Information Technology

Ed Bott/ZDNETChromeOS is not merely a simplified operating system. ChromeOS is also a relatively secure operating system — thanks to its multiple layers of protection for preventing things like viruses and malware from harming your device and accessing your data.Can you improve upon ChromeOS’s already impressive default settings? You sure can! I’ve identified five settings you can work with to take ChromeOS to even higher levels of security. Also: Google might abandon ChromeOS Flex. Here’s why – and what you can do about itLet’s dive in.1. 2-step verificationThis is an essential security move, whether or not you use ChromeOS. Two-step verification (aka 2FA) adds yet another layer of security to the login process of online accounts. When 2FA is added to a Google account, it requires a mobile device associated with your Google account to serve as the 2FA authentication mechanism.However, there’s a trick to using this on a Chromebook. First, make sure you’ve enabled 2FA on your Google account. Then open Settings on your Chromebook and go to Privacy And Security > Manage Other People. On that page, disable the “Show usernames and photos on the sign-in screen” option. Once you’ve done that, reboot the device and you should be required to use 2FA to log in. More

Qualys Hold onto your SSH keys, folks! A critical vulnerability has just rocked OpenSSH, Linux’s secure remote access foundation, causing seasoned sysadmins to break out in a cold sweat. Dubbed “regreSSHion” and tagged as CVE-2024-6387, this nasty bug allows unauthenticated remote code execution (RCE) on OpenSSH servers running on glibc-based Linux systems. We’re not talking […] More

Bloomberg Creative/Getty Images Last month, the United States Department of Commerce announced a ban on Kaspersky software. As of September 29, ZDNET’s Lance Whitney reported, Kaspersky will no longer be able to provide antivirus signature updates and code updates for the banned products to customers in the United States. When I read that news, I […] More

skynesher/Getty Images Cybersecurity researchers have been warning for quite a while now that generative artificial intelligence (GenAI) programs are vulnerable to a vast array of attacks, from specially crafted prompts that can break guardrails, to data leaks that can reveal sensitive information.  The deeper the research goes, the more experts are finding out just how […] More

Rob Dobi/Getty Images MOVEit, a popular file transfer platform used by thousands of companies and government entities, is once again in the news for all the wrong reasons. MOVEit developer Progress Software earlier this week said that it had discovered a critical vulnerability in its software that, if not patched with its latest software update, […] More

Screenshot by Lance Whitney/ZDNETMicrosoft has long been battling Windows 11 users who’d rather sign in with a local account than the company’s preferred Microsoft account. And with a couple of its latest salvos, Microsoft is fighting hard to win the war.The first twist concerns an online support page that deals with Windows user accounts. The page in question tries to explain how to add, remove, and otherwise manage an account to sign into Windows. In versions of the page before last week, Microsoft included steps on how to switch from a Microsoft account to a local account. But the latest edition of the page has jettisoned those instructions, as spotted by Neowin.Also: Windows 11 now turns on OneDrive folder backup without your permissionSpecifically, a version of the page from June 12 — seen by Tom’s Hardware via the Wayback Machine — contained the directions on changing from a Microsoft account to a local account. Those steps vanished on June 17 and so far have yet to return. The page does retain the instructions on moving from a local account to a Microsoft account, which the company obviously would encourage.You can still jump from a Microsoft account to a local account in Windows 11, so it’s not as if the capability is gone. But by removing the instructions from its support page, the company seems to want to pretend that the option doesn’t exist or at least doesn’t want to help users looking to make the switch. More

style-photography/Getty The Indonesian government says it will not give in to ransom demands following a security breach over the past week that disrupted major public services — including immigration — causing backlogs at its international airport in Jakarta. The ransomware attack targeted a national data center, impacting more than 200 institutions across the country — […] More

Kaspersky If you use Kaspersky security software in the US, start looking at alternatives. On Thursday, the US Department of Commerce announced a ban on Kaspersky software, prohibiting the Russia-based company from selling any of its core security products in the US. Also: The best VPN services: Expert tested and reviewed The ban follows an investigation […] More