Karanbir Singh (a program manager at Microsoft) is on a mission: Kill the password. As he said in a recent blog post: "Nobody likes passwords. They are inconvenient, insecure, and expensive. In fact, we dislike them so much that we've been busy at work trying to create a world without them--a world without passwords." The company's stated goal is to make it possible that an end user will never have to bother with passwords on a day to day basis and would instead provide credentials … Read more
Having Chrome Issues Since The Latest Windows 10 Update?
Microsoft has been having some "issues" of late. It's April Windows 10 rollout had to be delayed on account of some mysterious BSOD ("Blue Screen of Death") issues. This month's rollout is plagued by similar problems, trading the BSOD issues for problems with both "Hey Cortana" and Google's Chrome browser. The problem is that when you try to navigate the web using Chrome with the latest Windows 10 update, the entire system will inexplicably hang. The company is hoping to have a fix ready … Read more
Windows 10 Gets iTunes App For Apple Users
Apple promised that its iTunes app would be available on the Microsoft Store by the end of 2017. The announcement was greeted with enthusiasm, but unfortunately, the company didn't meet their own deadline. They cited the need for more time to build a more robust user experience for Windows users. The wait is finally over, and its big news, because some Windows 10 machines can only download apps, and prior to this, iTunes was offered as a standalone download only. The app is fairly … Read more
Hackers Can Use PDF Files To Access Windows Credentials
Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
Most “Wannacry” Hacks Were On Windows 7 Machines
Last year's Wannacry attack was bad, but in many ways, it was a self-inflicted wound. According Webroot's recently published "Annual Threat Report," almost all of the machines that succumbed to the Wannacry attack were running Windows 7. That attack is estimated to have caused in excess of $4 billion in total losses. The central problem is that businesses have been much slower than individuals to make the shift from Windows 7 to the much more secure Windows 10. For example, in January … Read more
Another Google Service Is Going Away
If you are a fan of, and regularly use Goo.gl (the URL shortener service), brace for impact. The company has announced that as of March 30, 2019, the service will be shut down for good. Long before then, beginning April 18th of this year, only existing users will be able to shorten links via goo.gl. No new signups will be allowed. The company had this to say about the recent announcement: "The URL Shortener has been a great tool that we've been proud to have built. As we look towards … Read more
Remote Desktop Flaw Affects Every Windows Version
Researchers at Preempt Security recently discovered a critical flaw in Microsoft's Credential Security Support Provider protocol (CredSSP for short) that impacts every version of Windows in existence. It could allow a hacker to remotely exploit Windows Remote Desktop to execute malicious code and steal any data stored on the machine. The flaw, logged as CVE-2018-0886 would allow a hacker to execute a man in the middle attack, (provided that they had Wi-Fi or physical access to the machine) … Read more
Massive Malware Attack Stemmed From Bittorent App
According to a Microsoft security researcher, a massive malware attack attempted to install a cryptocurrency mining software on more than 400,000 computers in less than twelve hours. The failed campaign is noteworthy because of the attack vector used. It was a supply chain attack implemented by compromising Bittorrent, a highly popular program used to share and download files. Until recently, security professionals discounted the very possibility of supply chain attacks, regarding them as … Read more
Windows Media Player May Be Replaced By Microsoft App
A Reddit user named "Noam_ha" recently posted a screenshot displaying a popup message when users open the venerable Windows Media Player (WMP), asking users if they would instead like to open the video file with the company's more modern Movies and TV app. The popup message touts the Movie and TV app's advantages, which includes better battery life if running on a phone or laptop, better compatibility with more modern video formats, a mini-view, and support for 360-degree video on Augmented … Read more
Microsoft To Help Intel With Security Issues
By now, you've almost certainly heard of the "Spectre" and "Meltdown" security flaws that affect every Intel chip produced in the last decade. Users have been waiting for a fix for both of these since January, when the issues were first discovered. From the beginning, Microsoft agreed to include the fix for Spectre in its regular software updates but insisted that Intel and PC manufacturers would have to push the Meltdown fix on their own. Unfortunately, the overwhelming majority of users … Read more
