Sunday, August 3, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: March 2017

IndependentKrebs
admin

Ransomware for Dummies: Anyone Can Do It

Credit to Author: BrianKrebs| Date: Thu, 02 Mar 2017 03:14:52 +0000

Among today’s fastest-growing cybercrime epidemics is “ransomware,” malicious software that encrypts all of your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files. A big reason for the steep increase in ransomware attacks in recent years comes from the proliferation of point-and-click tools sold in the cybercrime underground that make it stupid simple for anyone to begin extorting others for money.

Read More
ComputerWorldIndependent
admin

Old Windows malware may have infected 132 Android apps

Credit to Author: Michael Kan| Date: Wed, 01 Mar 2017 13:59:00 -0800

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers.

The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.

Google has already removed the apps from its Play store. But what’s interesting is the developers behind the apps probably aren’t to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

U.S. surveillance law may see no new protections for foreign targets

Credit to Author: Grant Gross| Date: Wed, 01 Mar 2017 12:05:00 -0800

Any reform of a controversial U.S. law allowing the National Security Agency to spy on people overseas will likely focus on its impact on U.S. residents, without curbing its use elsewhere.

Section 702 of the Foreign Intelligence Surveillance Act (FISA) expires on Dec. 31, and some digital rights groups are calling on Congress to overhaul the law to protect the privacy of residents of both the U.S. and other countries. Congress will almost certainly extend the provision in some form. 

But a congressional hearing on Wednesday focused largely on the NSA’s “inadvertent” collection of U.S. residents’ data, with little time given to the privacy concerns of people overseas.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Robots are just as plagued by security vulnerabilities as IoT devices

Credit to Author: Lucian Constantin| Date: Wed, 01 Mar 2017 08:29:00 -0800

An analysis of robots used in homes, businesses and industrial installations has revealed many of the same basic weaknesses that are common in IoT devices, raising questions about security implications for human safety.

The robotics industry has already seen significant growth in recent years and will only further accelerate. Robots are  expected to serve in many roles, from assisting people in homes, stores and medical facilities, to manufacturing in factories and even handling security and law enforcement tasks.

“When you think of robots as computers with arms, legs or wheels, they become kinetic IoT devices that, if hacked, can pose new serious threats we have never encountered before,” researchers from cybersecurity consultancy firm IOActive said in a new report.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Dridex: First banking Trojan with AtomBombing to better evade detection

Credit to Author: Darlene Storm| Date: Wed, 01 Mar 2017 07:38:00 -0800

The Dridex Trojan, one of the most destructive banking Trojans, has been upgraded with a new injection method so the malware is even better at evading detection.

The newest version of Dridex, v4, is now the first banking Trojan to take advantage of AtomBombing, according to report by IBM X-Force. Unlike some of the more common code injection techniques, AtomBombing is meant to evade security solutions. Once one organized cybercrime gang successfully pulls off a slick trick, other cyber thugs are expected to adopt the method.

“In this release,” the researchers wrote, “we noted that special attention was given to dodging antivirus (AV) products and hindering research by adopting a series of enhanced anti-research and anti-AV capabilities.”

To read this article in full or to leave a comment, please click here

Read More