Month: February 2017

ComputerWorldIndependent

Ransomware soars in 2016, while malware declines

A global cyberthreat report released Tuesday found that 2016 was a mixed bag: malware was down slightly, but ransomware attacks soared, up 167 times the number recorded in 2015.

In addition to that huge increase in ransomware, 2016 saw a new line of cybercrime from a large-scale DDoS attack through internet of things devices. The principal case occurred in October when the Mirai botnet attacked unprotected IoT devices, such as internet-ready cameras, resulting in a DDoS attack on Dyn servers.

The 2016 report, by cybersecurity company SonicWall, looked at data from daily network feeds sent from more than 1 million sensors in nearly 200 countries.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

Dozens of iOS apps fail to secure users' data, vendor says

Dozens of iOS apps that are supposed to be encrypting their users’ data don’t do it properly, according to a security vendor.

Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.

The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach claimed in a Monday blog post.   

TLS is used to secure an app’s communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information.  

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

U.S. House approves new privacy protections for email and the cloud

The U.S. House of Representatives approved on Monday the Email Privacy Act, which would require law enforcement agencies to get court-ordered warrants to search email and other data stored with third parties for longer than six months. 

The House approved the bill by voice vote, and it now goes the Senate for consideration.

The Email Privacy Act would update a 31-year-old law called the Electronic Communications Privacy Act (ECPA). Some privacy advocates and tech companies have pushed Congress to update ECPA since 2011. Lax protections for stored data raise doubts about U.S. cloud services among consumers and enterprises, supporters of the bill say.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

President Bannon Chrome Extension is a security problem, not a joke

Pretending that Steve Bannon is really the President was funny when Saturday Night Live did it on their opening bit. Then today, Business Insider wrote about a Google Chrome extension that replaces every mention of “Trump” with “Steve Bannon” on all web pages. Funny? Not from a Defensive Computing perspective.

Any extension that can change a specific word on every web page is inherently dangerous. Almost by definition, such an extension is spyware.

presidentbannon.permissions Michael Horowitz

Installing the President Bannon extension to the Chrome browser

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent

Update: TV maker Vizio pays $2.2M to settle complaint that it spied on users

Popular smart TV maker Vizio will pay $2.2 million to settle complaints that it violated customers’ privacy by continuously monitoring their viewing habits without their knowledge.

Beginning in February 2014, the Irvine, California-based TV maker tracked what TV shows customers were watching on 11 million TV sets sold in the U.S., the Federal Trade Commission and the Office of the New Jersey Attorney General said in a complaint, released Monday.

Vizio smart TVs captured “second-by-second” information about video displayed, including video from consumer cable services, broadband, set-top boxes, DVDs, over-the-air broadcasts and streaming devices, according to the complaint.

To read this article in full or to leave a comment, please click here

Read More