|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Hackers are using two-factor authentication to infect you
PUBLIC DEFENDER
By Brian Livingston
We’ve all seen those are-you-human tests that websites use to screen out data-scraping bots — e.g., click all the cars, enter the code we texted you, etc. — but, unfortunately, malicious hackers are now exploiting our trust in these common dialog boxes to trick us into installing malware on our PCs.
It’s natural for us to simply click through whatever process a particular website may use for two-factor authentication (2FA). But hackers are taking advantage of that sense of familiarity to bypass our usual security measures and infect our machines.
Read the full story in our Plus Newsletter (22.15.0, 2025-04-14).
-
You clicked on that phish?
ON SECURITY
By Susan Bradley
It happens. You fell for it. You clicked on something you shouldn’t have. You followed a link. You entered your password on a site that wasn’t legitimate.
In these instances, you didn’t suffer an intrusion to your computer. Instead, your login credentials were impacted. What should you do?
First, don’t panic. In the case of many attacks these days, your operating system is still intact — not impacted in any way. The once standard reaction “I got hacked, so I’ll restore my computer from a clean backup or reinstall from scratch” probably isn’t necessary. In fact, it may be irrelevant to your response.
Read the full story in our Plus Newsletter (21.46.0, 2024-11-11).
-
Dealing with regulated security
ON SECURITY
By Susan Bradley
Being in charge of the technology and security at my office means providing the best security that does not interfere with our people’s ability to do their jobs effectively.
Sometimes that can be difficult because of the regulations that control my line of work, most of which come from taxing authorities. I’ll be US-centric in my comments here, knowing little about regulations in other countries. But I’ll bet most are similar. So hopefully, my suggestions will help you choose better security while accommodating the realities of your business, the systems you use, and the online resources you require.
Read the full story in our Plus Newsletter (21.35.0, 2024-08-26).
-
Setting up MFA properly
ISSUE 21.21 • 2024-05-20 MICROSOFT 365
By Peter Deegan
Is that multifactor authentication setup complete and truly ready to handle any situation?
Two-factor (2FA) or multifactor (MFA) authentication is just the start of securing your important accounts.
All too often, I hear from people who’ve set up extra login verification and can’t get it working. It might have been configured in such a way that access is allowed when your phone is lost or stolen, SMS (text messaging) isn’t working correctly, or the authentication app is broken.
Read the full story in our Plus Newsletter (21.21.0, 2024-05-20).
This story also appears in our public Newsletter. -
Can you identify the scam?
ON SECURITY
By Susan Bradley
This is scam season at my office.
Every day, there is an unwanted email that comes though our email-filtering system and into our inboxes. And every day, the scams get a little bit better. But often, being aware of scams isn’t just about watching out for email lures but also text messages, posts on social media, or even phone calls.
How can you avoid getting trapped by these scams?
Read the full story in our Plus Newsletter (21.05.0, 2024-01-29).
-
Easiest way to make it easy for attackers
We are really bad at picking passwords. Truly we are. I’ve also seen that many folks use the same passwords in many web sites. So attackers only have to get a data dump from one hacked database and then they can try to reuse these passwords in other places.
Do yourself a big favor: Over the holiday season see if you can 1. pick better passwords (passphrases) and 2. see if the site allows you to add two factor authentication.
-
Living in a time of digital obsolescence
ON SECURITY
By Susan Bradley
Recently the U.S. Federal Bureau of Investigation released a document warning about unpatched Windows 7 machines.
That alert reinforced what we already know: using an unpatched copy of Win7 is risky. According to the FBI, cybercriminals are targeting network infrastructures containing Win7 systems. And the document pointed out past problems with obsolete operating systems. For example, after Windows XP’s end of life, the healthcare industry was slow to upgrade to a supported version, leading to increased exposure of “records.”
Read the full story in AskWoody Plus Newsletter 17.31.0 (2020-08-10).
-
Conference showcases a tsunami of security products
SECURITY
By Michael Lasky
If you needed proof that Web security has become a major industry, you need only to have walked the acres of booths at the RSA Conference 2020.
More than 36,000 attendees, 704 speakers, and 658 exhibitors gathered at San Francisco’s Moscone Center this past February to explore the “Human Element” in cyber security. The conference included hundreds of keynotes, track sessions, tutorials, seminars, and special events. Protecting the Internet has become a veritable military-industrial complex.
Read the full story in AskWoody Plus Newsletter 17.11.0 (2020-03-16).
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
How to enable Extended Security Maintenance on Ubuntu 20.04 LTS before it dies
by 4 hours, 3 minutes ago
-
Windows 11 Insider Preview build 26200.5562 released to DEV
by 8 hours, 2 minutes ago
-
Windows 11 Insider Preview build 26120.3872 (24H2) released to BETA
by 8 hours, 3 minutes ago
-
Unable to eject external hard drives
by 7 hours, 40 minutes ago
-
Saying goodbye to not-so-great technology
by 1 hour, 21 minutes ago
-
Tech I don’t miss, and some I do
by 8 hours, 8 minutes ago
-
Synology limits hard drives
by 1 day, 12 hours ago
-
Links from Microsoft 365 and from WhatsApp not working
by 14 hours, 41 minutes ago
-
WhatsApp Security Advisories CVE-2025-30401
by 1 day, 18 hours ago
-
Upgrade Sequence
by 1 day, 11 hours ago
-
Chrome extensions with 6 million installs have hidden tracking code
by 1 day, 11 hours ago
-
Uninstall “New Outlook” before installing 2024 Home & Business?
by 10 hours, 28 minutes ago
-
The incredible shrinking desktop icons
by 2 days, 15 hours ago
-
Windows 11 Insider Preview Build 22635.520 (23H2) released to BETA
by 2 days, 16 hours ago
-
Connecting hard drive on USB 3.2 freezes File Explorer & Disk Management
by 1 day, 12 hours ago
-
Shellbag Analyser & Cleaner Update
by 1 day, 2 hours ago
-
CISA warns of increased breach risks following Oracle Cloud leak
by 3 days, 2 hours ago
-
Outlook 2024 two sent from email addresses
by 2 days, 6 hours ago
-
Speeding up 11’s search
by 14 hours, 31 minutes ago
-
HP Pavilion Will Not Wake Up After Being Idle for Longer Period
by 1 day, 2 hours ago
-
Make a Windows 11 Local Account Passwordless
by 3 days, 16 hours ago
-
Ubuntu 25.04 (Plucky Puffin)
by 3 days, 23 hours ago
-
24H2 fixed??
by 2 days, 16 hours ago
-
Uninstalr Updates
by 4 days, 4 hours ago
-
Apple zero days for April
by 1 hour, 34 minutes ago
-
CVE program gets last-minute funding from CISA – and maybe a new home
by 3 days, 2 hours ago
-
Whistleblower describes DOGE IT dept rumpus at America’s labor watchdog
by 5 days, 3 hours ago
-
Seeing BSOD’s on 24H2?
by 4 days, 10 hours ago
-
TUT For Private Llama LLM, Local Installation and Isolated from the Internet.
by 4 days, 18 hours ago
-
Upgrade from Windows 10 to 11
by 5 days, 12 hours ago
Remembering Woody
