Proactive Computing | Optimizing IT for usability, performance and reliability since 1997

Category: #Cybersecurity (Page 1 of 15)

Microsoft accounts no longer need a password

99dd6e40-1577-11ec-bf34-0a23ad1dfe57

Microsoft says everyone can remove the password from their Microsoft account and use other methods to sign in starting today. The company rolled out the option to enterprise users earlier this year.

Rather than having to remember a password or using a password manager, you’ll be able to use the Microsoft Authenticator app, Windows Hello, a security key or SMS or emailed codes. You’ll be able to sign in to services such as Outlook, OneDrive, Microsoft Family Safety, and even Xbox Series X/S without a password. Microsoft is rolling out the option to everyone over the next few weeks as it gears up for the launch of Windows 11 on October 5th

Once you have installed the Authenticator app and linked it to your account, you can switch off your password. Go to your Microsoft account settings, then Advanced Security Options and Additional Security. From there, you can switch your account to a passwordless one. Then, follow the prompts and approve a notification on the Authenticator app to seal the deal.

You can re-activate your password at any time, but other login methods may be far more convenient and secure. Not only are passwords a cybersecurity minefield, they’re time-consuming to enter and, at best, annoying to deal with.

It’d be welcome to see other services ditch passwords if they can offer users alternative, secure methods of logging in. Until then, turn on two-factor authentication wherever possible, and get a password manager and use unique passwords for all of your accounts.

Source: https://www.engadget.com/microsoft-account-password-authenticator-130021174.html?src=rss
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Kris Holt

Biden’s cybersecurity summit shows interdependence of government and industry

1629937698129.jpg

After assembling a team of tough-minded regulators to take on big technology companies, the Biden administration on Wednesday called on many of those same companies to work with the federal government to address a growing wave of cyberattacks.

Driving the news: A White House summit between President Biden and tech leaders Wednesday, including the CEOs of Apple, Google, Amazon, Microsoft and IBM, concluded with a raft of announcements of new cybersecurity projects and spending plans.


  • Microsoft said it would spend an additional $20 billion over five years on “security by design” and offer $150 million in technical services to federal, state and local governments.
  • Google plans to spend $10 billion over five years on zero-trust programs and other measures to bolster software supply chains and open-source security.
  • Amazon said it would offer the public free access to the same “security awareness training” it provides its employees.
  • IBM said it would train 150,000 people in cybersecurity skills over three years and partner with 20 historically Black colleges and universities to create cybersecurity leadership centers.
  • Apple said it was starting a new program to enhance supply chain security.

Why it matters: Defending the U.S. against cyberattacks and cybercrime is too big a problem for either government or industry to solve on their own.

Yes, but: It’s an awkward moment for the White House to be trying to partner with tech companies that the executive branch is also pursuing with antitrust lawsuits and investigations.

Of note: Facebook was the one tech giant without a seat at the White House table Wednesday.

  • The company is fresh off a confrontation with the Biden administration over the spread of COVID-19 misinformation on its platform.
  • But Facebook is also the primary online touchpoint for tens of millions of Americans in their personal lives, and any broad cybersecurity project might benefit from the company’s participation.

Between the lines: Some observers saw the White House meeting as a signal from Washington to the industry that it needed to take strong voluntary action or face a new wave of regulatory or legislative mandates.

  • Many in industry believe that baked-in government rules could hamstring companies trying to adapt to a rapidly changing cybersecurity environment.
  • But others view some additional regulation as inevitable.
  • IBM CEO Arvind Krishna told Axios Today he supports new cybersecurity disclosure requirements for private companies. “Disclosures will go a long way because once it’s transparent, everyone will improve,” he said.

Our thought bubble: This needn’t be an either/or scenario. Rules can help set minimum security standards, while direct action against cyberattacks will likely need both the industry’s technical prowess and the government’s international reach and offensive capabilities.

The summit also covered ways to protect supply chains and critical infrastructure, cyber insurance for businesses, and a pressing shortage of workers in the sector, where “nearly half a million public and private cybersecurity jobs remain unfilled,” according to a White House statement.

The bottom line: The most successful cyber defense plans are the ones you don’t hear much about, because the attacks and disasters they foil never become news. That’s why it will take a while before we know whether this week’s announcements have any impact — and the less news you see, the more you can assume they’re working.

Source: https://www.axios.com/cybersecurity-summit-biden-government-industry-e8185e32-0346-40e5-af4f-6cd79f93cbb9.html
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Scott Rosenberg

How to Enable Two-factor Authentication in Fortnite and All Epic Games

2fa-in-fortnite-featured-image.jpg Two-factor authentication (2FA) in Fortnite may raise a lot of questions. You may even be wondering what 2FA is or how you would go about setting it up. If you’re asking yourself these types of questions, you’re not alone. You’ll learn here what two-factor authentication is and how to enable 2FA in Fortnite, as well as all other Epic Games. What Is Two-Factor Authentication (2FA)? 2FA stands for two-factor authentication. It refers to an additional method to verify your identity when you log in to a web service. First, your… Read more14699518.gif

Source: https://tracking.feedpress.com/link/12555/14699518/enable-2fa-fortnite-epic-games
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Christopher Harper

A Complete Guide to Not Getting Hacked

dc07161d07fda46b61d1e9afd243cc30.jpg

As safe as you might feel sitting at your laptop, happily typing and posting and scrolling, we all know the truth: the internet is actually a giant hellscape full of spies, criminals, ransomware, and all kinds of other dangerous shit.

Read more…

Source: https://gizmodo.com/a-complete-guide-to-not-getting-hacked-1847400695
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Lucas Ropek

T-Mobile confirms data breach affects over 47 million people

f6504e10-0a0e-11eb-bffe-84d3e0cb9010

As part of its ongoing data breach investigation, T-Mobile has confirmed the enormity of the stolen information. Roughly 47.8 million current and former or prospective customers have been affected by the cyberattack on its systems, the carrier confirmed on Wednesday. Of that number, about 7.8 million are current T-Mobile postpaid accounts and the rest are prior or potential users who had applied for credit, the company added in a press release

Worryingly, the data includes some personal information including the first and last names, date of birth, SSN, and driver’s license/ID information for a “subset of customers.” So far, T-Mobile said it does not have any indication that the stolen files contain phone numbers, account numbers, passwords or financial information.

What’s more, the company said about 850,000 active T-Mobile prepaid customers also had their names, phone numbers and account PINs exposed. The affected users do not include Metro by T-Mobile, former Sprint prepaid, or Boost users and T-Mobile said it has reset the PINs on these accounts. In addition, it claimed that “some additional information” from inactive prepaid accounts was accessed through prepaid billing files.

The findings from the carrier’s preliminary analysis come just days after it was notified of a data breach. Initially, it was reported that a member of an underground forum claimed to have obtained the data for over 100 million T-Mobile customers. The culprit was reportedly selling information of about 30 million T-Mobile customers for about $270,000 in Bitcoin. 

As part of its compensation and mitigation efforts, T-Mobile is offering affected customers two years of McAfee’s ID Theft Protection Service; recommending all postpaid users change their PIN; and setting up an online resource page. T-Mobile said that it began coordination with law enforcement on Tuesday as its investigation into the data breach — the third such attack it has suffered in the past two years — continues.

Source: https://www.engadget.com/t-mobile-data-breach-affected-people-103104868.html?src=rss
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Saqib Shah

What Is a VPN Kill Switch, and Do You Need One?

emergency-stop-switch.jpg?width=600&heig
Shopping for a VPN provider can be tricky, so narrowing down your must-have features can help. One of the most important features for anyone concerned about browsing privacy is a VPN kill switch.

Read This Article on How-To Geek ›

Source: https://www.howtogeek.com/732972/what-is-a-vpn-kill-switch-and-do-you-need-one/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Tim Brookes

Microsoft Recommends Users Disable Print Spooler to Avoid Exploit

Microsoft-Print-Server-Featured.jpg With the number of exploits springing up around Windows 10, it’s no wonder Microsoft is issuing an update with Windows 11 later this year. Recent exploits have been print-related. Microsoft is now recommending that users disable the Windows Print Spooler after the third exploit in five weeks was discovered. Discovery of Most-Recent Print-Related Exploit Jacob Barnes, a Dragos security firm vulnerability researcher, discovered the most recent print-related exploit. This flaw concerns a vulnerability in the Windows Print Server. An executive summary of a talk Barnes will be giving on print driver vulnerabilities explains, “What can… Read more14625699.gif

Source: https://tracking.feedpress.com/link/12555/14625699/microsoft-recommends-disable-print-spooler
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Laura Tucker

Now there’s a new Windows Print Spooler vulnerability: Here’s what to do

Microsoft is warning Windows users of yet another Print Spooler vulnerability, again threatening the potential for hackers to take control of your PC, install apps, and steal or delete data. It’s the third such vulnerability impacting the Windows Print Spooler service, after two high-profile PrintNightmare bugs which left the software giant floundering to figure out a fix. Those previous fixes … Continue reading

Source: https://www.slashgear.com/now-theres-a-new-windows-print-spooler-vulnerability-heres-what-to-do-16682741/
Proactive Computing found this story and shared it with you.
The Article Was Written/Published By: Chris Davies

« Older posts