ComputerWorld – Page 157 – Computer Security Articles

Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 12:52:00 -0700

One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 25, 2017 admin

The WannaCry scramble

Credit to Author: Mathias Thurman| Date: Thu, 25 May 2017 10:05:00 -0700

A couple of weeks ago, possibly every security manager in the world was dealing with the repercussions of WannaCry, a ransomware worm that screamed across the internet and flooded the media. IT and security departments, placed on high alert, had to scramble — whether or not any of their systems had been infected. I was no exception.

ComputerWorld Independent

May 25, 2017 admin

IDG Contributor Network: The complexity of password complexity

Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 05:47:00 -0700

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.

First, if you haven’t done this already, install the password quality checking library with this command:

apt-get -y install libpam-pwquality

The files that contain most of the settings we’re going to look at will be:

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 24, 2017 admin

Appeals court gives Wikimedia thumbs up to sue NSA for 'Upstream' surveillance

Credit to Author: Darlene Storm| Date: Wed, 24 May 2017 08:26:00 -0700

Well, well, well, the NSA may not waltz away legally unscathed after spying on Americans’ private communications due to the dogged determination of the Wikimedia Foundation, the ACLU, the Knight First Amendment Institute at Columbia University and eight other co-plaintiffs.

The 4th US Circuit Court of Appeals ruled to give Wikimedia a chance to legally challenge the NSA’s mass surveillance as being unconstitutional. The government has previously argued that the NSA’s Upstream warrantless spying is authorized under Section 702 of the Foreign Intelligence Surveillance Act. Thanks to Upstream surveillance, the NSA sucks up and searches through American’s international internet communications.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 23, 2017 admin

Former NSA chief weighs in on cybersecurity, cyberespionage at ZertoCon

Credit to Author: Ryan Francis| Date: Tue, 23 May 2017 14:53:00 -0700

BOSTON — Retired Gen. Michael Hayden held nothing back when speaking to cybersecurity pros today at the ZertoCon business continuity conference.

It’s been more than a decade since he led the National Security Agency (NSA), but that didn’t stop Hayden from asserting that the Russians were involved in last year’s U.S. presidential election. His view: Only two presidents doubt that the Russians were involved in the 2016 election — Donald Trump and Vladimir Putin.

“They [the Russians] had an affect on the election, there is no question that this happened,” Hayden said. “The question is if there was collaboration with the campaign.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 23, 2017 admin

IDG Contributor Network: Wikileaks reveals potent Windows malware from the CIA

Credit to Author: Andy Patrizio| Date: Tue, 23 May 2017 14:00:00 -0700

A few days ago, Microsoft’s top lawyer took the NSA to task over WannaCry, saying that problem was the agency’s creation because it built and stockpiled such malware for its own use.

Now WikiLeaks has revealed more government-created malware and this one is a nasty piece of work.

Codenamed “Athena,” the spyware targets all version of Windows from Windows XP to Windows 10, and was released in August 2015. It was created in part by a private New Hampshire-based cyber security firm called Siege Technologies.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 23, 2017 admin

Connecting with work from the road? Here's how to stay safe

Credit to Author: Ryan Francis| Date: Tue, 23 May 2017 03:00:00 -0700

Every company has workaholics who can’t leave their duties behind when heading out on vacation. They’re kind of worker who, if the hotel doesn’t have Wi-Fi, will rush to the closest coffee shop or eatery to stay connected, check email and jump onto a video conference call.

Those are the kinds of insecure wireless networks that make IT security managers nervous.

And for good reason. Public Wi-Fi networks at cafes and coffee shops are open to, and can be accessed by, anyone, according to mobile security vendor iPass. They require neither security keys and passphrases nor firewall protection. That leaves employees vulnerable to man-in-the-middle attacks.

To read this article in full or to leave a comment, please click here