by CIRT Team
Windows 10 closes in on Microsoft’s 1 billion device goal [source: theverge]
Windows 10 is now running on 800 million devices worldwide, Microsoft has announced. The figure includes not only traditional laptop and desktop PCs, but also hybrids like the Surface Pro, consoles like the Xbox One X, and any phones that are still running the end-of-life Windows 10 Mobile, which will finally stop receiving security updates at the end of this year. 800 million means Windows 10 is comfortably the most...
Read More
by CIRT Team
Owning the Smart Home with Logitech Harmony Hub [source: medium]
Logitech’s Harmony hub is a popular smart home device which enables communication with and control of all network connected devices in your house. It has an install base of millions of users across the globe and supports 270,000 devices from 6,000 brands. Tenable recently released critical, undisclosed vulnerabilities that allow an attacker remote root access without user interaction. The hub is a favorite among enthusiasts for its scripting...
Read More
by CIRT Team
The web just took a big step toward a password-free future [source: theverge]
Today, the World Wide Web Consortium (W3C) approved WebAuthn, a new authentication standard that aims to replace the password as a way of securing your online accounts. First announced last year, WebAuthn (which stands for Web Authentication) is already supported by most browsers, including Chrome, Firefox, Edge, and Safari. Its publication as an official web standard should pave the way for wider adoption by individual websites. At its core, WebAuthn is...
Read More
by CIRT Team
New Google Chrome Zero-Day Vulnerability Found [source: thehackernews]
You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, assigned as CVE-2019-5786, affects the web browsing software for all major operating systems...
Read More
by CIRT Team
Serious code-execution vulnerability in WinRAR [source: 360totalsecurity]
A security vulnerability was discovered recently in WinRAR, affecting over 500 millions of users worldwide. Due to the flaw residing in UNACEV2.dll code base that WinRAR uses to extract files from archives packed with the ACE format, hackers can not only bypass the access control to gain high system privileges, but also implant malicious files into the system to infect and control users’ computers. It...
Read More
by CIRT Team
Windows 10 Update – Performance Fix for Spectre Bug[bleepingcomputer]
Microsoft has released the Windows 10 KB4482887 cumulative update for build 1809 that includes numerous fixes including Retpoline Spectre mitigation, a fix for an annoying Action Center bug, and numerous other bug fixes. This update is available to all Windows 10 October 2018 Update (build 1809) users and can be installed through Windows Update. To install the update, simply go into Settings -> Update & Security -> Windows Update and then check for new updates. We...
Read More
by CIRT Team
40% of malicious URLs were found on good domains [source: helpnetsecurity]
While tried-and-true attack methods are still going strong, new threats emerge daily, and new vectors are being tested by cybercriminals, according to the 2019 Webroot Threat Report. 40 percent of malicious URLs were found on good domains. Legitimate websites are frequently compromised to host malicious content. To protect users, cybersecurity solutions need URL-level visibility or, when unavailable, domain-level metrics, that accurately represent the dangers. Home user devices are...
Read More
by CIRT Team
THE UGLY TRUTH ABOUT HOW FACEBOOK USES YOUR PRIVATE DATA [source: thevpn.guru]
We are living in an age of social media boom where fake news, driven by social media managers filled with hubris, dominates our timelines. When talking about social networking sites, the one name that pops up first is Facebook – the platform that changed how the world stays connected and a massive purveyor of fake news. Moreover, it is hard to find too many people who are...
Read More
by CIRT Team
The AI Talent Gap: Locating Global Data Science Centers [source: gigaom]
Good AI talent is hard to find. The talent pool for anyone with deep expertise in modern artificial intelligence techniques is terribly thin. More and more companies are committing to data and artificial intelligence as their differentiator. The early adopters will quickly find difficulties in determining which data science expertise meets their needs. And the AI talent? If you are not Google, Facebook, Netflix, Amazon, or Apple,...
Read More
by CIRT Team
Password Managers Can Be Vulnerable to Malware Attacks [source: pcmag]
Password managers are a useful way to keeping your internet accounts safe. But the software that runs them isn’t always perfect. According to new research, four popular password managers for Windows 10 can actually leak your login credentials to the PC’s memory. That’s bad news in the event your computer has been secretly taken over by malware; a hacker could potentially snatch up the sensitive data when the password...
Read More
