Sunday, July 6, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: February 2017

ComputerWorldIndependent
admin

Israeli soldiers hit by Android malware from cyberespionage group

Credit to Author: Lucian Constantin| Date: Thu, 16 Feb 2017 12:45:00 -0800

More than 100 members of the Israel Defense Forces (IDF), the majority of them stationed around the Gaza strip, fell victim to a cyberespionage attack that used malicious Android applications to steal information from their mobile devices.

The attack campaign started in July and continues to date, according to researchers from antivirus firm Kaspersky Lab, who cooperated in the investigation with the IDF Information Security Department.

The Israeli soldiers were lured via Facebook Messenger and other social networks by hackers who posed as attractive women from various countries like Canada, Germany, and Switzerland. The victims were tricked into installing a malicious Android application, which then scanned the phone and downloaded another malicious app that masqueraded as an update for one of the already installed applications.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft's monthlong patch delay could pose risks

Credit to Author: Lucian Constantin| Date: Thu, 16 Feb 2017 08:54:00 -0800

Microsoft has decided to bundle its February patches together with those scheduled for March, a move that at least some security experts disagree with.

“I was surprised to learn that Microsoft wants to postpone by a full month,” said Carsten Eiram, the chief research officer at vulnerability intelligence firm Risk Based Security, via email. “Even without knowing all the details, I find such a decision very hard to justify. They are aware of vulnerabilities in their products and have developed fixes; those should always be made available to customers in a timely fashion.”

Microsoft took everyone by surprise on Tuesday when it announced that this month’s patches had to be delayed because of a “last minute issue” that could have had an impact on customers. The company did not initially specify for how long the patches will be postponed, which likely threw a wrench in some systems administrators’ patch deployment plans.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: 7 tips to turn threat data into true threat intelligence

Credit to Author: Robert C. Covington| Date: Thu, 16 Feb 2017 10:42:00 -0800

Threat intelligence has now been a favorite of the information security industry now for some time. It is a powerful concept — let someone else deal with an attack or exposure, and use their experience to prevent the same problem in your organization. Since there are free sources for a tremendous amount of such data, it seems like a great deal.

The great deal is not always as good as it seems, however. Threat intelligence information is quite often wrong or misleading. As I mentioned in “These are the threats that keep me awake at night,” a Vermont electric utility, responding to intelligence information in a U.S. government joint forces statement, called in the FBI to investigate what turned out to be an employee’s innocent attempt to read their email on Yahoo.

To read this article in full or to leave a comment, please click here

Read More