VALENTINA PALLADINO is reporting in Ars Technica that Apple removed several anti-malware apps from its Mac App Store after the apps were found to export users’ browser histories. All of the apps in question are made by the cyber-security company Trend Micro, which initially denied the allegations but has since issued an apology to its users.
https://arstechnica.com/gadgets/2018/09/apple-takes-down-trend-micro-mac-apps-that-collected-stored-user-data/
Bruce Schneier has an interesting article on the new WPA3 standard.
“The first big new feature in WPA3 is protection against offline, password-guessing attacks. This is where an attacker captures data from your Wi-Fi stream, brings it back to a private computer, and guesses passwords over and over again until they find a match. With WPA3, attackers are only supposed to be able to make a single guess against that offline data before it becomes useless; they’ll instead have to interact with the live Wi-Fi device every time they want to make a guess. (And that’s harder since they need to be physically present, and devices can be set up to protect against repeat guesses.)”
https://www.schneier.com/blog/archives/2018/07/wpa3.html
RICHARD NIEVA is reporting in CNET:
Google responded Tuesday to a backlash surrounding Gmail, after it was reported that employees at third-party apps could read people’s emails.
“To be absolutely clear: no one at Google reads your Gmail.”
https://www.cnet.com/news/google-explains-gmail-privacy-after-controversy/#ftag=CAD590a51e
Bob Violino reports in Information Management:
“Cyber security company Radware has released its 2018 Executive Application and Network Security Report, and for the first time in the survey’s five-year history a majority of executives reported paying a hacker’s ransom following a cyber attack.”
“Merrill Research surveyed 232 executives worldwide on behalf of Radware, and 69 percent said their company faced a ransom attack in the past year, compared with only 14 percent in 2016. Of those, 53 percent paid the ransom.”
“Two-thirds of executives (66 percent) reported a lack of confidence in their network security, admitting that their networks are penetrable by hackers.”
https://www.information-management.com/news/majority-of-firms-hit-by-ransomware-attacks-now-paying-up
Eduard Kovacs is reporting in SecurityWeek:
“VMware informed customers last week that it patched several vulnerabilities that can lead to a denial-of-service (DoS) condition or information disclosure in its ESXi, Workstation, and Fusion products.”
https://www.securityweek.com/vulnerabilities-patched-vmware-esxi-workstation-fusion
