Tuesday, July 1, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: January 2017

ComputerWorldIndependent
admin

Trump, May agree to take on ISIS in cyberspace

The U.K. and U.S. are planning to work more closely to combat the spread of extreme Islamist ideology in cyberspace, British Prime Minister Theresa May said on Friday.

May was speaking at a White House news conference, alongside U.S. President Donald Trump, held to outline the results of talks between the two leaders. May is in Washington as the first foreign head of state to meet Trump.

She noted the conventional military fight against ISIS is working and the group is losing territory but noted the two countries “need to redouble our efforts.”

“Today we’re discussing how we can do this by deepening intelligence and security cooperation and critically, by stepping up our efforts to counter Daesh in cyberspace,” she said, using an alternate name for the terrorist group.

To read this article in full or to leave a comment, please click here

Read More
FortinetSecurity
admin

Multiple XSS Vulnerabilities Discovered In IBM Infosphere BigInsights


Summary Last year, I discovered and reported two Cross-Site Scripting (XSS) vulnerabilities in IBM’s Infosphere BigInsights. This week, IBM released a security bulletin which contains the fix for these vulnerabilities. CVE numbers CVE-2016-2924 and CVE-2016-2992 are assigned to them respectively. InfoSphere BigInsights is an analytics platform for analyzing massive volumes of unconventional data in its native format. The software enables advanced analysis and modeling of diverse data, and supports structured, semi-structured, and unstructured…

Read More
ComputerWorldIndependent
admin

Cisco starts patching critical flaw in WebEx browser extension

Cisco Systems has started to patch a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on computers.

The company released a patched version of the extension — 1.0.7 — for Google Chrome on Thursday and is working on similar patches for the Internet Explorer and Mozilla Firefox versions.

The vulnerability was found by Google security researcher Tavis Ormandy and stemmed from the fact that the WebEx extension exposed functionality to any website that had “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html” in its URL or inside an iframe. Some of that WebEx functionality allowed for the execution of arbitrary code on computers.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

A.I.-based typing biometrics might be authentication's next big thing

Identifying or authenticating people based on how they type is not a new idea, but thanks to advances in artificial intelligence it can now be done with a very high level of accuracy, making it a viable replacement for other forms of biometrics.

Research in the field of keystroke dynamics, also known as keyboard or typing biometrics, spans back over 20 years. The technique has already been used for various applications that need to differentiate among computer users, but its widespread adoption as a method of authentication has been held back by insufficient levels of accuracy.

Keystroke dynamics relies on unique patterns derived from the timing between key presses and releases during a person’s normal keyboard use. The accuracy for matching such typing-based “fingerprints” to individual persons by using traditional statistical analysis and mathematical equations varies around 60 percent to 70 percent, according to Raul Popa, CEO and data scientist at Romanian startup firm TypingDNA.

To read this article in full or to leave a comment, please click here

Read More