Friday, May 2, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

OpenAI launches new alignment division to tackle risks of superintelligent AI

OpenAI is opening a new alignment research division, focused on developing training techniques to stop superintelligent AI — artificial intelligence that could outthink humans and become misaligned with humans ethics — from causing serious harm.

“Currently, we don’t have a solution for steering or controlling a potentially superintelligent AI, and preventing it from going rogue,” Jan Leike and Ilya Sutskever wrote in a blog post for OpenAI, the company behind the most well-known generative AI large language model, ChatGPT. They  added that although superintelligence might seem far off, some experts believe it could arrive this decade.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Lawyers and Incident Response can be a dangerous combo

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 07 Jul 2023 03:30:00 -0700

Lawyers and C-suite leaders have the same basic mission: protect the enterprise from bad actors who want to do harm. But they often often approach the job in such polar opposite ways that they wind up fighting each other instead of working together. 

A new academic report on the topic from researchers at the University of Edinburgh, the University of Innsbruck, Tufts University and the University of Minnesota tried to document how stark those differences have become.

“Cyber insurance sends work to a small number of [incident response] firms, drives down the fees paid and appoints lawyers to direct technical investigators,” the report noted. “Lawyers, when directing incident response often introduce legalistic contractual and communication steps that slow down incident response, advise IR practitioners not to write down remediation steps or to produce formal reports and restrict access to any documents produced.”

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Apple warns that UK's Online Safety Bill puts people at 'greater risk'

Apple has raised its voice against a UK law that will dramatically undermine secure commerce and trust online, warning it could put UK citizens at risk.

And Apple is not alone. More than 80 civil society organizations, academics, and experts from 23 nations have warned against the UK government’s decision, which would turn the UK into the first democracy to require routine surveillance of people’s private chats.

The current UK government’s Online Safety Bill includes the power to force encrypted messaging tools such as WhatsApp, Signal, and iMessage to scan messages.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

With one June Patch Tuesday update, Microsoft falls short

I’ve tracked Microsoft’s Windows patches for years and closely watched all of the changes the company has made. I remember when you had to install updates in a certain order — and watch for which one had to be installed first. I remember the arrival of automated patching using Software Update Services (later called Windows Server Update Services). I’ve seen how we went from a system where each vulnerability was patched individually to what we now have: cumulative patching.

The ideal patch is self-contained. Install, reboot, get back to your work. It causes no side effects. It protects the operating system. And you forget about it because it does what it’s supposed to do.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Recent Teams, Office outages were caused by cyberattacks: Microsoft

Microsoft has confirmed that recent outages to its popular services, including Outlook, Teams, OneDrive, and cloud computing platform Azure, were caused by a DDoS attack by a threat actor that the company tracks as Storm-1359.

Also known as Anonymous Sudan, Storm-1359 was first detected in January, targeting organizations and government agencies with DDoS attacks and efforts to exfiltrate data. The threat actor was initially assumed to be a “hacktivist” group protesting a controversial outfit at the Melbourne Fashion Week but has since been linked to the Russian state, according to several media reports.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Apple beefs up enterprise identity, device management

Last week at WWDC, Apple introduced new capabilities related to Managed Apple IDs and to user identity overall.

Managed Apple IDs have been around for some time. They handle many of the same tasks as personal Apple IDs, but are owned by an organization rather than the end user and are typically created alongside a user’s enterprise identity through federated authentication with a company’s identity provider. 

Managed IDs allow a user to activate and use an Apple device — whether company owned or personal BYOD— and create a business profile on employee devices. Additionally, they provide Apple services including some core iCloud functionality such as backing up the work-related content on the device and syncing app data from Mail, Calendar, Contacts, and Notes. They also allow IT to manage what resources and devices a user can access, reset passwords, and help with Apple device management.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

June's Patch Tuesday updates focus on Windows, Office

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

How and why to use FIDO Security Keys for Apple ID

In a world that needs Apple’s recently-improved Lockdown Mode to protect good people against bad ones, high-risk individuals should consider using physical security keys to protect their Apple ID.

What are Security Keys and what do they do?

Security keys are small devices that look a little like thumb drives. Apple at WWDC 2020 confirmed plans to support FIDO authentication beginning with iOS 14 and macOS 11; now, with the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple lets you use them to verify your Apple ID, replacing a passcode. They become one of the two forms of identification you require with two-factor authentication (2FA).

To read this article in full, please click here

Read More