Skip to main content
Please wait...

Acronis gets deeper into the Apple enterprise with Addigy partnership

1 month 2 weeks ago

The burgeoning enterprise Apple space saw thousands of IT admins virtually attend this week’s JNUC event, and the week tails off with news from Addigy and cybersecurity firm Acronis.

Securing the Apple enterprise

Addigy has confirmed that its cloud-based Apple device management tools now integrate with Acronis. This integration means IT can use Addigy to extend Acronis security tools to Mac and iOS systems via Acronis Cyber Protect Cloud. The idea is to bring all this control inside one management tool.

To read this article in full, please click here

Jonny Evans

Asana takes aim at the enterprise with new workflow features

1 month 2 weeks ago

Asana, a work management platform for teams, today announced the Enterprise Work Graph, a suite of features designed to give greater clarity and flexibility to enterprise workflows. The new capabilities aim to align teams around goals, coordinate workflows across teams and time zones, and provide visibility into where work stands in real time. 

Alongside the new Work Graph data model, Asana is introducing enterprise-grade security and controls to its platform.

To read this article in full, please click here

Charlotte Trueman

Asana takes aim at the enterprise with new workflow features

1 month 2 weeks ago

Asana, a work management platform for teams, today announced the Enterprise Work Graph, a suite of features designed to give greater clarity and flexibility to enterprise workflows. The new capabilities aim to align teams around goals, coordinate workflows across teams and time zones, and provide visibility into where work stands in real time. 

Alongside the new Work Graph data model, Asana is introducing enterprise-grade security and controls to its platform.

To read this article in full, please click here

Charlotte Trueman

Just who is Windows 11 for, anyway?

1 month 2 weeks ago

Seriously, who did Microsoft develop Windows 11 for? Only people who like centered taskbars? Only people who don’t mind “unlearning” how to get into task manager?

Maybe not, but I’d argue that Windows 11 wasn’t designed for you and me. Rather, it was designed for the businesses, governments, schools, and other entities that we interact with. It’s built to ensure that sensitive information can be secured.

[ Related: Windows 11 in-depth review: Windows 10 gets a nip and tuck ] Baked-in security

For starters, Windows 11 has allowed Microsoft to cut the cord on the 32-bit platform. Windows 11 will be first Windows OS that is 64-bit only. This allows Microsoft to build in more virtualization and containerization security features that cannot be done in the 32-bit platform.

To read this article in full, please click here

Susan Bradley

Just who is Windows 11 for, anyway?

1 month 2 weeks ago

Seriously, who did Microsoft develop Windows 11 for? Only people who like centered taskbars? Only people who don’t mind “unlearning” how to get into task manager?

Maybe not, but I’d argue that Windows 11 wasn’t designed for you and me. Rather, it was designed for the businesses, governments, schools, and other entities that we interact with. It’s built to ensure that sensitive information can be secured.

[ Related: Windows 11 in-depth review: Windows 10 gets a nip and tuck ] Baked-in security

For starters, Windows 11 has allowed Microsoft to cut the cord on the 32-bit platform. Windows 11 will be first Windows OS that is 64-bit only. This allows Microsoft to build in more virtualization and containerization security features that cannot be done in the 32-bit platform.

To read this article in full, please click here

Susan Bradley

Four zero-day exploits add urgency to October's Patch Tuesday

1 month 3 weeks ago

October brings four zero-day exploits and 74 updates to the Windows ecosystem, including a hard-to-test kernel update (CVE-2021-40449) that requires immediate attention and an Exchange Server update that requires technical skill and due diligence (and a reboot). The testing profile for the October Patch Tuesday covers Windows error handling, AppX, Hyper-V and Microsoft Word. We recommend a Patch Now schedule for Windows and then staging the remaining patch groups according to your normal release pattern.

To read this article in full, please click here

Greg Lambert

Four zero-day exploits add urgency to October's Patch Tuesday

1 month 3 weeks ago

October brings four zero-day exploits and 74 updates to the Windows ecosystem, including a hard-to-test kernel update (CVE-2021-40449) that requires immediate attention and an Exchange Server update that requires technical skill and due diligence (and a reboot). The testing profile for the October Patch Tuesday covers Windows error handling, AppX, Hyper-V and Microsoft Word. We recommend a Patch Now schedule for Windows and then staging the remaining patch groups according to your normal release pattern.

To read this article in full, please click here

Greg Lambert

Experts call Apple's CSAM scheme 'a dangerous technology'

1 month 3 weeks ago

Apple’s decision to postpone introduction of its controversial client-side scanning (CSS) CSAM-detection system looks like an even better idea amid news governments already want to use the controversial tools for other forms of surveillance.

A 'dangerous technology'

In a new report, an influential group of 14 internationally reputed security researchers have said such plans represent a “dangerous technology” that expands state surveillance powers. They warn the client-side scanning system, if used “would be much more privacy invasive than previous proposals to weaken encryption. Rather than reading the content of encrypted communications, CSS gives law enforcement the ability to remotely search not just communications, but information stored on user devices.”

To read this article in full, please click here

Jonny Evans

Experts call Apple's CSAM scheme 'a dangerous technology'

1 month 3 weeks ago

Apple’s decision to postpone introduction of its controversial client-side scanning (CSS) CSAM-detection system looks like an even better idea amid news governments already want to use the controversial tools for other forms of surveillance.

A 'dangerous technology'

In a new report, an influential group of 14 internationally reputed security researchers have said such plans represent a “dangerous technology” that expands state surveillance powers. They warn the client-side scanning system, if used “would be much more privacy invasive than previous proposals to weaken encryption. Rather than reading the content of encrypted communications, CSS gives law enforcement the ability to remotely search not just communications, but information stored on user devices.”

To read this article in full, please click here

Jonny Evans

Windows 11 and the need for better BIOS integration

1 month 3 weeks ago

Disclosure:  The vendors listed are clients of the author.

Microsoft DOS and then Windows have gone through several evolutions over the years. When Windows first arrived, it was a User Interface (UI) shell on top of DOS. Then Windows 95 absorbed DOS to create something new — but didn’t include security. Windows 8 tried to absorb the smartphone experience, failed, but essentially made third-party anti-virus software obsolete.  

Windows 10 took security a few steps farther (and integrated a better digital assistant, Cortana, that few people ever used). And now, with  Windows 11, Microsoft has begun to integrate hardware security without integrating PC firmware (BIOS). Due to issues with the move to Windows 11, I think the next integration will be BIOS.

To read this article in full, please click here

Rob Enderle

Windows 11 and the need for better BIOS integration

1 month 3 weeks ago

Disclosure:  The vendors listed are clients of the author.

Microsoft DOS and then Windows have gone through several evolutions over the years. When Windows first arrived, it was a User Interface (UI) shell on top of DOS. Then Windows 95 absorbed DOS to create something new — but didn’t include security. Windows 8 tried to absorb the smartphone experience, failed, but essentially made third-party anti-virus software obsolete.  

Windows 10 took security a few steps farther (and integrated a better digital assistant, Cortana, that few people ever used). And now, with  Windows 11, Microsoft has begun to integrate hardware security without integrating PC firmware (BIOS). Due to issues with the move to Windows 11, I think the next integration will be BIOS.

To read this article in full, please click here

Rob Enderle

How to choose the right UEM platform

1 month 3 weeks ago

Endpoint devices have become so ubiquitous, connected, and data-intensive that they are among the most valuable technology assets an organization has today. They’re also some of the biggest security risks. It’s no surprise, then, that managing the large and growing number of smartphones, laptops, tablets, desktops, and other end-user products is a high priority for IT.

For a growing number of enterprises, unified endpoint management (UEM) is the method of choice for keeping management of endpoints from descending into chaos. UEM platforms are designed to simplify the management of devices and enhance the security of heterogeneous environments.

To read this article in full, please click here

Bob Violino

How to choose the right UEM platform

1 month 3 weeks ago

Endpoint devices have become so ubiquitous, connected, and data-intensive that they are among the most valuable technology assets an organization has today. They’re also some of the biggest security risks. It’s no surprise, then, that managing the large and growing number of smartphones, laptops, tablets, desktops, and other end-user products is a high priority for IT.

For a growing number of enterprises, unified endpoint management (UEM) is the method of choice for keeping management of endpoints from descending into chaos. UEM platforms are designed to simplify the management of devices and enhance the security of heterogeneous environments.

To read this article in full, please click here

Bob Violino

Apple warns: Sideloading apps threatens an iCrime wave

1 month 3 weeks ago

Apple is fighting back against growing pressure to support sideloading on its App Stores with an extensive 28-page white paper in which it offers stark security and privacy warnings.

The risks of sideloading

The white paper, "Building a Trusted Ecosystem for Millions of Apps – a Threat analysis of Sideloadingargues that because iPhones and other devices capture so much personal information about people, maintaining privacy and security is critical.“Supporting sideloading through direct downloads and third-party app stores would cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks,” the company said.

To read this article in full, please click here

Jonny Evans

Apple warns: Sideloading apps threatens an iCrime wave

1 month 3 weeks ago

Apple is fighting back against growing pressure to support sideloading on its App Stores with an extensive 28-page white paper in which it offers stark security and privacy warnings.

The risks of sideloading

The white paper, "Building a Trusted Ecosystem for Millions of Apps – a Threat analysis of Sideloadingargues that because iPhones and other devices capture so much personal information about people, maintaining privacy and security is critical.“Supporting sideloading through direct downloads and third-party app stores would cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks,” the company said.

To read this article in full, please click here

Jonny Evans

Google now tells criminals when Chrome users are 'idle.' What could go wrong?

2 months ago

When Google released Chrome 94 for Android (and desktop), it slipped in some naughty capabilities via an API called Idle Detection.  

“The Idle Detection API notifies developers when a user is idle, indicating such things as lack of interaction with the keyboard, mouse, screen, activation of a screensaver, locking of the screen, or moving to a different screen. A developer-defined threshold triggers the notification,” Google said in a blog post. “Applications that facilitate collaboration require more global signals about whether the user is idle than are provided by existing mechanisms that only consider a user's interaction with the application's own tab.”

To read this article in full, please click here

Evan Schuman

Google now tells criminals when Chrome users are 'idle.' What could go wrong?

2 months ago

When Google released Chrome 94 for Android (and desktop), it slipped in some naughty capabilities via an API called Idle Detection.  

“The Idle Detection API notifies developers when a user is idle, indicating such things as lack of interaction with the keyboard, mouse, screen, activation of a screensaver, locking of the screen, or moving to a different screen. A developer-defined threshold triggers the notification,” Google said in a blog post. “Applications that facilitate collaboration require more global signals about whether the user is idle than are provided by existing mechanisms that only consider a user's interaction with the application's own tab.”

To read this article in full, please click here

Evan Schuman

How one coding error turned AirTags into perfect malware distributors

2 months ago

One of the more frightening facts about mobile IT in 2021 is that simplicity and convenience are far too tempting in small devices (think AppleWatch, AirTags, even rings that track health conditions, smart headphones, etc.). 

Compared with their laptop and desktop ancestors, they make it far more difficult to check that URLs are proper, that SPAM/malware texts/emails don’t get opened and that emlpoyees follow the minimal cybersecurity precautions IT asks. In short, as convenience ramps up, so do security risks. (Confession: Even though I try to be ultra-vigilant with desktop emails, I do periodically — far more often than I should — drop my guard on a message coming through my AppleWatch.)

To read this article in full, please click here

Evan Schuman

How one coding error turned AirTags into perfect malware distributors

2 months ago

One of the more frightening facts about mobile IT in 2021 is that simplicity and convenience are far too tempting in small devices (think AppleWatch, AirTags, even rings that track health conditions, smart headphones, etc.). 

Compared with their laptop and desktop ancestors, they make it far more difficult to check that URLs are proper, that SPAM/malware texts/emails don’t get opened and that emlpoyees follow the minimal cybersecurity precautions IT asks. In short, as convenience ramps up, so do security risks. (Confession: Even though I try to be ultra-vigilant with desktop emails, I do periodically — far more often than I should — drop my guard on a message coming through my AppleWatch.)

To read this article in full, please click here

Evan Schuman
Checked
46 minutes 3 seconds ago
Computer World Security
Subscribe to Computer World Security feed

About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.