Don’t break Windows 10 by deleting SID, Microsoft warns

Posted on May 22nd, 2019 by Responsible Cyber

by John E Dunn Microsoft has reminded admins and users not to delete something called a Windows account security identifier (SID) ‘capability’ in case they inadvertently break applications. It’s not clear what prompted Microsoft to issue the caution for a type of SID that has been part of its OS since Windows 8 and Windows […]

Read More

Android 7.0+ Phones Can Now Double as Google Security Keys — Krebs on Security

Posted on April 13th, 2019 by Responsible Cyber

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft. As first disclosed by […]

Read More

Android phones transformed into anti-phishing security tokens

Posted on April 12th, 2019 by Responsible Cyber

by John E Dunn Google just announced a new security feature that allows users of Android 7 and later to use their smartphones to authenticate themselves to their Google accounts. The surprise announcement was buried inside a pile of enterprise-oriented enhancements revealed at Google Cloud Next 2019 in San Francisco on Wednesday. Released in beta, […]

Read More

How iOS App Permissions Open Holes for Hackers

Posted on April 6th, 2019 by Responsible Cyber

The permissions iOS apps request from users can turn the devices into spy tools and provide a toehold into the enterprise network, according to new research. In many ways, the era of the smartphone is defined by apps, which do everything from sending messages to tracking our exercise. New research shows how Apple iOS apps come […]

Read More

SoftNAS Cloud 0day found: Upgrade ASAP

Posted on March 24th, 2019 by Responsible Cyber

SoftNAS users should upgrade their virtual appliance immediately following the discovery of a security issue in the product’s session management. Texas pen-testing outfit Digital Defense discovered the vulnerability during an engagement and coordinated disclosure with SoftNAS. Version 4.2.2 contains the relevant security patch. “SoftNAS Cloud Enterprise 4.2.0 is vulnerable to an authenticated bypass that could […]

Read More

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years — Krebs on Security

Posted on March 24th, 2019 by Responsible Cyber

Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Facebook is probing a […]

Read More

How to make DuckDuckGo your default Chrome search engine

Posted on March 15th, 2019 by Responsible Cyber

by Danny Bradbury Privacy-conscious web users now have a new way to search in Chrome’s address bar. Version 73 of the browser, released Tuesday, now includes the DuckDuckGo search engine as an option. Included without fanfare, the feature enables users to search DuckDuckGo by default from the address bar, but they must set this option […]

Read More

Telegram Gained 3 Million New Users During WhatsApp, Facebook Outage

Posted on March 14th, 2019 by Responsible Cyber

WhatsApp, Facebook, and Instagram faced a widespread outage yesterday with users from around the world reporting issues with sending messages on WhatsApp and Messenger, posting feeds on Facebook and accessing other features on the three Facebook-owned platforms.While the outage was quite troubling both for the social media giant and its millions of users, guess who […]

Read More

Adobe Releases Patches for Critical Flaws in Photoshop CC and Digital Edition

Posted on March 14th, 2019 by Responsible Cyber

Adobe users would feel lighter this month, as Adobe has released patches for just two security vulnerability in its March Security Update.The company today released its monthly security updates to address two critical arbitrary code execution vulnerabilities—one in Adobe Photoshop CC and another in Adobe Digital Editions.Upon successful exploitation, both critical vulnerabilities could allow an […]

Read More

Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

Posted on February 21st, 2019 by Responsible Cyber

Beware Windows users… a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide.Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released […]

Read More