Featured Post

Best antivirus in 2020: Free antivirus and paid software - Tom's Guide UK

Image
Best antivirus in 2020: Free antivirus and paid software - Tom's Guide UKBest antivirus in 2020: Free antivirus and paid software - Tom's Guide UKPosted: 02 Jul 2020 06:59 AM PDTEvery Windows PC needs to be running one of the best antivirus programs, even if that program happens to be one of the best free antivirus programs.  The Windows Defender antivirus software built into Windows 10 is very good, but while it certainly holds its own against other free rivals, it still can't quite match the features or protection of the best paid antivirus offerings.Best Antivirus: Top 7 Paid antivirus suites offer you a plethora of features that often go far beyond basic malware protection. You can get dedicated defenses against ransomware and webcam hijacking, extra functions such as file shredding or system optimization, and even features that compete with stand-alone services like password managers, cloud-backup solutions or identity-theft protection.Antivirus makers normal…

iOS users beware: Myth of Apple security invulnerability is just that - The Star Online

iOS users beware: Myth of Apple security invulnerability is just that - The Star Online


iOS users beware: Myth of Apple security invulnerability is just that - The Star Online

Posted: 10 Apr 2020 08:02 PM PDT

Windows computers are prone to viruses, while iOS is a safe haven: Apple users like to believe their operating systems are virus-proof. But MacBooks and iPhones also come with weaknesses – and the myth of their invulnerability is perhaps the biggest danger.

The common belief is that while Windows users have to deal with viruses, worms, and Trojans, Mac and iPhone users don't have to worry because Apple's devices are invulnerable to security threats.

In fact it's not really true anymore because there's been a rapid increase in the amount of malware targeting Apple in recent years.

The security of the macOS and iOS operating systems has always been based on a simple principle: the systems are closed and Apple specifies which hardware and software can be used with them.

Microsoft Windows and Android, Google's operating system for mobile devices, on the other hand, follow an open approach. That means that anyone can configure those systems themselves or develop and distribute software for them.

This approach means more freedom but also more risk. Windows and Android keep the gates a little bit open, which can mean that threats sometimes get in, while Apple users are protected behind high walls, at least in theory.

In reality those walls have gaps too. In 2017 a serious security vulnerability was discovered in the High Sierra version of macOS that made it easy for anyone to gain admin access, even if they didn't have programming knowledge or special software.

As well as the security of a closed system, Mac users in the past could rely on another advantage: cybercriminals focused on Windows.

"Macs have always also been vulnerable, but Windows was the easier and bigger target," says Kai Schwirzke from Mac & i magazine.

Because Windows computers were so much more common than Macs, that platform offered criminals a lot more potential victims.

However, with Macs now having an increased market share they've become a more attractive cyber-crime target.

"We have found that targeted attacks against macOS are increasingly being carried out," Schwirzke says.

In its 2019 annual report, the US anti-malware manufacturer Malwarebytes identified an increase in threats to Mac systems of more than 400% compared to the previous year.

According to the security experts, the integrated security systems of macOS are particularly blind to adware.

Adware not only displays advertisements and often transmits user data, but can also serve as a gateway for attacks.

Downloading apps only from Apple's App Store is also no cast-iron guarantee of security.

"With the millions of lines of code in the apps that have to be checked by the App Store, it is impossible to rule out the possibility of malicious code slipping through unnoticed," Schwirzke says.

He recommends that you pay close attention to the permissions you grant an iPhone app. For example, a recipes app doesn't need access to your phone's address book or microphone.

Possibly the biggest danger is the Apple myth itself. In the belief that macOS and iOS are invulnerable, Apple users are often careless.

"The same applies to Apple as to other manufacturers: The biggest weak point is people," warns Internet security specialist David Bothe.

Phishing emails in particular pose a risk and are now being tailored specifically for Apple users.

In 2019 Germany's Federal Office for Information Security warned of an email that pretended to come from Apple Support. A blackmail trojan was hidden in a link inside the message.

Bothe advises Apple users to maintain a healthy dose of scepticism.

"Emails with calls for action should always be critically examined. Do not click on links if you're not one hundred per cent sure," he says. In addition, you shouldn't open email attachments from strangers. – dpa

Zoom Security: Here’s What Zoom Is Doing To Make Its Service Safer - Forbes

Posted: 10 Apr 2020 05:48 AM PDT

The COVID-19 crisis has given video conferencing app Zoom a huge surge in users, but it's also highlighted multiple security and privacy issues. Amid reports of Zoom bombers and videos of chats available online, the firm is now feeling the harsh repercussions of that rapid growth. 

This week, schools in New York City were banned from using Zoom for remote teaching, while Google no longer allows employees to use the app on their work-sanctioned laptops.

It's led to rivals trying to cash in on Zoom's misfortunes, with Microsoft promoting the secure credentials of its Teams video calling, and Google publishing a blog pushing its Google Meet video conferencing service. 

It is no surprise that people are worried about Zoom's security, but I have to say the company's response has so far been impressive. It's not trying to hide security issues–fixing problems for Mac and Windows users very quickly. 

Zoom founder and CEO Eric Yuan has apologized to users, and the firm is now aiming to make the service more secure by default. In other words, users don't have to try as hard because the security and privacy are built in from the start.

Here are some of the key changes Zoom is making:

More Zoom meeting controls for hosts including a new option called "Security" 

Announced on April 8, a recent Zoom change is an option called "Security" that will allow hosts to quickly respond to issues such as Zoom bombing by locking the meeting or removing participants. It will also restrict those taking part in the meeting from sharing their screens or renaming themselves. 

The aim of the security icon, which replaces the invite button in the meeting controls, is to make sure everything security related is in one place rather than scatted across the service. Here's a quick video by Zoom demoing how it works:

At the same time, the Waiting Room function is now on by default. This means hosts have to manually let their guests into the meeting, helping prevent Zoom bombers from suddenly breaking in.

Another important security update will see passwords turned on by default to ensure that all users properly secure their meetings. 

MORE FROM FORBESUse Zoom? Here Are 7 Essential Steps You Can Take To Secure It

Meeting IDs will no longer be displayed

As the world took to Zoom during the COVID-19 crisis, many people proudly displayed their meetings or chats with friends via social media. But sadly, not everyone obscured their Meeting ID–even the U.K. prime minister Boris Johnson's Cabinet. It's a major risk to display your Meeting ID, because it can allow uninvited guests to crash the chat. 

For this reason, Zoom will no longer display the Meeting ID on the title toolbar. Instead, the title of all meetings will read "Zoom", so you can go ahead and post your screen online if you so wish. Just crop the image to avoid showing any other icons on your PC, such as your browser, which could be used by hackers as information to help target you. 

Zoom takes on former Facebook CSO Alex Stamos as a security consultant 

In a very smart move, Zoom has hired former Facebook CSO Alex Stamos as an outside consultant. 

It came after he posted a series of tweets discussing Zoom's security challenges and detailing how the firm could respond. In a blog, Stamos described how he received a phone call from Zoom's founder and CEO Eric Yuan, who asked him to help build up the firm's security and privacy. 

No new features to allow Zoom to focus on security, CISO council and bug bounty

Zoom announced just over a week ago that it would freeze all new features immediately to focus on security after it increased its users from 10 million to 200 million in just a few months. During COVID-19, this has been a common practice by software providers already, with Google and Microsoft holding back on Chrome and Edge browser features to focus on security. 

In addition, Zoom is launching a "CISO council" to help it overcome security and privacy problems, while it will penetration test its platform and enhance its bug bounty program. 

After weeks of security issues, does Zoom deserve a chance?

There's no doubt Zoom is making multiple moves to try and make its service more secure. Is it too late? Perhaps for some, but I think Zoom also deserves another chance. It's not as secure as it needs to be yet, so for now I'd advise people to avoid using it for very sensitive meetings such as discussions with your therapist. 

MORE FROM FORBESZoom Alternatives: 5 Options For People Who Care About Security And Privacy

But for other uses, such as exercise classes, I'd feel more comfortable that the service is secure. Zoom's trying to be better, and that's a lot more than some other companies are doing. 

Following Mac flaw patches, Zoom fixes ‘malware-like’ macOS installer in latest update - 9to5Mac

Posted: 02 Apr 2020 11:26 AM PDT

After writing an apology note earlier today, fixing two serious Mac flaws, and detailing a plan to improve its security, privacy, and transparency moving forward, Zoom has also fixed its "malware-like" installer with the latest macOS update.

In the last week, we've seen a number of security and privacy issues with the popular Zoom video call service. Those included it quietly sending data to Facebook, misleading advertising about call encryption, two Mac flaws that could give hackers webcam, mic, and root access, and what was described as a "malware like" macOS installer.

Felix Seele, who uncovered the installer issue called Zoom's practice an abuse of preinstallation scripts as it loaded the software on a Mac without a user clicking install.

Today he's happy to report (via The Verge) that after 48 hours, Zoom has fixed the issues. He even noted that he was "impressed" with Zoom's new implementation and that they did it the right way.

"They completely removed the preinstall stuff, so you now need to click through the installer as it ought to be," explains Seele in a message to The Verge. The fake prompt has also been removed so users have to specifically click through and install Zoom. "I must say that I am impressed," says Seele. "I expected them to maybe change the dialog, but since the 'zero-click' aspect was so important to them, I thought they would stick with the preinstall-trick."

Zoom certainly has responded quickly and appropriately with security and privacy fixes. Do the recent patches and update along with the company's apology and 90-day action plan restore your trust in the service? Share your thoughts in the comments below!

As for the company's recent growth, it jumped 20x from 10 million daily users to 200 million last month. As noted by The Verge:

Zoom will now spend the next three months fixing all these problems as it struggles to avoid becoming a victim of its own success. Zoom also revealed earlier today that it had 10 million daily meeting participants in December, and that figure has now grown to 200 million during the ongoing pandemic.

FTC: We use income earning auto affiliate links. More.

Dock Wave USB C Qi charger

Check out 9to5Mac on YouTube for more Apple news:

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US