February 2017 – Page 6 – Computer Security Articles

Credit to Author: Dana Torgersen| Date: Fri, 24 Feb 2017 18:00:25 +0000

Malwarebytes was proud to once again take part in this spectacular week-long event. Thousands of customers, new businesses, students, press, and industry analysts made their way to our new booth to catch our giant threat theater presentation, see a demo, grab a new collectible T-shirt, and say “Hi” to our robot (who was officially named ZERO).

Categories:

Tags: cybersecurity Malwarebytes Events ransomware RSA RSA Conference RSA Conference 2017

(Read more…)

The post Who else crushed it at RSA? appeared first on Malwarebytes Labs.

Security TrendMicro

February 24, 2017 admin

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 20, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 24 Feb 2017 18:45:55 +0000

I’ve been fascinated with the rise and fall of exploit kits, especially the ones that are really popular that disappear seemingly overnight. Angler was one that at one point, contributed 59.5% in the total exploit kit activity for 2015. But now it’s presumed dead as of June 2016 after the arrest of a hacker gang….

ComputerWorld Independent

February 24, 2017 admin

Cloudflare bug exposed passwords, other sensitive website data

Credit to Author: Lucian Constantin| Date: Fri, 24 Feb 2017 08:47:00 -0800

For months, a bug in Cloudflare’s content optimization systems exposed sensitive information sent by users to websites that use the company’s content delivery network. The data included passwords, session cookies, authentication tokens and even private messages.

Cloudflare acts as a reverse proxy for millions of websites, including those of major internet services and Fortune 500 companies, for which it provides security and content optimization services behind the scenes. As part of that process, the company’s systems modify HTML pages as they pass through its servers in order to rewrite HTTP links to HTTPS, hide certain content from bots, obfuscate email addresses, enable Accelerated Mobile Pages (AMP) and more.

To read this article in full or to leave a comment, please click here

MalwareBytes Security

February 24, 2017 admin

Malwarebytes teams up with Cybersecurity Factory

Credit to Author: Malwarebytes Labs| Date: Fri, 24 Feb 2017 17:00:50 +0000

Malwarebytes is proud to support Cybersecurity Factory, a 10-week summer program for early-stage cybersecurity companies.

Categories:

Malwarebytes news

Tags: Cybersecurity Factory entrepreneurs Highland Capital Partners Malwarebytes mentorship philanthropy

(Read more…)

The post Malwarebytes teams up with Cybersecurity Factory appeared first on Malwarebytes Labs.

Fortinet Security

February 24, 2017 admin

FortiClient Scores High in the Latest Advanced Endpoint Protection Report from NSS Labs

Credit to Author: Damien Lim| Date: Fri, 24 Feb 2017 08:10:15 -0800

As part of this commitment to third-party testing, Fortinet recently participated in the NSS Labs 2017 Advanced Endpoint Protection (AEP) test by submitting our FortiClient solution for public analysis. And on February 14th, 2017, NSS published their test results.

Fortinet Security

February 24, 2017 admin

How Advanced Threat Protection Can Help Protect Financial Data

Credit to Author: Brian Forster | Date: Thu, 23 Feb 2017 13:21:15 -0800

Technology integration in the financial services industry has opened opportunities that could only be dreamed of a few decades back. Around the turn of the millennium, we began seeing banks set up websites for internet-based banking, and about a decade later, mobile banking customers began tapping their smartphones to make payments at retail stores. Inside the walls of financial institutions themselves, employees are leveraging technology such as email and mobile devices to streamline processes and provide a better overall customer experience. Industry…

ComputerWorld Independent

February 23, 2017 admin

The SHA1 hash function is now completely unsafe

Credit to Author: Lucian Constantin| Date: Thu, 23 Feb 2017 14:35:00 -0800

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible.

SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

February 23, 2017 admin

Ransomware 'customer support' chat reveals criminals' ruthlessness

Credit to Author: Gregg Keizer| Date: Thu, 23 Feb 2017 14:14:00 -0800

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?

What’s not to love?

Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang’s customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.

To read this article in full or to leave a comment, please click here