Microsoft’s Windows 10 OS has been facing multiple problems in recent months. In the latest development, Microsoft has now released an important new Windows 10 warning to 800 million users. 

The company has identified a serious and long-running bug on its OS platform. The bug is more of a problem that was inadvertently introduced through design implementations. Microsoft has admitted to quietly switching off Registry backups in Windows 10. It has been observed that Registry backups would randomly show that backup operation has been completed despite no backup file being created. 

For users and businesses, Registry Backups are critical, as they are the last line of defense. If the Windows System Restore point fails, the registry backup is the only option for users. According to Microsoft, “Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder. If you browse to the WindowsSystem32configRegBack folder in Windows Explorer, you will still see each registry hive, but each file is 0kb in size.” 

Windows 10 1803 was released in October last year. While users flagged the issue to Microsoft, the company never admitted it. The disclosure comes just two months after Microsoft pledged to offer control, quality, and transparency to Windows 10 users. 

According to Microsoft, the company has done this to reduce the overall disk footprint size of Windows. The registry backup is usually 50 to 100 MB in size. To recover the system with a corrupt registry hive, Microsoft recommends using a system restore point. You can enable the period registry backup by manually editing the registry entry. 
​
Windows will back up the registry to the RegBack folder when the computer restarts. Windows stores the task information in the Scheduled Task Library in the Registry folder.

Travelers might finally be getting a break from the ever-frustrating airport security rules. Thanks to the introduction of new carry-on baggage scanners called CT (Computed Tomography), travelers won’t have to take electronics or liquids out of their bags. The TSA announced the rollout of this new technology, which would ultimately cut down on long security lines and make the airport experience much smoother.

The new machines can create 3D images of a bag’s contents and automatically detect and scan items you are currently required to remove. This includes electronic devices like laptops and even liquids. According to Bloomberg Government, 300 of these new machines have been ordered by the TSA so far, and they will begin to appear in airports this summer. Eventually, the goal is to replace all current X-ray machines with these new CT scanners. The TSA has been testing these machines since 2017, and once airport employees become comfortable operating the new equipment, shorter security lines are expected.
​               
The list of airports that will receive the new CT machines has not yet been released, though they are currently being used at the following airports:

• Hartsfield-Jackson Atlanta International Airport (ATL)
• Baltimore-Washington International Airport (BWI)
• Chicago O’Hare International Airport (ORD)
• Cincinnati/Northern Kentucky International Airport (CVG)
• Detroit Metropolitan Wayne County Airport (DTW)
• Houston Hobby Airport (HOU)
• Indianapolis International Airport (IND)
• John F. Kennedy International Airport (JFK)
• Logan International Airport (BOS)
• Los Angeles International Airport (LAX)
• Oakland International Airport (OAK)
• Phoenix Sky Harbor International Airport (PHX)
• St. Louis Lambert International Airport (STL)
• Washington-Dulles International Airport (IAD)

 

When you’re on the road, Starbuck’s ‘third space’ idea can become compelling. You might want to get out of your hotel room for a change of atmosphere, or you might need a better cup of coffee. And you probably still need to get online with something other than your phone, and coffee shops mean Wi-Fi as much as caffeine.

If you pick the big chains, the Wi-Fi is pretty reliable. If you choose a smaller shop, the coffee is often far tastier, but the wireless can be hit and miss. A journalist writing about this problem, went into a little coffee place in Seattle to get out of the rain and catch up on some work over a weekend, his phone warned him that it could connect to the Wi-Fi but not to the internet.

He had the same problem when he connected his laptop to the coffee shop Wi-Fi. It’s not always possible to diagnose what’s wrong with a Wi-Fi connection; often the bandwidth is overloaded by the number of people connected to free Wi-Fi, or the router isn’t correctly configured to hand out IP addresses to devices. That means waiting for a few people to leave or asking the staff to restart the router.

But frequently, the problem with networks is DNS; the wi-fi router is probably using the DNS server of the ISP to which it’s connected. Switch to a public DNS service like Cloudflare’s 1.1.1.1, and you should get connected – and probably find websites a bit more responsive, too.

In Windows 10, click the network indicator in the taskbar to open the network menu and choose Change adapter options to open the Network Connections control panel with the list of network hardware you can use. Right-click on the wi-fi connection and select Properties. Click on Internet Protocol Version 4 (TCP/IPv4) and choose Properties again, then click to fill in your DNS details. Fill in 1.1.1.1 to use the Cloudflare service; you can use 1.1.1.0 for the alternative DNS server if you want Cloudflare as the fallback, or 8.8.8.8 to use Google’s DNS service.

You can do the same thing on a Mac. Choose System Preferences / Network and select your wi-fi connection, then click Advanced and choose the DNS tab. Again, fill in 1.1.1.1 to use the Cloudflare service; you can use 1.1.1.0 for the alternative DNS server if you want Cloudflare as the fallback, or 8.8.8.8 to use Google’s DNS service. 
​
On an iPad, look under Settings / Wi-Fi and tap next to the Wi-Fi network name. Scroll down and select the Configure DNS option, then tap Manual and fill in the addresses. Then you can get back to your coffee and  on with some work.

Currently, 3.9 million Americans work remotely, which marks a 115% increase from 2005. Estimates indicate that more than one-third of employees will work remotely in the next ten years. The desire for greater flexibility and work/life balance is partially responsible for this trend, in addition to an ever-increasing number of businesses that are based entirely online. With cloud and mobile technologies making it easier than ever before to communicate and collaborate regardless of location, organizations are embracing remote work as a way to cut costs and satisfy employee demand.

Despite the productivity and cost-saving benefits of remote work, the concept introduces serious cybersecurity risks that have the potential to devastate entire businesses. For example, if an employee logs on to their email via a coffee shop’s public Wi-Fi, that individual runs the risk of sending their work emails, customer information and other business data directly to hackers rather than to the Wi-Fi connection point.
Small and medium businesses (SMBs) are particularly vulnerable to remote work security risks, as they usually have fewer resources to prevent or recover from cyber-attacks proactively.

Here are five best practices that will help establish the proper level of control over cybersecurity threats.

Enforce Basic Cybersecurity Hygiene.An organization's cybersecurity is only as strong as its weakest link, and all it takes is one employee – even a well-intentioned one – to cause that chain to break. Enforce cybersecurity best practices such as using strong passwords, not sharing passwords across multiple accounts, implementing two-factor authentication (often free) and accessing sensitive files only from trusted devices and VPNs. Also, some simple and inexpensive employee cybersecurity awareness training can ensure employees are familiar with the most common and current attack schemes and educated on how to handle a situation if they think a cybersecurity incident has occurred.

Reign in 'Shadow IT.'Shadow IT refers to computer systems, applications or devices being used without explicit organizational knowledge or approval. For example, do any of your employees access their work email from their personal cell phone? Attempting to completely shut down Shadow IT isn't realistic, nor is it necessarily helpful to your business. However, it's essential to identify any apps or devices that could pose the highest risk. Clearly communicate which products or services are forbidden and explain why so your employees don't feel unjustly blocked and circumvent the rules. Also, consider putting processes into place that allow your IT team to quickly approve or disapprove new applications in which employees express interest.

Organize Back-End Technologies. Cloud-based apps can be a godsend for ensuring a seamless work environment for remote employees, and many also provide the invaluable service of backing up all of the data being generated outside an office's walls. Services such as G Suite or Microsoft Office 365, for instance, can allow employees to create, edit, organize, share and automatically back up documents, spreadsheets, presentations and more, no matter their location or device. Consider migrating some or even all of your file storage to a trusted cloud provider to optimize flexibility and more efficiently manage, secure and backup your business data.

Duplicate Storage.With its infinite scalability and relative affordability, cloud technology can be an ideal data storage resource. However, rather than relying entirely on the cloud or trusting your employees to only use secure cloud services with automatic backup capabilities, duplicate your most critical business data, so at least one copy is kept separate from cloud data centers and stored offline via encrypted backup tapes. This is an essential action to protect your business from the impact of a ransom attack, where a hacker blocks access to your systems or data until a ransom is paid.
​
Get Cyber Insurance.Cyber insurance is an important, final step for protecting your business against the dangers of employees working remotely. Considering the significant financial demands many SMBs face as a result of a security incident, look for plans that cover immediate business costs (e.g., lost revenue due to the interruption of business, ransom, regulatory or legal fines). Also, be sure to implement coverage that includes such crisis response services such as coaching and guidance on how to respond to a breach.

Networks today are subject to many threats including ransomware, cryptocurrency-miner threats, or state-sponsored hackers.

In line with other security industry pros, Microsoft has confirmed in its 24th annual security intelligence report that ransomware has taken a backseat to pesky cryptocurrency miners. 

But the company also warns that supply-chain attacks are on the rise. These are where an attacker uses a supplier or business partner to spread an infection. 

Past examples include the NotPetya not-ransomware outbreakthat caused over a billion dollars in losses for global firms and the Dofoil BitTorrent attacks. 
    
"Supply-chain attacks are insidious because they take advantage of the trust that users and IT departments place in the software they use," Microsoft warns in the report. 

"The compromised software is often signed and certified by the vendor, and may give no indication that anything is wrong, which makes it significantly more difficult to detect the infection. They can damage the relationship between supply chains and their customers, whether the latter are corporate or home users.

"By poisoning software and undermining delivery or update infrastructures, supply-chain attacks can affect the integrity and security of goods and services that organizations provide."

While attacks are changing and Windows 10 built-in security is improving, the company's advice to customers remains the same. However, there are conflicting data about the best approach to staying secure.  
Microsoft recommends only using software from trusted sources, though this 'security hygiene' measure could be undermined in a supply-chain attack. 

The company also recommends "rapidly applying the latest updates to your operating systems and applications, and immediately deploying critical security updates for OS, browsers, and email."

Deploying patches quickly is generally a good idea. However, Microsoft recently revealed that vulnerabilities in its software are most likely to be exploited as a zero-daybefore the company has even had a chance to release a patch. 

However, its other tips don't present obvious security conflicts.  

"Deploy a secure email gateway that has advanced threat protection capabilities for defending against modern phishing variants," Microsoft warns, adding that businesses should "Enable host anti-malware and network defenses to get near real-time blocking responses from the cloud (if available in your solution)." 

The other important measures organizations should take include implementing access controls, and teaching employees to be suspect of messages that ask them to divulge sensitive information. 

Microsoft also recommends keeping "destruction-resistant backups of your critical systems and data" and using cloud storage services for online backups. 
​
"For data that is on premises, regularly back up important data using the 3-2-1 rule. Keep three backups of your data, on two different storage types, and at least one backup offsite," says Microsoft.

Every month, thousands of retail websites are targeted by cybercriminals, who insert a small piece of malicious code that allows them to snatch customers’ credit card information. The hacking technique is called formjacking, and it’s the virtual equivalent of putting a device on an ATM to skim debit card numbers.
Affecting an average of 4,800 websites per month, formjacking is one of the newest favorite ways for hackers to steal personal data, according to security company Symantec’s annual Internet Security Threat Report.

Small and medium-sized businesses are still the most prominent targets of formjacking, according to Symantec, but in recent months, high profile brands including British Airways and Ticketmaster have also fallen victim to attacks. Symantec said it blocked more than 3.7 million formjacking attacks on websites in 2018, with one-third of those happening during the holiday shopping season.

“Formjacking represents a serious threat for both businesses and consumers,” Greg Clark, CEO of Symantec, said in a statement. “Consumers have no way to know if they are visiting an infected online retailer without using a comprehensive security solution, leaving their valuable personal and financial information vulnerable to potentially devastating identity theft.”

As returns diminish on older hacking techniques, formjacking has become a lucrative choice for cyber crooks, though it’s impossible to quantify the amount stolen from every formjacking attack in 2018. Symantec estimates criminals were able to steal “tens of millions of dollars” by using credit card information or selling the numbers on the dark web for around $45 each.

Meanwhile, instances of ransomware declined 20% overall for the first time since 2013, according to Symantec. One primary reason for this is the decreased value of cryptocurrency, which hackers use to demand payments.

Of course, hackers are expert shape-shifters and are always looking for new, sophisticated ways to sneak up and steal private information. Security experts recommend staying on top of threats by using antivirus software and by checking to make sure any website where you enter your credit card information has a lock icon next to the domain, indicating it’s a secure server.
​
Hackers have also been known to go old school, too, by sending targets phishing emails as a way to socially engineer them into sending personal information. But companies are increasingly on the lookout for these dangerous messages. Google even developed a phishing quizto help web users better identify potentially dangerous emails.

Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say.

Last week, researchers from Darktracesaid that the current threat landscape is full of everything from opportunistic attacks from teen hackers to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.

However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI.

Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months. Analysis of these attacks – and a little imagination – has led the team to create scenarios using AI which could one day become reality.

"We expect AI-driven malware to start mimicking behavior that is usually attributed to human operators by leveraging contextualization," said Max Heinemeyer, Director of Threat Hunting at Darktrace. "But we also anticipate the opposite; advanced human attacker groups utilizing AI-driven implants to improve their attacks and enable them to scale better."

Trickbot. The first attack relates to an employee at a law firm who fell victim to a phishing campaign leading to a Trickbot infection.

Trickbot is a financial Trojan which uses the Windows vulnerability EternalBluein order to target banks and other institutions. The malware continues to evolve and is currently equipped with injectors, obfuscation, data-stealing modules, and locking mechanisms.

In this example, Trickbot was able to infect a further 20 devices on the network, leading to a costly clean-up process. Empire Powershell modules were also uncovered which are typically used in remote, keyboard-based infiltration post-infection.

AI's Future Role.Darktrace believes that in the future, malware bolstered through artificial intelligence will be able to self-propagate and use every vulnerability on offer to compromise a network.

"Imagine a worm-style attack, like WannaCry, which, instead of relying on one form of lateral movement (e.g., the EternalBlue exploit), could understand the target environment and choose lateral movement techniques accordingly," the company says.

If chosen vulnerabilities are patched, for example, the malware could then switch to brute-force attacks, keylogging, and other techniques which have proven to be successful in the past in similar target environments.

As the AI could sit, learn, and 'decide' on an attack technique, no traditional command-and-control (C2) servers would be necessary.

AI's Future Role.It is possible that AI could be used to further adapt to its environment. In the same manner, as before, contextualization can be used to blend in, but AI could also be used to mimic trusted system elements, improving stealth.

"Instead of guessing during which times normal business operations are conducted, it will learn it," the report suggests. "Rather than guessing if an environment is using mostly Windows machines or Linux machines, or if Twitter or Instagram would be a better channel, it will be able to gain an understanding of what communication is dominant in the target's network and blend in with it."

Take It Slow. In the final example, Darktrace uncovered malware from a medical technology company. What made the findings special was that data was being stolen at such a slow pace and in tiny packages that it avoided triggering data volume thresholds in security tools.

Multiple connections were made to an external IP address, but each connection contained less than 1MB. Despite the small packets, it did not take long before over 15GB of information was stolen.

By fading into the background of daily network activity, the attackers behind the data breach were able to steal patient names, addresses, and medical histories.

AI's Future Role. AI could not only provide a conduit for incredibly fast attacks but also "low and slow" assaults. It can also be used as a tool to learn what data transfer rates would flag suspicion to security solutions.

Instead of relying on a hard-coded threshold, for example, AI-driven malware would be able to dynamically adapt data theft rates and times to exfiltrate information without detection.
​
"Defensive cyber AI is the only chance to prepare for the next paradigm shift in the threat landscape when AI-driven malware becomes a reality," the company added. "Once the genie is out of the bottle, it cannot be put back in again."

You may have recently gotten a message from your bank that, yes, you should read and act upon.
The message being sent by many banks involves a small, but crucial change affecting check deposits made using bank mobile apps on smartphones and other devices.

Depositors must now include the phrase “For Mobile Deposit Only” underneath their signature on all checks deposited using mobile apps. Some banks are also suggesting you add "For Mobile Deposit Only at (Bank Name)" or "For (BANK NAME) Mobile Deposit Only."

This new endorsement requirement, instituted by the Federal Reserve, officially went into effect July 1. It applies to all mobile deposits at all financial institutions, such as PNC Bank, Capital Oneand Legend Bankin Texas.

Without the inclusion of the new phrase, banks say the check may be returned with the notification that your “deposit was rejected due to restrictive endorsement."

The change is meant to protect banks from fraud, which can occur when a check is accidentally, or intentionally, presented at a bank after it already has been deposited via mobile. 

"It’s not like there was rampant fraud, but it was just an area they wanted to tighten up," said Michael Diamond, senior vice president of payments at Mitek Systems, which has digital transaction technology used by more than 6,100 banks.

"This is the banks taking care of themselves," Diamond said. "The channel is very, very, very safe, and the growth is great. More and more people are using it." 
​
Case in point: Bank of America CEO Brian Moynihan said last month that during the April to June period, more customers deposited checks using the bank’s mobile app than in person at bank branches. Overall, 76% of all deposits come through ATMs and mobile deposits, he said.

Google might have just made itself the most significant example of how security keyscan work better than other forms of multi-factor authentication. According to Krebs on Security,ever since Google required over 85,000 of its employees to use physical security keys instead of one-time codes in 2017, it hasn't had a single case of account takeover from phishing. "We have had no reported or confirmed account takeovers since implementing security keys at Google," a company spokesperson said. "Users might be asked to authenticate using their security key for many different apps/reasons. It all depends on the sensitivity of the app and the risk of the user at that point in time."

Security keys like the one made by Yubikey give you a way to log into a website by merely plugging it in and pressing a button. You don't even need to type in your password anymore, much less generate a one-time code. While the method has its weakness, considering it relies on a physical item you can lose, it's considered safer than two-factor authentication, especially the type that sends you codes via SMS. Hackers could intercept messages sent to your device, after all, and gain entry to your account that way.
​
Unfortunately, Universal 2nd Factor (U2F) – that's what you call the type of multi-factor authentication that uses physical keys – support is pretty limited at the moment. You can already depend on it for protection on Chrome, but you'd have to manually activate it on Firefox by going to "about:config" first. Microsoft won't be rolling out U2F compatibility for Edgeuntil later this year, and Apple has yet to reveal whether Safari will ever support the standard. Further, only a few websites and services can use it, including Facebook and password managers such as Keepass and LastPass. It remains to be seen if Google's positive experience with the standard can help it become more widespread, but it's the kind of meaningful testimonial that could give it a massive boost.

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Tokenization, which seeks to minimize the amount of data a business needs to keep on hand, has become a popular way for small and mid-sized businesses to bolster the security of credit card and e-commerce transactions while minimizing the cost and complexity of compliance with industry standards and government regulations.

Payment card industry (PCI) standardsdo not allow credit card numbers to be stored on a retailer's point-of-sale terminal or in its databases after a transaction. To be PCI compliant, merchants must install expensive end-to-end encryption systems or outsource their payment processing to a service provider who provides a "tokenization option." The service provider handles the issuance of the token value and bears the responsibility for keeping the cardholder data locked down. 

In such a scenario, the service provider issues the merchant a driver for the POS system that converts credit card numbers into randomly-generated values or tokens. Since the token is not a primary account number, it can't be used outside the context of a specific unique transaction with that particular merchant. In a credit card transaction, for example, the token typically contains only the last four digits of the actual card number. The rest of the token consists of alphanumeric characters that represent cardholder information and data specific to the transaction underway. 
​
Tokenization makes it more difficult for hackers to gain access to cardholder data, as compared with older systems in which credit card numbers were stored directly in databases and exchanged freely over networks. Tokenization technology can, in theory, be used with sensitive data of all kinds including bank transactions, medical records, criminal records, vehicle driver information, loan applications, stock trading and voter registration.