20 Worst Passwords of 2017
Nearly identical to last year’s list. Some people never learn. If you are using any of these passwords, please change them now!
Build your online security skills for free with this practical course from Heimdal Security.
Remember how Microsoft said that DDEAUTO was a “feature”, not a vulnerability? Well, it just changed its mind – for Word, at least. See our previous post.
Is Apple slowing down old iPhones? It’s a question that comes up again and again because iPhone batteries aren’t easy to replace, and a new report from a popular benchmarking app suggests the answer is yes.
Apple has quietly been suppressing the CPU speed of older iPhones to stop their batteries randomly shutting off
12/21/2017 10:45 AM EST Original release date: December 21, 2017
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified Trojan malware variants—referred to as BANKSHOT—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
US-CERT encourages users and administrators to review Malware Analysis Report (MAR) 10135536-B and the US-CERT page on HIDDEN COBRA – North Korean Malicious Cyber Activity for more information.
If you’re a US householder, a humongous trove of your personal data was available on an easily-accessible file. And no, this is not Equifax, this is another stupid marketing company.
Intel chips have a security hole
Everybody and their uncle has written about this issue, so I won’t be. This is an enormous and serious issue that can only be fixed by replacing nearly every Intel CPU in every device that has been deployed in the last 5-10 years. Software patches that will partially remediate the issue are available. Install them now. For more detailed information see the following articles posted elsewhere.
- TA18-004A: Meltdown and Spectre Side-Channel Vulnerability Guidance
- Meltdown and Spectre Side-Channel Vulnerabilities
- The Meltdown and Spectre CPU Bugs, Explained
- Naked Security – Intel Chip Flaws
- MS-ISAC CYBERSECURITY ADVISORY – Critical Patches Issued for Microsoft Products, January 03, 2018 – PATCH: NOW
- TechRepublic – Intel Chips Have Critical Design Flaw