Wednesday, July 23, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: March 2017

SecuritySophos
admin

US infrastructure is at ‘red alert’ for hacking, James Lyne warns on the Today Show

Credit to Author: Bill Brenner| Date: Thu, 16 Mar 2017 19:08:31 +0000

The recent WikiLeaks drop of CIA documents has raised awareness of the reality of cyber-threats and espionage, and how digital infrastructure in America and around the world is under threat thanks to hacking attacks and ransomware, James Lyne told Tom Costello on NBC’s Today show. In the two-part segment, James and Tom Costello talked about […]

Read More
ComputerWorldIndependent
admin

Adobe Reader, Edge, Safari and Ubuntu fall in first day at Pwn2Own

Credit to Author: Lucian Constantin| Date: Thu, 16 Mar 2017 10:37:00 -0700

Bug hunters have gathered again to test their skills against some of the most popular and mature software programs during the Pwn2Own hacking contest. During the first day, they successfully demonstrated exploits against Microsoft Edge, Apple’s Safari, Adobe Reader and Ubuntu Desktop.

The Pwn2Own contest runs every year during the CanSecWest security conference in Vancouver, British Columbia. It’s organized and sponsored by the Zero Day Initiative (ZDI), an exploit acquisition program operated by Trend Micro after its acquisition of TippingPoint.

This year the contest has a prize pool of $1 million for exploits in five categories: virtual machines (VMware Workstation and Microsoft Hyper-V); web browser and plugins (Microsoft Edge, Google Chrome, Mozilla Firefox, Apple Safari and Flash Player running in Edge); local escalation of privilege (Microsoft Windows, macOS and Ubuntu Desktop); enterprise applications (Adobe Reader, Word, Excel and PowerPoint) and server side (Apache Web Server on Ubuntu Server).

To read this article in full or to leave a comment, please click here

Read More
FortinetSecurity
admin

5 Network Security Challenges That Will Keep Financial Services CIOs On Alert in 2017

Credit to Author: Brian Forster | Date: Thu, 16 Mar 2017 09:04:50 -0700

The financial services industry was a primary target for cybercriminals in 2016, and due to the value of its data, it will remain in the crosshairs as we embark on 2017. As a result, financial services CIOs will be faced with security decisions and challenges that will likely keep them up at night. While this isn’t an exhaustive list of challenges CIOs will face in the coming year, we’ve outlined several challenges we believe nearly all financial services organizations will have to face in 2017. Let’s take a closer look. 1….

Read More
ComputerWorldIndependent
admin

U.S. faces limits in busting Russian agents over Yahoo breach

Credit to Author: Michael Kan| Date: Thu, 16 Mar 2017 03:52:00 -0700

In a rare move, the U.S. has indicted two Russian government agents for their suspected involvement in a massive Yahoo data breach. But what now?

Security experts say Wednesday’s indictment might amount to nothing more than naming and shaming Russia. That’s because no one expects the Kremlin to play along with the U.S. indictment.

“I can’t imagine the Russian government is going to hand over the two FSB officers,” said Jeremiah Grossman, chief of security strategy at SentinelOne.

“Even in the most successful investigations, state hackers are still immune from prosecution or retaliation,” said Kenneth Geers, a research scientist at security firm Comodo.

To read this article in full or to leave a comment, please click here

Read More
SecurityTrendMicro
admin

The Results – Pwn2Own 2017 Day One

Credit to Author: Dustin Childs (Zero Day Initiative Communications)| Date: Thu, 16 Mar 2017 09:10:43 +0000

The first day of Pwn2Own 2017 has come to a close, and so far, we’ve awarded $233,000 USD and 45 points for Master of Pwn. Today saw five successful attempts, one partial success, two failures, and two entries withdrawn. Our day started with the 360 Security team successfully using a jpeg2000 heap overflow, a Windows…

Read More
MicrosoftSecurity
admin

Ransomware operators are hiding malware deeper in installer packages

Credit to Author: msft-mmpc| Date: Thu, 16 Mar 2017 03:15:46 +0000

We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These changes are observed in installers that drop ransomware like Cerber, Locky, and others. Cybercriminals have…

Read More