A lot of password rules are there simply “because we’ve always done it that way.” NIST aims to fix that, and here’s how.
Source: NIST’s new password rules – what you need to know – Naked Security
Articles for August 2016
How to remove pesky malware from your PC with Windows Defender Offline – TechRepublic
Some malware is really good at hiding itself. You can thwart those malicious plans by running Windows Defender in offline mode.
Source: How to remove pesky malware from your PC with Windows Defender Offline – TechRepublic
How Bitcoin helped fuel an explosion in ransomware attacks | ZDNet
Secure payment system Bitcoin has many legitimate uses, but like other technologies, it’s also been beneficial to cybercriminals seeking new ways to extort money.
Source: How Bitcoin helped fuel an explosion in ransomware attacks | ZDNet
Warning — Bitcoin Users Could Be Targeted by State-Sponsored Hackers
Another day, another bad news for Bitcoin users.
A leading Bitcoin information site is warning users that an upcoming version of the Blockchain consolidation software and Bitcoin wallets could most likely be targeted by “state-sponsored attackers.”
Recently, one of the world’s most popular cryptocurrency exchanges, Bitfinex, suffered a major hack that resulted in a loss of around $72 Million worth of Bitcoins.
Unauthorized, mislabeled Microsoft support tool leaks; could cause more trouble than it cures | ZDNet
Several mainstream tech sites this week published details of a purported new Microsoft support tool designed to fix problems with the Windows 10 Anniversary Update. After some digging, I can report that it is no such thing. My advice: Stay far away from this “Windows Self Healing Tool.”
Someone is Spying on Researchers Behind VeraCrypt Security Audit
After TrueCrypt mysteriously discontinued itself, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, and privacy conscious people.
Due to the huge popularity of VeraCrypt, security researchers from the OSTIF (The Open Source Technology Improvement Fund) announced at the beginning of this month that it had agreed to audit VeraCrypt independently.
Using funds donated by DuckDuckGo and VikingVPN, the OSTIC hired vulnerability researchers from QuarksLab to lead the audit, which would look for zero-day vulnerabilities and other security holes in VeraCrypt’s code.
Source: Someone is Spying on Researchers Behind VeraCrypt Security Audit
Respect: Windows 10 security impresses hackers | PCWorld
Windows is a popular attack target for criminals and security researchers alike, but Microsoft has done a good job of making it harder to exploit security flaws in the OS.
Source: Respect: Windows 10 security impresses hackers | PCWorld
A hacker’s best friend is a nice employee
A social engineering contest at the recently concluded Black Hat hackers conference showed the liabilities of helpful staffers.
Source: A hacker’s best friend is a nice employee
“Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
After digging into Windows 10 and discovering a rather interesting method for bypassing user account control, I decided to spend a little more time investigating other potential techniques for gett…
Source: “Fileless” UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
Windows 10 Anniversary Update freezing: Microsoft offers temporary fix | ZDNet
Microsoft confirms that some Windows 10 devices are freezing after installing the Anniversary Update and suggests ways around the issue while it investigates.
Source: Windows 10 Anniversary Update freezing: Microsoft offers temporary fix | ZDNet