Consultant urges never pay ransomware demands

When ransomware criminals lock up files and demand payment to decrypt them, don’t pay, was the advice a consultant gave to a group at SecureWorld.When there’s no risk of losing crucial data, that’s easy to say, and to make is possible requires planning, says Michael Corby, executive consultant for CGI.“Plan to have data available in a form that won’t be affected by ransomware – encrypted and stored separately from the production network,” he says. “You need a clean copy of the data in a restorable form. Test that the backups work.”Restore and recover are the key words, and they should be done keeping in mind that the malware has to be removed before recovering.To read this article in full or to leave a comment, please click here

FedEx offering $5 and all you have to do is, gulp, reinstall or reactivate Flash

From time to time – very infrequently, to be more precise – I will ignore my better judgment and reenable Flash in Chrome so that I can watch a particularly enticing cat video or whatever.I would do this more often, however, if more companies followed the lead of FedEx and offered me $5 just for doing so. Really, look: FedEx OK, it’s $5 off a purchase of $30 or more, but still seems like a good deal … unless you forget to deactivate Flash when you’re done.To read this article in full or to leave a comment, please click here

Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the U.S. Central Intelligence Agency were patched years ago, according to Apple.WikiLeaks released a new set of files Thursday that supposedly came from the CIA. They contain details about the agency’s alleged malware and attack capabilities against iPhones and Mac computers.The documents, dated 2012 and earlier, describe several “implants” that the CIA can install in the low-level extensible firmware interface (EFI) of Mac laptop and desktop computers. These EFI rootkits allow the agency's macOS spying malware to persist even after the OS is reinstalled.To read this article in full or to leave a comment, please click here

Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the U.S. Central Intelligence Agency were patched years ago, according to Apple.WikiLeaks released a new set of files Thursday that supposedly came from the CIA. They contain details about the agency’s alleged malware and attack capabilities against iPhones and Mac computers.The documents, dated 2012 and earlier, describe several “implants” that the CIA can install in the low-level extensible firmware interface (EFI) of Mac laptop and desktop computers. These EFI rootkits allow the agency's macOS spying malware to persist even after the OS is reinstalled.To read this article in full or to leave a comment, please click here

IDG Contributor Network: 7 best practices for securing your cloud service

As enterprises move their applications and data to the cloud, executives increasingly face the task of balancing the benefits of productivity gains against significant concerns about compliance and security.Security in the cloud is not the same as security in the corporate data center. Different rules and thinking apply when securing an infrastructure over which one has no real physical control.+ Also on Network World: The tricky, personal politics of cloud security + When leveraging cloud services, enterprises need to evaluate several key factors, including:To read this article in full or to leave a comment, please click here

IDG Contributor Network: 7 best practices for securing your cloud service

As enterprises move their applications and data to the cloud, executives increasingly face the task of balancing the benefits of productivity gains against significant concerns about compliance and security.Security in the cloud is not the same as security in the corporate data center. Different rules and thinking apply when securing an infrastructure over which one has no real physical control.+ Also on Network World: The tricky, personal politics of cloud security + When leveraging cloud services, enterprises need to evaluate several key factors, including:To read this article in full or to leave a comment, please click here

Microsoft delays tools for third-party Cortana integrations

Microsoft has delayed the release of its tools for connecting other services to the Cortana virtual assistant, a decision that could cause it to lose ground in a crowded industry.The tech titan announced the Cortana Skills Kit in December of last year, saying at the time that it would be released to the public in February. As Microsoft watcher Brad Sams noted on Twitter, Microsoft missed that deadline, and the Skills Kit remains locked in a private beta with a select group of partners. Microsoft didn’t offer an explanation for the delay, saying in a statement that the kit will be coming soon.To read this article in full or to leave a comment, please click here

Google Play faces cat and mouse game with sneaky Android malware

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store -- where software is vetted – is perhaps the best advice.  But that doesn’t mean Google Play is perfect.Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up with sneaky ways to infiltrate the platform, despite the vetting processes that protect it."Eventually, every wall can be breached," said Daniel Padon, a researcher at mobile security provider Check Point.To be sure, most Android users will probably never encounter malware on the Google Play store. Last year, the amount of malicious software that reached the platform amounted to only 0.16 percent of all apps, according to a new report from Google.To read this article in full or to leave a comment, please click here

Google Play faces cat and mouse game with sneaky Android malware

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store -- where software is vetted – is perhaps the best advice.  But that doesn’t mean Google Play is perfect.Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up with sneaky ways to infiltrate the platform, despite the vetting processes that protect it."Eventually, every wall can be breached," said Daniel Padon, a researcher at mobile security provider Check Point.To be sure, most Android users will probably never encounter malware on the Google Play store. Last year, the amount of malicious software that reached the platform amounted to only 0.16 percent of all apps, according to a new report from Google.To read this article in full or to leave a comment, please click here

Bringing the school to kids: The importance of Internet in times of conflict

Internet access is critical to support the enjoyment of Human Rights. The most commonly referenced example is freedom of expression, but its potential goes far beyond that. Day after day, it’s demonstrating its ability to support access to all sorts of opportunities – not least to support education for all children facing emergencies and crises, another fundamental Human Right. This is what’s been discussed this week at the Mobile Learning Week.

Constance Bommelaer de Leusse

How to set up two-factor authentication for your Apple ID and iCloud account

If you aren’t using two-factor authentication to protect your Apple ID and iCloud account, you really should do it today. Hackers who claim to have millions of stolen iCloud credentials are demanding Apple pay a ransom or they’ll release them—and ZDNet obtained a sample set of credentials and determined they’re real.But guess what? Using two-factor authentication should protect you completely. It’s easy to set up, so take a minute and do it now.To read this article in full or to leave a comment, please click here

How to set up two-factor authentication for your Apple ID and iCloud account

If you aren’t using two-factor authentication to protect your Apple ID and iCloud account, you really should do it today. Hackers who claim to have millions of stolen iCloud credentials are demanding Apple pay a ransom or they’ll release them—and ZDNet obtained a sample set of credentials and determined they’re real.But guess what? Using two-factor authentication should protect you completely. It’s easy to set up, so take a minute and do it now.To read this article in full or to leave a comment, please click here

To punish Symantec, Google may distrust a third of the web’s SSL certificates

Google is considering a harsh punishment for repeated incidents in which Symantec or its certificate resellers improperly issued SSL certificates. A proposed plan is to force the company to replace all of its customers’ certificates and to stop recognizing the extended validation (EV) status of those that have it.According to a Netcraft survey from 2015, Symantec is responsible for about one in every three SSL certificates used on the web, making it the largest commercial certificate issuer in the world. As a result of acquisitions over the years the company now controls the root certificates of several formerly standalone certificate authorities including VeriSign, GeoTrust, Thawte and RapidSSL.To read this article in full or to leave a comment, please click here

1 2,151 2,152 2,153 2,154 2,155 3,793