Computer Security Articles – RSS Reader for Computer Security Articles

New Customer Needs are Driving Demand for Emerging Technologies to Influence Data Center Design

January 21, 2019 admin 0 Comments Data Center, Data center design, data center management, digitization, Edge Computing, emerging technologies, open compute

Credit to Author: Abby Gabriel| Date: Mon, 21 Jan 2019 16:30:00 +0000

As the data center landscape continues to evolve, many data center organizations and colocation service providers are focusing on new ways to improve their speed and agility. Innovations to any… Read more »

The post New Customer Needs are Driving Demand for Emerging Technologies to Influence Data Center Design appeared first on Schneider Electric Blog.

Security Wired

Jargon Watch: Stochastic Terrorism Lets Bullies Operate in Plain Sight

January 21, 2019 admin 0 Comments Security

Credit to Author: Jonathon Keats| Date: Mon, 21 Jan 2019 11:00:00 +0000

It takes a master demagogue to weaponize unstable individuals and aim them at political enemies.

MalwareBytes Security

A week in security (January 14 – 20)

January 21, 2019 admin 0 Comments APT10, ArsTechnica, BleepingComputer, CoinDesk, Collection #1, cryptopia, cve-2019-0543, DAS, Fallout EK, Fortnite, Garmin, Garmin watch, hosting, https, Oregon, Powershell, PowerShell Team Blog, SC media, Security world, shutdown, telegram, threadx, Week in security, Youtube

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:48:38 +0000

A roundup of last week’s security news from January 14 to 20, including APT10, Fallout EK, Colllection 1 data, Youtube challenges, hosting malicious sites and a Fortnite security flaw.

Categories:

Tags: APT10 ArsTechnica BleepingComputer CoinDesk collection 1 cryptopia cve-2019-0543 DAS Fallout EK fortnite garmin Garmin watch hosting HTTPS oregon powershell PowerShell Team Blog SC Media shutdown telegram threadx youtube

(Read more…)

The post A week in security (January 14 – 20) appeared first on Malwarebytes Labs.

MalwareBytes Security

Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge

January 21, 2019 admin 0 Comments 2fa, 2FA modlishka, Amnesty International, CERTFA, cybercrime, defeat 2FA, mantis, modlishka, password manager, PGP, Social engineering, the return of charming kitten, totp, two-factor authentication

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:15:30 +0000

While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tactic called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list.

Categories:

Tags: 2fa 2FA modlishka Amnesty International CERTFA defeat 2FA mantis modlishka password manager PGP Social Engineering the return of charming kitten totp two-factor authentication

Kaspersky Security

WhatsApp and Facebook ticket giveaways: viral fraud

January 21, 2019 admin 0 Comments Facebook, fraud, Threats, tickets, WhatsApp

Credit to Author: John Snow| Date: Mon, 21 Jan 2019 11:19:37 +0000

WhatsApp and Facebook are swimming in links to ticket giveaways for fun fairs and airlines. Don’t get excited though, the tickets are fake.

QuickHeal Security

Malspam email – Jack of all malware, master of none.

January 21, 2019 admin 0 Comments email, Email malware, Fraudulent email, Hacker, malware, phishing, ransomware, Security

Credit to Author: Shriram Munde| Date: Mon, 21 Jan 2019 07:37:49 +0000

Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are…

Independent Securiteam

SSD Advisory – Teco SG2 and TP3 Vulnerabililites

January 20, 2019 admin 0 Comments Commentary, Unauthenticated Action

Credit to Author: SSD / Noam Rathaus| Date: Mon, 04 Jul 2016 12:58:21 +0000

Vulnerabilities Description Multiple vulnerabilities have been found in Teco’s SG2 and TP3 product, these vulnerabilities allows attackers that are able to supply the products with a specially crafted file to cause it to execute arbitrary code. TECO TP3 PC-LINK tpc file parsing Stack Buffer Overflow Code Execution TECO uses their own propriety file format known … Continue reading SSD Advisory – Teco SG2 and TP3 Vulnerabililites

Independent Securiteam

Using Machine Learning To Detect Anomalies

January 20, 2019 admin 0 Comments Commentary

Credit to Author: dmitryc| Date: Mon, 21 Dec 2015 22:07:07 +0000

I’m going to start blogging more about detection of protocol/app anomalies, detection of lateral movement and/or data exfiltration, and more. For many years I have been watching users and applications furrow their way across networks and I’m gonna start data-dumping that info here 🙂 But…first…I manage a web server for a friend. It occurred to … Continue reading Using Machine Learning To Detect Anomalies

Independent Securiteam

Oracle CSO is right

January 20, 2019 admin 0 Comments Commentary

Credit to Author: dmitryc| Date: Tue, 11 Aug 2015 16:34:29 +0000

The internet (or at least twitter) is exploding regarding this, now deleted, post : Mary Ann Davidson blog post Let me start by saying that she is right. Yes, she’s right. Breaking the EULA is against the law. You can’t argue about that. You can’t argue that they should be paying a bug bounty. You … Continue reading Oracle CSO is right

Independent Securiteam

Play some D!

January 20, 2019 admin 0 Comments Commentary

Credit to Author: dmitryc| Date: Tue, 04 Aug 2015 14:33:59 +0000

Hi there. Long-time-no-blog 🙂 If you haven’t already, go read this: https://t.co/d2hwhmzzuz Note: this blog applies to Corporate networks. If you’re a coffee shop or a college, you’re on your own 🙂 I’ve been a network defender for many years. I currently work for a software company that builds network software which helps companies gain … Continue reading Play some D!

Independent Securiteam

OpenSSL ACCF Vulnerability (CVE-2015-1793)

January 20, 2019 admin 0 Comments Commentary

Credit to Author: SSD / Noam Rathaus| Date: Thu, 09 Jul 2015 14:12:03 +0000

A new vulnerability has been recently patched in OpenSSL: During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on … Continue reading OpenSSL ACCF Vulnerability (CVE-2015-1793)

← Previous