security

More than 700 million email addresses and passwords have been leaked online. While many are bogus, enough appear to be genuine that security experts have advised users to change their email passwords. The collection of account details does not ... appear to have been used for identity theft or other fraud. Instead, the collection has been marketed as a way to send spam messages. The idea is that spammers can login to the compromised accounts in order to send their unsolicited emails. This effectively flies under the spam radar, as most spam comes from IP addresses without any reputation. In this ... (view more)

According to Facebook's head of security Alex Stamos, the security industry needs to do more to solve problems that affect ordinary people in their everyday lives. He says researchers are often too obsessed with technical detail because they lack ... empathy. Stamos spoke at Black Hat, a conference that brings together security professionals, researchers, self-described hackers and those with an interest in the topic. (Source: bbc.co.uk ) He said the security community had proven justified in many of its warnings about flaws in systems and networks, but that it hadn't done enough to find ... (view more)

Apple is working on facial recognition as an iPhone security measure. It's said to be have it ready for this year's iPhone 8, but may wait until the feature has been fully tested and complete. The idea is to replace fingerprint scanning for ... unlocking the phone. It's not yet confirmed if and when the facial recognition would be extended to other uses, such as using Apple Pay rather than have to type in card details or a PIN code. According to a Bloomberg source, the face unlock takes less than half a second to scan a face, confirm its identity and unlock the phone. The feature ... (view more)

Microsoft has issued three updates to fix flaws in older, unsupported versions of Windows. It's an unusual move that follows the discovery that both the National Security Agency (NSA) and outside hackers are exploiting the flaws , similar to the one ... that allowed the WannaCry Ransomware worm to spread just a few weeks ago. The updates cover both Windows and Windows Server editions going right back to XP . They'll be issued through the usual automated updates, which means people on Windows 8.1 and later shouldn't need to do anything. Those on earlier systems may need to manually ... (view more)

Infopackets Reader Howard N. writes: " Dear Dennis, In regard to the WannaCry Internet worm which can infect all Windows PCs that have not yet been patched using Windows Updates - how can I make sure that my Windows Update is operating properly, and ... that I am receiving my updates automatically? I enjoy your newsletter - please keep it up and have a nice day! " My response: Generally speaking: you should be able to go to the "Windows Update" service within Windows, and it should tell you when updates were last received. If you haven't received any updates for a while - or if you have your ... (view more)

Two biometric security measures have come into question after reporters and researchers claimed to have overcome them. A phone's iris recognition and a bank's voice log-in both appear to be less than perfectly secure. The Samsung Galaxy S8 - ... arguably the most high-profile and hyped phone currently running the Android system - includes an option to unlock the phone by simply looking at the camera. In a similar way to fingerprint recognition, it works on the idea that the patterns in the eye's iris are unique. Samsung described these patterns as "virtually impossible to ... (view more)

Beginning Friday, May 12, 2017, reports surfaced of a new Internet worm capable of infecting Windows machines instantaneously. The worm has been dubbed "WCRY" or "WannaCry" because of its malicious intent to install ransomware on the target machine. ... The Internet worm was made possible because of a leaked NSA (national security agency) document which essentially explained how to carry out the exploit. In this case, the malicious software locks computers such that their files are encrypted and cannot be accessed unless the victim pays a ransom (and the culprits then stand by ... (view more)

Microsoft has suffered a hugely embarrassing security flaw that takes advantage of a bug in Windows' built-in security software. But, security experts have praised its extremely rapid response. The bug, spotted by Google's Tavis Ormandy, was in ... Microsoft's own malware protection tools (including Windows Defender), which is built directly into Windows. Such tools have been so successful that for many users, third-party security tools are no longer necessary. The problem was specifically with a tool known as MsMpEng, (short for Microsoft Malware Protection Engine) that is enabled by ... (view more)

Microsoft says it's patched most of the recently revealed security flaws said to have been used by the National Security Agency (NSA) for spying. But the incident is a reminder not to rely on unsupported editions of Windows such as Windows XP and ... Vista. Windows Vista officially reached its end of extended support April 11, 2017 . A group calling itself "Shadow Brokers" is trying to auction what it says is a set of tools that the NSA were using for surveillance by taking advantage of security failings in widely used software. While that's a bold claim - particularly as it means ... (view more)

Infopackets Reader 'Rebecca' writes: " Dear Dennis, I recently purchased a tablet with Windows 10 and I have Windows Defender running. My question is whether I need to install any other protection to stop people (hackers) from being able to steal my ... bank details, etc. My dad was recently a victim of this but I don't know how to protect myself. How can I keep my PC secure in 2017? Thank you in advance! " My response: I have been asked this question no less than 100 times in the last 16 years I've been writing articles online - but the truth of the matter is that the answer changes slightly as ... (view more)