Wednesday, April 22, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: May 2017

IndependentKrebs
admin

Breach at Sabre Corp.’s Hospitality Unit

Credit to Author: BrianKrebs| Date: Tue, 02 May 2017 18:41:42 +0000

Breaches involving major players in the hospitality industry continue to pile up. Today, travel industry giant Sabre Corp. disclosed what could be a significant breach of payment and customer data tied to bookings processed through a reservations system that serves more than 32,000 hotels and other lodging establishments. In a quarterly filing with the U.S. Securities and Exchange Commission (SEC) today, Southlake, Texas-based Sabre said it was “investigating an incident of unauthorized access to payment information contained in a subset of hotel reservations processed through our Hospitality Solutions SynXis Central Reservations system.”

Read More
FortinetSecurity
admin

Bricker Bot – A Silver Lining to Force Accountability for IoT Security?

Credit to Author: Douglas Jose Pereira dos Santos| Date: Tue, 02 May 2017 13:33:56 -0700

The Bricker bot made the news a couple of weeks ago as being responsible for knocking unsecured IoT devices offline, rather than hijacking them into other botnets and using them for a DDoS attack like the massive event we saw last year against DYN. This is the third botnet that targets insecure IoT devices, but the only one that is destructive. The second, dubbed Hajime, breaks the into IoT devices, but instead of bricking them, it makes them more secure by disabling remote access to the device from the internet. Of course, Mirai was the first,…

Read More
SecuritySophos
admin

Get ahead of the GDPR curve – sign up for our event

Credit to Author: Editor| Date: Tue, 02 May 2017 16:45:48 +0000

The EU regulation coming into force in 2018 will transform the way data compliance is handled in the UK – irrespective of Brexit. Make sure you are ahead of the curve by attending our General Data Protection Regulation (GDPR) event in Reading on 18 May.<img alt=”” border=”0″ src=”https://pixel.wp.com/b.gif?host=news.sophos.com&#038;blog=834173&#038;post=33524&#038;subd=sophos&#038;ref=&#038;feed=1″ width=”1″ height=”1″ /><img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/QKQJtI5It9g” height=”1″ width=”1″ alt=””/>

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: Using defense-in-depth to prevent self-inflicted cybersecurity wounds

Credit to Author: Robert C. Covington| Date: Tue, 02 May 2017 07:32:00 -0700

This past week, I encountered an all too common situation — a user gets a targeted phishing attempt. Despite a strong training program, the user opens the attachment and gets infected with ransomware.

For many organizations, this would have resulted in a disaster. Ransomware would have encrypted files on any servers, and the organization would have been forced to either restore the files from a backup, assuming they had them, or to hold their nose and pay a ransom. 

The news was better, however, for the organization I mentioned above.

Fortunately, the premise of their security planning was that someone would eventually shoot them in the foot. With a security plan that assumed this, they had a depth of layered controls to help. While their anti-virus software did not prevent the infection, it did recognize and send an alert about it, after the fact. In the meantime, their web filtering appliances and their DNS service provider, recognizing the call from the infected PC to a command and control server to get an encryption key, blocked access. Since the ransomware client never got the key, it did not encrypt any files. The blocking of command and control access provided the extra time needed to get the PC pulled out of service and repaired. 

To read this article in full or to leave a comment, please click here

Read More
MalwareBytesSecurity
admin

An Infosec Spring clean

Credit to Author: Christopher Boyd| Date: Tue, 02 May 2017 15:00:56 +0000

Spring has indeed sprung, but it’s never too late to have a wander through your security settings and features. Unfortunately, we have so many accounts these days that it’s hard to keep track of them all, but this round-up may help you on your way.

Categories:

Tags:

(Read more…)

The post An Infosec Spring clean appeared first on Malwarebytes Labs.

Read More