Windows 10
Use attributes for filter ! | |
License | Microsoft Software Assurance |
---|---|
MSDN | |
Microsoft Imagine | |
Initial release date | July 29, 2015 |
Developed by | Microsoft Corporation |
Platforms | IA-32 |
x86-64 | |
ARMv7 | |
ARM64 | |
Written in | C |
C++ | |
C# | |
Update methods | Windows Update |
Microsoft Store | |
Windows Server Update Services | |
Date of Reg. | |
Date of Upd. | |
ID | 2577504 |
About Windows 10
Windows 10 is a series of personal computer operating systems produced by Microsoft as part of its Windows NT family of operating systems. It is the successor to Windows 8. 1, and was released to manufacturing on July 15, 2015, and broadly released for retail sale on July 29, 2015.
Electoral Commission failed basic security test before hack
... The Commission was urged to update the Windows 10 Enterprise operating system, which had fallen out of date for security updates months earlier...
Microsoft retires Internet Explorer after 27 years
... Users wanting to stick with Microsoft are being directed to Microsoft Edge, launched in 2015, alongside Windows 10...
OK Beeb: BBC the voice assistant will learn the regional accents
... UK-members of Microsoft s Windows Insider program with the may-2020 Windows 10 operating system update can install it, if you already have a BBC account for iPlayer and Sounds, the BBC s streaming services...
Electoral Commission failed basic security test before hack
By Joe TidyCyber correspondent
The Electoral Commission has confirmed it failed a basic cyber-security test around the same time hackers gained entry to the organisation.
A whistleblower told The Bbc that The Commission was given an automatic fail during a Cyber Essentials audit.
Last month that " hostile actors" accessed its emails and potentially the data of 40 million voters.
A spokeswoman said The Commission had still not passed the basic test.
In August the election watchdog announced hackers broke into their IT systems in August 2021 and had access to sensitive data until they were discovered and removed in October 2022.
The unnamed attackers accessed Electoral Commission email correspondence and could have viewed databases containing The Names and addresses of 40 million registered voters, including millions of those not on public registers.
It's Not Yet been revealed who carried out The Intrusion or how The Commission was breached.
But now a whistleblower has revealed that in the same month that hackers were breaking into the organisation, The Commission was told by cyber-security auditors that it was not compliant with the Cyber Essentials Scheme - a system backed by the government to help organisations achieve minimum best practice in cyber-security.
Cyber Essentials is voluntary but widely used by organisations as a way to show customers they are security-aware.
The government requires all suppliers bidding for contracts involving the handling of certain sensitive and personal information to hold an up-to-date Cyber Essentials certificate.
But The Commission failed in multiple areas when it tried to get certified in 2021.
A spokeswoman for The Commission admitted the failings but claims they weren't linked to the cyber-attack that impacted email servers.
One of the reasons it failed The Test was that about 200 staff laptops were running obsolete and potentially insecure software.
The Commission was urged to update the Windows 10 Enterprise Operating System , which had fallen out of date for security updates months earlier.
Auditors also issued the failure because staff were using old iPhones no longer supported by Apple to receive security updates.
The National Cyber Security Centre (NCSC), which backs the Cyber Essentials Scheme , advises all organisations to keep software up to date " to prevent known vulnerabilities from being exploited" by hackers.
Cyber-security consultant Daniel Card has helped many organisations become Cyber Essentials compliant and says it is too early to determine whether or not The Failures highlighted in the audit allowed hackers to Get In .
" Early indications are that the hackers managed to get into the email servers a different way, but there's a chance that The Chain of attack may have included one or more of these poorly-secured devices, " He Said .
Regardless of whether or not the hackers did " it builds a picture of a weak posture and a probable failure to govern and manage" he added.
The NCSC promotes Cyber Essentials certification, saying that " vulnerability to basic attacks can mark you out as a target for more in-depth unwanted attention from cyber-criminals and others".
The UK's Information Commissioner's Office, which has passed Cyber Essentials and Cyber Essentials Plus, said it was investigating the cyber-attack as a matter of urgency.
When the hack was announced, the Electoral Commission said that the data hacked from the full electoral register was " largely in The Public domain".
However, less than half the data on the open register, which can be purchased, is publicly available, so the hackers would have accessed data belonging to tens of millions of people who opted out of The Public list.
The Electoral Commission said it did not apply for Cyber Essentials in 2022.
" We Are always working to improve our cyber-security and systems and draw on the expertise of The National Cyber Security Centre - as many public bodies do - to continue to develop and progress protections against cyber-threats, " it said in a statement.
Related TopicsSource of news: bbc.com