Microsoft says older Windows versions will face greatest performance hits after Meltdown, Spectre patches

Microsoft has confirmed that users of older versions of Windows should expect to “notice a decrease in system performance” after they apply system patches to protect against the Meltdown and Spectre processor bugs. The bugs, which affect mostly Intel processors but also some ARM and AMD chips, expose the majority of the world’s computers and phones to […]

Endpoint security as a service will grow in 2018

In the past endpoint security translated to antivirus, so organizations purchased software from a leading vendor, installed the software on their PCs, and then tasked the IT operations staff with the day-to-day care and feeding of AV. Consequently, few organizations considered managed security services for endpoint security. This situation changed quite a bit over the […]

Microsoft hits the brakes, stops rolling out Meltdown/Spectre patches for AMD devices

Since Microsoft released the Meltdown and Spectre patches, complaints have been pouring in from people who have AMD computers that crashed to a Blue Screen of Death (BSOD) after the patches were installed. This morning, Microsoft temporarily suspended the rollout of those security patches for computers that have AMD CPUs. “Microsoft has reports of customers with some AMD devices […]

With WPA3, Wi-Fi security is about to get a lot tougher

The Wi-Fi Alliance, an industry body made up of device makers including Apple, Microsoft, and Qualcomm, announced Monday its next-generation wireless network security standard, WPA3. The standard will replace WPA2, a near-two decades-old security protocol that’s built in to protect almost every wireless device today — including phones, laptops, and the Internet of Things. One […]

Vulnerability Management: The Most Important Security Issue the CISO Doesn’t Own

The number of attacks like the recent one against Equifax have risen dramatically in the last few years, resulting in the exposure of hundreds of millions of private records. Almost without exception there has been some fundamental flaw related to configuration or patching of systems. This trend will continue without systems designed to automatically identify, patch, […]

The Nightmare Before Christmas: Security Flaws Inside our Computers

Towards the middle of last year, some researchers at the University of Graz published a paper in which they proposed a new mitigation called KAISER for a software vulnerability associated with something called ASLR. ASLR – Address Space Layout Randomization – is a widely-used technique for ensuring that malware can’t easily find out where critical […]

How the Meltdown and Spectre security holes fixes will affect you

You can’t get away from Meltdown and Spectre. These chip bugs will make your life miserable. Everything you run — and I mean everything — PCs, Macs, iPhones, tablets, cloud computing, and servers — use vulnerable CPUs. Apple, Linux developers, and Microsoft have all released patches. And all of them will slow down at least some of your programs. […]

Four misconceptions around compensating controls

As the New Year celebrations come to a close, the deadline to become compliant with the EU’s new consumer protection regulation GDPR is creeping closer. With this new law coming into effect in late May, businesses around the world are running out of time to prepare or else risk facing reputation and financial ruin. The best preparation will […]

Password managers grow up, target business users

Password managers began as free or low-cost apps for consumers, tracking passwords and sign-ins to websites and applications, making it possible for users to create and manage long, hard-to-guess and unique passwords for all their accounts. Most work by encrypting the password lists with a single master password that only the user knows, so that […]

Building a program for GDPR compliance: Can you answer these key questions?

The clock is ticking and the General Data Protection Regulation (GDPR) will start to be enforced in May. Now is a critical time for organizations to plan, budget and make any remaining changes needed to meet its guidelines. Failure to comply with GDPR standards will result in hefty non-compliance fines, and even U.S. organizations could be affected. Remember: GDPR guidelines […]