Preparing Security For Windows 7 End-Of-Life Support

Moving to Microsoft’s latest OS may give you flashbacks to when XP support ended. Last month, Microsoft announced it will end support for Windows 7 in 2020, giving customers three years to upgrade their systems to Windows 10. In the short term, computers running Windows 7 will still work, and Microsoft will still share security…

Google Discloses Unpatched Windows GDI Vulnerability

An unpatched vulnerability affecting the Windows Graphics Device Interface (Windows GDI) was publicly disclosed last week after Microsoft failed to address it within 90 days after being notified. The issue was disclosed by Mateusz Jurczyk, an engineer with Google’s Project Zero team, who initially discovered it along with other bugs in the user-mode Windows GDI…

Bug Allowed Theft of Over $400,000 in Zcoins

An implementation bug has allowed someone to make a profit of more than $400,000 after creating roughly 370,000 units of the Zcoin cryptocurrency, users were told on Friday. Zcoin (XZC), worth approximately $2 per unit, is an implementation of the Zerocoin protocol, which aims to provide fully anonymous currency transactions. Zerocoin has also been used…

Trojan Downloader Masquerades as Defunct Flash Player for Android

A recently observed malware downloader targeting Android users is masquerading as an update for Adobe Flash Player, ESET researchers warn. Although the Flash Player for Android was discontinued nearly half a decade ago, cybercriminals are still abusing it to trick unsuspecting users into downloading and installing their malicious programs. As always, the attackers rely on…

Facebook manifesto redacted to omit plans for AI to monitor private messages

An earlier version of Mark Zuckerberg’s 6,000-word manifesto for Facebook revealed his belief that artificial intelligence could one day be used to monitor private messages for terrorists scheming an attack. The text eventually published by Zuckerberg on Thursday did detail how Facebook is using AI today to flag terrorist propaganda in public posts. However, as…

RSA 2017: what are you trying to solve?

This year at the RSA Security Conference some 40,000 people packed the halls of the Moscone center in search of solutions (and light up swords) to solve their problems. Whatever the issue, they were looking for a salve to sooth their wounds in a manner of speaking. For all of the vendors hawking their wares there…

Explained: Bayesian spam filtering

Bayesian spam filtering is based on Bayes rule, a statistical theorem that gives you the probability of an event. In Bayesian filtering it is used to give you the probability that a certain email is spam. Named after the statistician Rev. Thomas Bayes who provided an equation that basically allows new information to update the…

High Severity Flaw Patched in OpenSSL 1.1.0

A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e. The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.