General Cyber News via Ars Technica Risk Assessment

Meet Helm, the startup taking on Gmail with a server that runs in your home

Fee-based service couples the security of a private server with the reliability of the cloud.
Publish Date: 10/17/2018
read more -->

Apple, Google, Microsoft, and Mozilla come together to end TLS 1.0

Almost everyone has now migrated to TLS 1.2, and a few have moved to TLS 1.3.
Publish Date: 10/16/2018
read more -->

Already facing an uphill misinformation fight, Facebook loses to scammers, too

Facebook's focus on misinformation is leaving an opening for another type of scam.
Publish Date: 10/16/2018
read more -->

Apple to Congress: Chinese spy-chip story is “simply wrong”

"Our internal investigations directly contradict every consequential assertion."
Publish Date: 10/8/2018
read more -->

Bloomberg: Super Micro motherboards used by Apple, Amazon contained Chinese spy chips

Super Micro, Amazon, and Apple deny everything in the report.
Publish Date: 10/4/2018
read more -->

Google taking new steps to prevent malicious Chrome extensions

Company plans stricter rules for developers and greater control for users.
Publish Date: 10/2/2018
read more -->

Google backtracks—a bit—on controversial Chrome sign-in feature

Privacy-conscious users were unhappy at being signed in to browser without consent.
Publish Date: 9/27/2018
read more -->

Microsoft offers completely passwordless authentication for online apps

Phone-based authentication is the way forward instead.
Publish Date: 9/24/2018
read more -->

New modification of the old cold boot attack leaves most systems vulnerable

The defenses put in place to thwart the 2008 attack turn out to be very weak.
Publish Date: 9/13/2018
read more -->

Georgia says switching back to all-paper voting is logistically impossible

In Curling v. Kemp, both sides are set to duke it out in court on Wednesday.
Publish Date: 9/12/2018
read more -->

Windows 10 support extended again: September releases now get 30 months

And Microsoft is offering enterprises dedicated app compatibility support.
Publish Date: 9/6/2018
read more -->

Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.
Publish Date: 9/5/2018
read more -->

Microsoft obliquely acknowledges Windows 0-day bug published on Twitter

Flaw allows a local user to obtain System privileges.
Publish Date: 8/29/2018
read more -->

The adventures of lab ED011—“Nobody would be able to duplicate what happened there”

One Romanian campus computer lab both pentested the world and eventually helped protect it.
Publish Date: 8/27/2018
read more -->

Chrome 69 will take the next step to killing Flash, roll out new design

Flash will have to be enabled every time a site tries to use it.
Publish Date: 8/21/2018
read more -->

Intel’s SGX blown wide open by, you guessed it, a speculative execution attack

Speculative execution attacks truly are the gift that keeps on giving.
Publish Date: 8/14/2018
read more -->

Windows 10 to get disposable sandboxes for dodgy apps

Apps will be run in a virtual machine that's discarded after use.
Publish Date: 8/9/2018
read more -->

Heads-up: 2FA provider Duo Security to be acquired by Cisco (ugh)

Both companies insist nothing will change, but this former Cisco customer has doubts.
Publish Date: 8/2/2018
read more -->

New Spectre attack enables secrets to be leaked over a network

It's no longer necessary to run attacker code on the victim system.
Publish Date: 7/26/2018
read more -->

Microsoft offers extended support for Windows, SQL 2008—but with a catch

An extra three years of patches are being offered to in-cloud users.
Publish Date: 7/12/2018
read more -->