March 2017 – Page 14 – Computer Security Articles

Credit to Author: Gregg Keizer| Date: Thu, 23 Mar 2017 12:41:00 -0700

Google engineers yesterday acknowledged that half of all Android devices had not received a security update in the past year, even as they argued that the firm has made progress in streamlining the open-source operating system’s patching process.

“About half of devices in use at the end of 2016 had not received a platform security update in the previous year,” Adrian Ludwig and Mel Mille, members of the Android security team, said in a post to a company blog.

Although Google has issued monthly security updates for Android since 2015 — and deploys those patches to Nexis and Pixel devices as soon as they’re available — other device makers often take weeks or months to push updates to customers, or never do. Android’s update problem is not new — it’s been in stark contrast to other operating systems, notably iOS, macOS and Windows, since Android’s inception — and is baked into the relationship between Google and the hardware manufacturers who build and sell phones.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 23, 2017 admin

Newly leaked documents show low-level CIA Mac and iPhone hacks

Credit to Author: Lucian Constantin| Date: Thu, 23 Mar 2017 11:53:00 -0700

The CIA has had tools to infect Apple Mac computers by connecting malicious Thunderbolt Ethernet adapters to them since 2012, according to new documents purported to be from the agency and published by WikiLeaks.

One of the documents, dated Nov. 29, 2012, is a manual from the CIA’s Information Operations Center on the use of a technology codenamed Sonic Screwdriver. It is described as “a mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting.”

Sonic Screwdriver allows the CIA to modify the firmware of an Apple Thunderbolt-to-Ethernet adapter so that it forces a Macbook to boot from an USB stick or DVD disc even when its boot options are password protected.

To read this article in full or to leave a comment, please click here

Security Wired

March 23, 2017 admin

WikiLeaks Reveals How the CIA Can Hack a Mac’s Hidden Code

Credit to Author: Andy Greenberg| Date: Thu, 23 Mar 2017 18:09:19 +0000

The leak shows how physical access hacks can plant undetectable spying code deep in a Macbook’s firmware. The post WikiLeaks Reveals How the CIA Can Hack a Mac’s Hidden Code appeared first on WIRED.

Security Wired

March 23, 2017 admin

WikiLeaks Shows How the CIA Can Hack a Mac’s Hidden Code

Credit to Author: Andy Greenberg| Date: Thu, 23 Mar 2017 18:09:19 +0000

The leak shows how physical access hacks can plant undetectable spying code deep in a Macbook’s firmware. The post WikiLeaks Shows How the CIA Can Hack a Mac’s Hidden Code appeared first on WIRED.

ComputerWorld Independent

March 23, 2017 admin

Senate votes to kill FCC's broadband privacy rules

Credit to Author: Grant Gross| Date: Thu, 23 Mar 2017 10:13:00 -0700

The U.S. Senate has voted to kill broadband provider privacy regulations prohibiting them from selling customers’ web-browsing histories and other data without their permission.

The Senate’s 50-48 vote Thursday on a resolution of disapproval would roll back Federal Communications Commission rules requiring broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details with third parties. The FCC approved the regulations just five months ago.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 23, 2017 admin

Snowden's ex-boss offers advice on stopping insider threats

Credit to Author: Michael Kan| Date: Thu, 23 Mar 2017 10:10:00 -0700

Steven Bay, a former defense contractor, knows a thing or two about insider threats. For a brief period, he was the boss of Edward Snowden, the famous leaker who stole sensitive files from the U.S. National Security Agency.

Recalling the day he learned Snowden had been behind the NSA leaks back in June 2013, Bay said he received texts about the breaking news while in a leadership meeting at a church. The first text said “Sorry man, looks like your worst nightmare came true.”

Bay was crushed: “I went out into an empty room of the church and I just melted down crying.”

To read this article in full or to leave a comment, please click here

MalwareBytes Security

March 23, 2017 admin

Hackers threaten to wipe Apple devices

Credit to Author: Thomas Reed| Date: Thu, 23 Mar 2017 15:00:40 +0000

According to a report from Motherboard, a group of hackers calling themselves “Turkish Crime Family” is threatening to remotely erase devices belonging to hundreds of millions of Apple customers. They will do this on April 7, they say, if Apple doesn’t pay them a ransom.

Categories:

Tags: Apple Apple ID data breach icloud iOS iPhone phishing

(Read more…)

The post Hackers threaten to wipe Apple devices appeared first on Malwarebytes Labs.

Security TrendMicro

March 23, 2017 admin

Why hardware configurations could be the downfall of the IoT

Credit to Author: Trend Micro| Date: Thu, 23 Mar 2017 16:16:22 +0000

Hardware configuration could leave your IoT devices vulnerable to attacks. Ignoring the configurations of your IoT devices puts your business at risk, making it important to secure your systems appropriately.

Computer Security Articles

Month: March 2017

Google: Half of Android devices haven’t been patched in a year or more

Newly leaked documents show low-level CIA Mac and iPhone hacks

WikiLeaks Reveals How the CIA Can Hack a Mac’s Hidden Code

WikiLeaks Shows How the CIA Can Hack a Mac’s Hidden Code

Senate votes to kill FCC's broadband privacy rules

Snowden's ex-boss offers advice on stopping insider threats

Hackers threaten to wipe Apple devices

Why hardware configurations could be the downfall of the IoT