February 2017 – Page 8 – Computer Security Articles

Credit to Author: Lucian Constantin| Date: Thu, 23 Feb 2017 07:49:00 -0800

Linux system administrators should be on the watch for kernel updates because they fix a local privilege escalation flaw that could lead to a full system compromise.

The vulnerability, tracked as CVE-2017-6074, is over 11 years old and was likely introduced in 2005 when the Linux kernel gained support for the Datagram Congestion Control Protocol (DCCP). The problem was discovered last week and was patched by the kernel developers on Friday.

The flaw can be exploited locally by using heap spraying techniques to execute arbitrary code inside the kernel, the most privileged part of the OS. Andrey Konovalov, the Google researcher who found the vulnerability, plans to publish an exploit for it a few days.

To read this article in full or to leave a comment, please click here

MalwareBytes Security

February 23, 2017 admin

How do I secure my social media profile?

Credit to Author: William Tsing| Date: Thu, 23 Feb 2017 14:00:07 +0000

Quitting social media entirely can be unrealistic, or at least seriously unfun. So it’s important to take a moment to check out account settings before you start, to make absolutely sure you’re okay with the service’s default settings.

Categories:

Tags: how to Instagram LinkedIn phish phishing privacy social media spam twitter

(Read more…)

Fortinet Security

February 23, 2017 admin

Q&A: Securing IoT in the World of Healthcare

Credit to Author: Darlene Gannon| Date: Thu, 23 Feb 2017 06:17:18 -0800

According to IBM’s 2016 Cyber Security Intelligence Index report, cyber criminals attacked healthcare more than any other industry last year, with more than 100 million healthcare records being compromised. As the use of IoT devices continues to grow in hospitals, we talked to Roger Bailey about the risks, and how to secure these increasingly distributed healthcare environments. Q&A with Roger Bailey, Sales Engineer at Fortinet How is IoT growing in the world of healthcare? There are two sides to IoT in hospitals – the customer…

ComputerWorld Independent

February 23, 2017 admin

Amid cyberattacks, ISPs try to clean up the internet

Credit to Author: Michael Kan| Date: Thu, 23 Feb 2017 06:26:00 -0800

If your computer’s been hacked, Dale Drew might know something about that.

Drew is chief security officer at Level 3 Communications, a major internet backbone provider that’s routinely on the lookout for cyberattacks on the network level. The company has linked more than 150 million IP addresses to malicious activity worldwide.

That means all of those IP addresses have computers behind them that are probably involved in distributed denial-of-service attacks, email spam, or breaches of company servers, Drew said.

Hackers have managed to hijack those computers to “cause harm to the internet,” but the owners don’t always know that, Drew said.

To read this article in full or to leave a comment, please click here

Security TrendMicro

February 23, 2017 admin

Healthcare Under Attack: Trend Micro Reveals All in New Report

Credit to Author: Ed Cabrera (Chief Cybersecurity Officer)| Date: Thu, 23 Feb 2017 13:00:21 +0000

Healthcare organizations (HCOs) around the world are under attack. The data they store and process has become a valuable commodity on the cybercriminal underground and has even been linked to nation state attacks. In 2015, more than 113 million records were stolen in the U.S. alone, according to the Department of Health and Human Services….

Security Wired

February 23, 2017 admin

A Super-Common Crypto Tool Turns Out to Be Super-Insecure

Credit to Author: Lily Hay Newman| Date: Thu, 23 Feb 2017 13:00:56 +0000

NIST has been warning about vulnerabilities in its SHA-1 cryptographic hash function for years, but some services still use it and the threats are growing. The post A Super-Common Crypto Tool Turns Out to Be Super-Insecure appeared first on WIRED.

Security Wired

February 23, 2017 admin

Now Anyone Can Deploy Google’s Troll-Fighting AI

Credit to Author: Andy Greenberg| Date: Thu, 23 Feb 2017 12:00:49 +0000

Google subsidiary Jigsaw is now offering developers access to an API for its AI-based detector for abusive comments. The post Now Anyone Can Deploy Google’s Troll-Fighting AI appeared first on WIRED.

ComputerWorld Independent

February 23, 2017 admin

A hard drive's LED light can be used to covertly leak data

Credit to Author: Michael Kan| Date: Thu, 23 Feb 2017 03:40:00 -0800

The seemingly harmless blinking lights on servers and desktop PCs may give away secrets if a hacker can hijack them with malware.

Researchers in Israel have come up with an innovative hack that turns a computer’s LED light into a signaling system that shows passwords and other sensitive data.

The researchers at Ben-Gurion University of the Negev demonstrated the hack in a YouTube video posted Wednesday. It shows a hacked computer broadcasting the data through a computer’s LED light, with a drone flying nearby reading the pattern.

The researchers designed the scheme to underscore vulnerabilities of air-gapped systems, or computers that have been intentionally disconnected from the internet.

To read this article in full or to leave a comment, please click here

Computer Security Articles

Month: February 2017

Eleven-year-old root Linux kernel flaw found and patched

Q&A: Securing IoT in the World of Healthcare

Amid cyberattacks, ISPs try to clean up the internet

Healthcare Under Attack: Trend Micro Reveals All in New Report

A Super-Common Crypto Tool Turns Out to Be Super-Insecure

Now Anyone Can Deploy Google’s Troll-Fighting AI

A hard drive's LED light can be used to covertly leak data