Microsoft releases security updates for Remote Desktop Services

Microsoft has released updates to fix a security issue for Remote Desktop Services on Windows 10,  7, and 8.1, as well as Windows Server 2008 and 2012.   Windows 10 Home and Windows 10 Pro computers will be updated automatically as part of the standard Windows Update process.

Microarchitectural Data Sampling (MDS) security vulnerability in CPUs

Intel released information regarding a new set of CPU vulnerabilities called Microarchitectural Data Sampling (MDS).  A list of affected Intel products may be found here.

Updates are available from major technology companies for this issue, including:

AMD states that their CPUS are not affected by this vulnerability.

Data breach lists and identity theft victim resources

Some of the more comprehensive lists of known data breaches include:

Identity theft victims can receive advice from these websites:

Facebook stored millions of unencrypted user passwords on internal servers

Facebook released a notice in March 2019 stating several million user passwords were kept in a readable unencrypted format on their own internal servers.  However, Facebook maintains that this data was never publicly available or misused and will notify individual users affected by this issue.

Apple disables FaceTime until security bug is fixed

Update: Apple released iOS 12.1.4 on February 7, 2019 to fix the FaceTime issue.   FaceTime is now available at the Apple System Status page.

USA Today and the Washington Post have reported that some iPhone FaceTime users have been able to listen to people they are calling before the call is answered.   FaceTime runs on iPhones and iPads running iOS 12.1 as well as Macs running macOS Mojave.

Apple is currently working on a fix for this security issue.   FaceTime has been temporarily taken down as noted on the Apple System Status page.

HaveIBeenPwned website checks for emails and passwords included in data breaches

Security researcher Troy Hunt recently published his findings about a huge store of 773 million email accounts with some password information that had previously been stored at a location available to hackers. 

To verify if a specific email address was included in his list of data breaches, enter it at Troy Hunt’s website haveibeenpwned.com.  Passwords can be verified separately at haveibeenpwned.com/Passwords.

Companies that track U.S. consumer data

The Consumer Financial Protection Bureau (CFPB), a U.S. government agency that enforces federal consumer financial laws, publishes a list of companies that track data of U.S. consumers.  The Fair Credit Reporting Act (FCRA) requires companies to give consumers copies of their personal data reports.

Some of the more relevant companies on this list include:

LexisNexis has a free personal report available which shows data compiled from various public sources.

An online dispute can be filed with Equifax, Experian, TransUnion, and LexisNexis if there are errors in a credit file.