RSS Reader for Computer Security Articles
RadiTo hopes to bring forbidden audio to Iran’s growing audience of smartphone users—and stay a step ahead of the country’s internet filters. The post A Pirate Podcast App Takes on Iran’s Hardline Censors appeared first on WIRED.
Read More
Sage 2.0 is the new kid on an already crowded block of ransomware, demanding hefty ransom of 2.22188 bitcoins (roughly 2000 USD) per infection. We have recently begun seeing this malware being distributed by the same malicious spam campaigns that serve better-known ransomware families, such as Cerber and Locky. In this article we will take a closer look at some notable characteristics of this new threat, and provide some simple ways to mitigate it. Spam Campaign Sage ransomware has been seen spreading through the usual spam email channels…
The internet is what made IoT happen, providing a common protocol to take the place of separate, specialized networks. But the public internet itself may not always be the best path between a connected device and the cloud.
Enterprises can now connect cellular IoT devices to back-end systems via NetBond, a private network service from AT&T, instead of the Internet. The NetBond service sets up a VPN (virtual private network) from an edge device to the cloud. It can connect to 16 different public clouds, including Amazon Web Services and Microsoft Azure, or a private or hybrid cloud.
To read this article in full or to leave a comment, please click here
Sanctions imposed by former President Obama on Russia for hacking during the U.S. election had an unintended side effect: they essentially barred U.S. tech firms from selling new IT products in the country.
Part of last month’s sanction order was designed to block U.S. companies from doing business with Russia’s Federal Security Service, also known as the FSB, because of its suspected role in influencing last year’s election.
But the FSB isn’t just an intelligence agency. It’s also a crucial regulator in Russia that clears new IT products, including smartphones and tablets, for sale in the country.
To read this article in full or to leave a comment, please click here
Cybercriminals are using a combination of improved script and well-maintained download sites in trying to install Locky and Kovter on more computers. A few months ago, we reported an email campaign distributing .lnk files with a malicious script that downloaded Locky ransomware on target computers. Opening the malicious .lnk files executed a PowerShell script that…
Read More
Most regular readers here are familiar with CEO fraud — e-mail scams in which the attacker spoofs the boss and tricks an employee at the organization into wiring funds to the fraudster. Loyal readers also have heard an earful about W-2 phishing, in which crooks impersonate the boss and request a copy of all employee tax forms. According to a new “urgent alert” issued by the U.S. Internal Revenue Service, scammers are now combining both schemes and targeting a far broader range of organizations than ever before.
Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.
The vulnerability affects Cisco Prime Home, an automated configuration server (ACS) that communicates with subscriber devices using the TR-069 protocol. In addition to remotely managing customer equipment, it can also “automatically activate and configure subscribers and deliver advanced services via service packages” over mobile, fiber, cable, and other ISP networks.
“A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges,” Cisco said in its advisory.
To read this article in full or to leave a comment, please click here