Wednesday, May 8, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: January 2017

ComputerWorld Independent 

Privacy worries are on the rise, new poll of U.S. consumers shows

admin , ,

A recent IDC survey found 84% of U.S. consumers are concerned about the privacy of their personal information, with 70% saying their concern is greater today than it was a few years ago.

These concerns of consumers should also alarm businesses: Consumers are willing to switch to another bank, medical center or retailer if they feel their personal information is threatened, the survey found.

“Consumers can exact punishment for data breaches or mishandled data by changing buyer behavior or shifting loyalty,” said Sean Pike, an analyst at IDC, in a statement. The survey, released last week, polled 2,500 U.S. consumers about their privacy concerns across four verticals: Financial services, healthcare, retail and government.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Facebook looks to revamp password recovery by supplanting email

admin ,

Forgot your password? Well, Facebook wants to help you recover your internet account.

The company is releasing an open source protocol that will let third-party sites recover user accounts through Facebook.

Typically, when people forget their password to a site, they’re forced to answer a security question or send a password reset request to their email. But these methods of account recovery can be vulnerable to hacking, said Facebook security engineer Brad Hill.

He recalled a time when he was granted permission to break into an online bank account. To do so, he took advantage of the password reset questions.

“It asked me what my favorite color was, and it let me guess as many times as I wanted,” he said Monday, during a presentation at the USENIX Enigma 2017 security conference.

To read this article in full or to leave a comment, please click here

Read more
Independent Securiteam 

SSD Advisory – NCurses 5.9 Local Privilege Escalation

admin

Vulnerability Summary The following advisory describes an Local Privilege Escalation vulnerability in NCurses, version 5.9. Credit An independent security researcher Dawid Golunski (https://legalhackers.com/) has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor Responses NCurses has released a patch to address the vulnerability. Thomas Dickey has also added the following statement “I don’t … Continue reading SSD Advisory – NCurses 5.9 Local Privilege Escalation

Read more
Independent Securiteam 

SSD Advisory – IBM WebSphere Portal Cross-Site Scripting (XSS)

admin

Vulnerabilities Summary The following advisory describes a Cross-Site Scripting (XSS) vulnerability found in WebSphere Portal version 8.0.0.1. IBM WebSphere Portal products provide enterprise web portals that help companies deliver a highly-personalized, social experience for their customers. WebSphere Portal products give users a single point of access to the applications, services, information and social connections they … Continue reading SSD Advisory – IBM WebSphere Portal Cross-Site Scripting (XSS)

Read more
Fortinet Security 

Saudi Organizations Targeted by Resurfaced Shamoon Disk-Wiping Malware

admin


FortiGuard is currently investigating a new wave of attacks targeting kingdom of Saudi Arabia organizations that use an updated version of the Shamoon malware (also known as DistTrack.) We described this malware in detail a few months ago in a previous article. The key features of that version remain the same, yet some voluntary changes are taking place: Images used. Shamoon still overwrites files with an image of the drowned Syrian toddler Alan Kurdi, but this time the picture size is different. In November 2016 it was using a picture…

Read more
ComputerWorld Independent 

Study: 62% of security pros don’t know where their sensitive data is

admin , , ,

Ask organizations today about the value of data and you’re likely to hear it measured in terms of competitive advantage, customer experience and revenue generation. As Dante Disparte and Daniel Wagner put it in a December 2016 HBR article, data is “becoming a centerpiece of corporate value creation.”

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more
ComputerWorld Independent 

Police lost 8 years of evidence in ransomware attack

admin , ,

Police in Cockrell Hill, a community in southwest Dallas, admitted to losing digital evidence from as far back as 2009 after the department’s server was compromised with ransomware.

Cockrell Hill Police Department Chief Stephen Barlag said, “As a result, all bodycam video, some photos, some in-car video, and some police department surveillance video were lost.”

Immediately, the police blamed Russian hackers, but Barlag later told WFAA that experts told him it “more likely originated in Ukraine.” The official press release, however, states, “It is unknown for certain where the virus originated from.”

To read this article in full or to leave a comment, please click here

Read more