baseball companies as General Motors, Ford, Coca-Cola, and IBM supported Nazi Germany during World War II.To read this article in full, please click here

There has been a rapid spike in demand for VPN services in Russia and Ukraine since the invasion began almost three weeks ago. People in both nations seek online freedoms as offline misery intensifies, and want to see through the fog of conflict.VPN services see rapid growth in Russia A VPN (virtual private network) service creates an encrypted tunnel between users and the servers they interact with. This helps secure the traffic to protect people from being identified, tracked, and surveilled.Simon Migliano, Head of Research at Top10VPN, explained that Russians began seeking out VPN services before the conflict began. But demand has accelerated as it continues and authorities become more repressive there.To read this article in full, please click here

Where does your software come from?That’s one of the questions online users at AskWoody.com have asked in recent weeks. Obviously, this comes up as the world sees what’s going on in Ukraine. For many years, one security software vendor in particular was tagged as possibly having Russian ties — and as far back as 2017, the US government banned the use of Kaspersky antivirus over fears the security software could spy on defense contractors for Russia.To read this article in full, please click here

Last week, the Department for Digital, Culture, Media and Sport (DCMS) published the outcomes from its consultation into digital identities. In its proposal, the UK government has said it will look to introduce the One Login for Government programme, which aims to provide a single account for citizens to prove their identity and access central government services.The consultation was launched in July 2021, following the publication of initial government proposals around the subject of digital identities. At the time, these included creating a digital identity and attributes governance framework, enabling a legal gateway between public and private sector organisations for data checking, and establishing the validity of digital identities and attributes.To read this article in full, please click here

March brings us a solid set of updates from Microsoft for Windows, Microsoft Office, Exchange, and Edge (Chromium), but no critical issues requiring a “Patch Now” release schedule (though Microsoft Exchange will require some technical effort this month). We have published some testing guidelines, with a focus on printing, remote desktop over VPN connections, and server-based networking changes. We also recommend testing your Windows installer packages with a specific focus on roll-back and uninstall functionality. You can find more information about the risk of deploying these Patch Tuesday updates with this useful infographic. And, if you are looking for more information on .NET updates, there is a great post from Microsoft that highlights this month’s changes.To read this article in full, please click here

COVID-19 has made us all more aware of the need to protect our computers at home from online evil. But when was the last time you pointed your browser at your router? The little box that connects your PC and all the other devices in your home to the internet has an array security features that many people are unaware of.After speaking to Derek Manky, chief of security insights and global threat alliances at Fortinet’s FortiGuard Labs, I logged into my Verizon FIOS router for the first time in years and discovered there were no less than 18 devices connected to it, including TVs, printers, thermostats and a half dozen Amazon Echoes. Each is a potential security vulnerability. “If you look at your home router, you’ll be surprised what you find there,” Manky said.To read this article in full, please click here

In a move to offer an end-to-end security operations suite from its cloud platform, Google has announced it will acquire cyberdefense and response company Mandiant for $5.4 billion, in a deal expected to close later this year.The acquisition will complement Google Cloud’s existing security services and together, the companies will deliver a security operations suite as well as advisory services that help customers address critical security challenges and stay protected at every stage of the security lifecycle, Mandiant said in a press release.The company recently announced a new Ransomware Defense Validation service for its SaaS-based XDR (extended detection and response) platform, Mandiant Advantage, to help enterprises gauge the ability of their security systems to guard against ransomware attacks. To read this article in full, please click here

Every year at this time, I have to fill out my firm’s cyber insurance application — and every year they ask whether we encourage strong passwords and change them often. This question annoys me tremendously, because we really shouldn’t be changing passwords often. We should instead be choosing authentication processes that appropriately match site risks; using a password should be the last thing you want to rely on.First, think about the information and data a website is keeping on you. The sites we want to offer the most protections often have the weakest. Where you can, always add two-factor authentication to a site’s access. (Not all multi-factor authentication is created equally, but some sort of multi-factor is better than none. If it encourages attackers to go elsewhere, it’s done its job.To read this article in full, please click here

An increase in workplace surveillance during the COVID-19 pandemic could lead to widespread discrimination, work intensification, and unfair treatment of workers unless regulatory safeguards are put in place, according to a prominent UK union group.The Trades Union Congress (TUC), which represents most unions in the UK, published survey results this week  highlighting the use of surveillance technologies to monitor workers in a variety of job roles.To read this article in full, please click here

Chances are you don’t live in Ukraine’s capital, Kyiv, so you don’t need to worry about a missile landing on your office. But even if you’re 6,000 miles away, you could still get smacked by Russia’s or its Anonymous enemies’ cyberwar fallout.As the war grinds on, chances will only increase that everyone will be affected by the resulting and growing cyberattacks. So, what can you do to protect yourself?To read this article in full, please click here

It’s not unreasonable to assume that war in Ukraine will generate a wave of cyberattacks. That means every business or personal computer user should audit their existing security protections, particularly for companies that have embraced the hybrid workplace.While larger enterprises usually employ Chief Information Security Officers (CISOs) and security consultants to manage such tasks, what follows is useful advice for Mac, iPad, and iPhone users seeking to start such an audit.  To read this article in full, please click here

Splunk has named Gary Steele as its new CEO, three months after the surprise resignation of longtime CEO Doug Merritt.“The board is focused on identifying a leader with a proven track record of scaling operations and growing multi-billion-dollar enterprises,” Merritt said in a statement at the time.We now know that leader is Gary Steele, who was the founding CEO of SaaS (software-as-a-service) security vendor Proofpoint, a company he led for nearly 20 years. During that time, Steele navigated both an IPO in 2012 and a private equity buyout from Thoma Bravo last year. He will start on April 11, when he will also take a seat on Splunk’s board.To read this article in full, please click here

As Russia invaded Ukraine, seeing the disruption in the world occur in near real time on social media brought poignancy to what was happening. While I don’t know anyone in Ukraine, I know many people who have friends or family members that have been impacted by the war. Ukraine has many technology ties around the world. It’s also been a source of cyberattacks, which is why there’s extra concern about what we can do to protect ourselves in case of attack. (Eastern Europe has often been the source of many of the ransomware attacks that occur around the world.)So what can tech users do to ensure you protect yourself from possible cyberattacks arising from the conflict?To read this article in full, please click here

Behavioral analytics is one of the best authentication methods around — especially when it’s part of continuous authentication. Authentication as a “one-and-done” is something that simply shouldn’t happen anymore. Then again, I’ve argued the same thing about using unencrypted SMS as a form of multi-factor authentication and I sadly still see that being used by lots of Fortune 1000 firms. Oh well.Although most enterprise CISOs are fine with behavioral analytics on paper (on a whiteboard? As a message within Microsoft Teams/GoogleMeet/Zoom?), they’re resistant to rapid widespread deployment because it requires creating a profile for every user — including partners, distributors, suppliers, large customers and anyone else who needs system access. Those profiles can take more than a month to create to get an accurate, consistent picture of each person.To read this article in full, please click here

Russia telegraphed its intentions to invade Ukraine well ahead of this week’s attack by massing nearly 200,000 soldiers along Ukraine’s borders, and by Vladimir Putin’s increasingly belligerent threats.Behind the scenes, Russia was doing more than that, including dangerous cyberattacks launched against Ukraine. And as is typically the case in such attacks, Windows was the attack vector.“We’ve observed destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government, Tom Burt, Microsoft corporate vice president for customer security and trust, wrote in a blog post in mid-January. “The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable.” In a related technical post detailing how the malware works, Microsoft added: “These systems [under cyberattack] span multiple government, non-profit, and information technology organizations, all based in Ukraine.”To read this article in full, please click here