Archive

Archive for February 12, 2019

Exposure of Bullying ‘Boys Club’ Brings #MeToo to French Media by REUTERS

February 12, 2019 Leave a comment


By REUTERS

A secret “boys club” of journalists in France has been accused of harassing women writers and feminists during a near-decade long campaign of online bullying.

Published: February 11, 2019 at 06:00PM

from NYT Technology https://nyti.ms/2I7vJPd
via IFTTT

Categories: Internet Tags: ,

T-Mobile-Sprint Deal Gets New Scrutiny From the Left by CECILIA KANG

February 12, 2019 Leave a comment


By CECILIA KANG

Democratic lawmakers, empowered by their new House majority, have amplified their criticism of the deal, and two hearings are set this week.

Published: February 11, 2019 at 06:00PM

from NYT Technology https://nyti.ms/2SHoce5
via IFTTT

Categories: Internet Tags: ,

Girls Get Tech. They Just Need Others to Believe It. by MAYA SALAM

February 12, 2019 Leave a comment


By MAYA SALAM

New research explores how access to technology helps put girls on par with boys.

Published: February 11, 2019 at 06:00PM

from NYT Technology https://nyti.ms/2tkoitB
via IFTTT

Categories: Internet Tags: ,

Patch Tuesday, February 2019 Edition

February 12, 2019 Leave a comment

Microsoft on Tuesday issued a bevy of patches to correct at least 70 distinct security vulnerabilities in Windows and software designed to interact with various flavors of the operating system. This month’s patch batch tackles some notable threats to enterprises — including multiple flaws that were publicly disclosed prior to Patch Tuesday. It also bundles fixes to quash threats relevant to end users, including critical updates for Adobe Flash Player and Microsoft Office, as well as a zero-day bug in Internet Explorer.

Some 20 of the flaws addressed in February’s update bundle are weaknesses labeled “critical,” meaning Microsoft believes that attackers or malware could exploit them to fully compromise systems through little or no help from users — save from convincing a user to visit a malicious or hacked Web site.

Microsoft patched a bug in Internet Exploder Explorer (CVE-2019-0676) discovered by Google that attackers already are using to target vulnerable systems. This flaw could allow malware or miscreants to check for the presence of specific files on the target’s hard drive.

Another critical vulnerability that impacts both end users and enterprises is a weakness in the Windows component responsible for assigning Internet addresses to host computers (a.k.a. “Windows DHCP client”). That flaw, CVE-2019-0626, could let an attacker execute malcode of his choice just by sending the target a specially crafted DHCP request.

At the top of the list of patch concerns mainly for companies is a publicly disclosed issue with Microsoft Exchange services (CVE-2019-0686) that could allow an attacker on the same network as the target to access the inbox of other users. Microsoft said it has not seen active exploitation of this bug yet, but considers it likely to be exploited soon.

Security experts are fond of saying “patch now!” when it comes to Windows bugs, but in general it can’t hurt for regular users to wait a day or two after Microsoft releases monthly security updates before installing the fixes. That’s because occasionally buggy patches can cause serious headaches for users who install them before all the kinks are worked out.

Just don’t put off the task too long. And bear in mind it’s a good idea to get in the habit of backing up your data before installing Windows updates, to hedge against the odd case in which a wonky patch ends up rendering your system unusable until you can work out how to reverse the changes.

Windows 10 likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn’t make it easy for Windows 10 users to change this setting, but it is possible. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

Microsoft also included fixes to address a single vulnerability in Adobe Flash Player. Microsoft and Adobe disagree on the severity of this flaw, according to security firm Qualys. Adobe labels it an “important” bug, while Microsoft tags it with a far more severe “critical” label. Regardless, Flash flaws are favorite targets of attackers. If you brows the Web with IE or Edge, this month’s patch batch from Microsoft has you covered.

Fortunately, the most popular Web browser by a long shot — Google Chrome — auto-updates Flash but also is now making users explicitly enable Flash every time they want to use it (Microsoft also bundles Flash with IE/Edge and updates it whenever Windows systems install monthly updates). By the summer of 2019 Google will make Chrome users go into their settings to enable it every time they want to run it.

Firefox also forces users with the Flash add-on installed to click in order to play Flash content; instructions for disabling or removing Flash from Firefox are here. Adobe will stop supporting Flash at the end of 2020.

Adobe also released updates for Adobe Acrobat and Reader that plug at least 70 security holes in these applications, so if you have either installed please be sure to update those.

As always, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

from Krebs on Security http://bit.ly/2WXPtrU
via IFTTT

‘Kara Versus Jack’ Proves That Twitter Needs an Edit Button

February 12, 2019 Leave a comment

Tuesday’s big event, in which Twitter CEO Jack Dorsey answered questions from journalist Kara Swisher, was peppered with typos that muddied the message.

from Gear Latest http://bit.ly/2GnckrF
via IFTTT

Categories: Internet Tags: ,

[local] Ubuntu snapd < 2.37.1 – Local Privilege Escalation

February 12, 2019 Leave a comment

Ubuntu snapd < 2.37.1 – Local Privilege Escalation

from Exploit-DB.com RSS Feed http://bit.ly/2WWarHv
via IFTTT

Up to 100,000 Reported Affected in Landmark White Data Breach

February 12, 2019 Leave a comment

Australian property valuation firm Landmark White exposed files containing personal data and property valuation details.

from Dark Reading: https://ubm.io/2tjmVva
via IFTTT