Thursday, November 18, 2021

Security Smörgåsbord, vol. 13 no. 8

Here's a roundup of interesting Internet Security news.

Costco discloses credit card skimmer breach.   A "skimmer" is a device that criminals install on ATMs and Point-Of-Sale terminals to steal your credit card numbers (or worse, your Debit Card number and PIN).  I've been posting about them for years (that has a good link to how to spot one in the wild).  Well, Costco spotted some of them at their stores in Chicago.  Let's be safe out there.

The link I talk about in the paragraph above points to security journalist Brian Krebs.  Krebs has a new post up explaining how the FBI's email system got hacked.  It's pretty interesting stuff.

If you use Microsoft's Edge browser, DO NOT turn on the "synch" feature.  It synchs all sorts of data that you may not want it to - like bookmarks - and all sorts of data that you really, really do not want it to - like passwords, credit card numbers, and even passport numbers.  Yikes.  Not cool, Microsoft.

Windows XP still makes up between 3% and 5% of all Windows versions in the wild.  This is interesting, but XP has been out of support for years and you can't get security updates for it.  Interestingly, Vista is about the same amount (at least you can pay for security updates there, but you're stuck on Vista).  If you are running XP, I have recommended for years that you upgrade to Linux.  It's free, and will run on your existing hardware.

9 comments:

juvat said...

Looks like the sync feature is enabled when installed. Just reading the description would have caused me to disable it, and since I didn't know the feature existed until you told me and it was on....Double "Not Cool", Microsoft.

Thanks for the heads up.

Aaron C. de Bruyn said...

Meh. I still have healthcare clients with 1/4 of their machines (~100) running Windows 7. No urgency to upgrade. They just purchase "a few machines" per month. At our current rate, Windows 7 won't disappear from their networks until the end of 2024. All your patient data was breached? No worries, we have insurance that covers credit monitoring for you for a few years. HIPAA fines? Eh. Hopefully we'll be gone and it'll be someone else's problem. After all, investing is sorta like gambling, right?

Cederq said...

I still have the old disk of XP and wish I was still using it. It did everything for me that I needed. I am using Win 7 pro and yes it is okay, but not going to upgrade that until the last picosecond. It amazes me why they won't update older version of Win. Planned obsolescence at it's finest. I truly do not need the fastest, hippest, glitziest software. I would even be willing to pay a nominal fee to keep XP or even Win 7 up and running and safe like Vista.

ASM826 said...

Most of the ATMs are still running XP.

Old NFO said...

Thanks for the update!

Jonathan H said...

Yes they are, but most also run White Lists and are a stripped down version.

Feral Ferret said...

Moved to Linux Mint when XP stopped being supported. Does 98% of what I want. For the other 2% I have a partition setup with Windows 7 and a dual boot menu. I use the Windows boot just long enough to run the program I need (mainly portable GPS unit updates and software for programming one of my radios). Then I shut down and reboot back into Linux. Bleep Bill Gates.

Richard said...

Having the FBI in charge of cybersecurity does not inspire confidence. Too busy terrorizing parents, etc to secure their own systems.

Rick C said...

"It amazes me why they won't update older version of Win."

Nobody wants to maintain 4 versions of software, that's why.