Saturday, July 5, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: May 2017

ComputerWorldIndependent
admin

IDG Contributor Network: Eight steps to the GDPR countdown

Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 12:52:00 -0700

One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

The WannaCry scramble

Credit to Author: Mathias Thurman| Date: Thu, 25 May 2017 10:05:00 -0700

A couple of weeks ago, possibly every security manager in the world was dealing with the repercussions of WannaCry, a ransomware worm that screamed across the internet and flooded the media. IT and security departments, placed on high alert, had to scramble — whether or not any of their systems had been infected. I was no exception.

Read More
IndependentKrebs
admin

MolinaHealthcare.com Exposed Patient Records

Credit to Author: BrianKrebs| Date: Thu, 25 May 2017 18:08:21 +0000

Earlier this month, KrebsOnSecurity featured a story about a basic security flaw in the Web site of medical diagnostics firm True Health Group that let anyone who was logged in to the site view all other patient records. In that story I mentioned True Health was one of three major healthcare providers with similar website problems, and that the other two providers didn’t even require a login to view all patient records. Today we’ll examine such a flaw that was just fixed by Molina Healthcare, a Fortune 500 company that until recently was exposing countless patient medical claims to the entire Internet without requiring any authentication.

Read More
FortinetSecurity
admin

Trends Affecting Managed Security Service Providers

Credit to Author: Bill McGee| Date: Thu, 25 May 2017 09:06:35 -0700

Given the very public explosion of ransomware, and an ever-growing list of other cyber threats, IT services providers are increasingly looking for ways to meet the insatiable demand for cybersecurity. In this article we will look at some of the trends and challenges facing the MSSP community. How has the cost and shortage of security talent empowered the MSS domain? There are two forces driving the growth of MSS – complexity and cost. The complexity of threats and regulations continues to grow, with no change in sight. On the cost side, there…

Read More
MalwareBytesSecurity
admin

RoughTed: The anti ad-blocker malvertiser

Credit to Author: Jérôme Segura| Date: Thu, 25 May 2017 14:00:52 +0000

A look at RoughTed, a purveyor of ad-blocker aware malvertising responsible for a range of scams, exploits, and malware.

Categories:

Tags:

(Read more…)

The post RoughTed: The anti ad-blocker malvertiser appeared first on Malwarebytes Labs.

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: The complexity of password complexity

Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 05:47:00 -0700

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.

First, if you haven’t done this already, install the password quality checking library with this command:

apt-get -y install libpam-pwquality

The files that contain most of the settings we’re going to look at will be:

To read this article in full or to leave a comment, please click here

Read More