Running Windows users with ‘standard’ rather than ‘administrator’ rights would have removed over 90 percent of the risk posed by critical vulnerabilities reported in Microsoft products last year, an analysis by privilege management firm Avecto has found.
The firm first looked at 333 vulnerabilities reported by Microsoft in 2013 across all products in its monthly Security bulletins, finding that 60 percent would have been mitigated by removing admin rights. Studying only the 147 rated as the most serious, the mitigation level reached an astonishing 92 percent.
An Ars reader by the name of Jerry got a nasty surprise as he was browsing the contents of his external hard drive over the weekend—a mysterious text file warning him that he had been hacked thanks to a critical vulnerability in the Asus router he used to access the drive from various locations on his local network.
The Syrian Electronic Army (SEA) has struck again, defacing the Forbes news website and publishing the names, email addresses and encrypted passwords of over a million of its users.
The group claimed responsibility for the attack on Friday, showing off screenshots taken from the site’s Wordpress publishing system and suggesting that the stolen user credentials for 1,057,819 accounts would be put up for sale. Instead, the SEA later dumped the cache as a file on a third-party site.
German Chancellor Angela Merkel has suggested that European countries should develop a communications network as part of an effort to improve data protection.
The plans would form part of a strategy to counter the mass surveillance conducted by the US National Security Agency (NSA), GCHQ and other nations' security services.
The crowdfunding website Kickstarter said Saturday it had been hacked and that user names, encrypted passwords and other data had been accessed.
Kickstarter said it was informed of the hack Wednesday by law enforcement officials and that it had now closed the breach and strengthened its security.