Thursday, April 30, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

FAQ: What is blockchain and how can it help business?

Credit to Author: Lucas Mearian| Date: Mon, 24 Apr 2017 03:01:00 -0700

Blockchain sounds like a way to keep boats anchored, which isn’t a bad analogy, considering what the technology purports to do.

While some IT experts herald it as a groundbreaking way of creating a distributed, unchangeable record of transactions, others question the nascent technology’s usefulness in the enterprise, which has traditionally relied on centrally-administered databases to secure digital records.

Even so, companies are moving fast to try and figure out how they can use it to save time and money. And IT vendors are responding to customers calls for info, with some already looking to include it as part of their services.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

There's now a tool to test for NSA spyware

Credit to Author: Michael Kan| Date: Sat, 22 Apr 2017 04:43:00 -0700

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.

Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.

The script, which requires some programming skill to use, is available for download on GitHub.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Hackers use old Stuxnet-related bug to carry out attacks

Credit to Author: Michael Kan| Date: Thu, 20 Apr 2017 13:57:00 -0700

Users that run unpatched software beware. Hackers have been relying on an old software bug tied to the Stuxnet worm to carry out their attacks.

Microsoft may have initially patched the flaw in 2010, but it’s nevertheless become the most widespread software exploit, according to security firm Kaspersky Lab.

On Thursday, Kaspersky posted research examining the use of exploits, or malicious programs designed to take advantage of certain software flaws. Once an exploit goes to work, it can typically pave the way for other malicious programs to install onto a computer.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Developer lifts Windows 7's update blockade with unsanctioned patch

Credit to Author: Gregg Keizer| Date: Thu, 20 Apr 2017 13:28:00 -0700

An anonymous developer has published a patch that negates Microsoft’s barring of security updates from Windows 7 and 8.1 PCs equipped with the very newest processors.

The developer, identified as “Zeffy,” posted the patch and accompanying documentation on GitHub, the code repository.

“I was inspired to look into these new rollup updates that Microsoft released on March 16 [after reading about the processor-related blocking of Windows Update],” wrote Zeffy. “[That was] essentially a giant middle finger to anyone who dare not ‘upgrade’ to the steaming pile of garbage known as Windows 10.”

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

DHS's ICS-CERT warns of BrickerBot: IoT malware that will brick vulnerable devices

Credit to Author: Darlene Storm| Date: Wed, 19 Apr 2017 08:21:00 -0700

Since the emergence of Mirai, you may have wondered if your IoT device has ever been infected with malware; you even may have rebooted the device which would remove the infection. But if your IoT device becomes infected with BrickerBot, you will know because the malware will “brick” it. Just the same, some people will believe the hardware failed.

Radware security researchers previously said BrickerBot malware was responsible for permanent denial of service attacks (PDoS) that would “destroy” the infected devices. PDoS, also known as “phlashing,” is “an attack that damages a system so badly that it requires replacement or reinstallation of hardware. By exploiting security flaws or misconfigurations, this type of cyberattack can destroy the firmware and/or basic functions of system.”

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

DHS' ICS-CERT warns of BrickerBot: IoT malware that will brick vulnerable devices

Credit to Author: Darlene Storm| Date: Wed, 19 Apr 2017 08:21:00 -0700

Since the emergence of Mirai, you may have wondered if your IoT device has ever been infected with malware; you even may have rebooted the device which would remove the infection. But if your IoT device becomes infected with BrickerBot, you will know because the malware will “brick” it. Just the same, some people will believe the hardware failed.

Radware security researchers previously said BrickerBot malware was responsible for permanent denial of service attacks (PDoS) that would “destroy” the infected devices. PDoS, also known as “phlashing,” is “an attack that damages a system so badly that it requires replacement or reinstallation of hardware. By exploiting security flaws or misconfigurations, this type of cyberattack can destroy the firmware and/or basic functions of system.”

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Experts contend Microsoft canceled Feb. updates to patch NSA exploits

Credit to Author: Gregg Keizer| Date: Tue, 18 Apr 2017 13:06:00 -0700

Microsoft delayed its February security update slate to finish patching critical flaws in Windows that a hacker gang tried to sell, several security experts have argued.

“Looks like Microsoft had been informed by ‘someone,’ and purposely delayed [February’s] Patch Tuesday to successfully deliver MS17-010,” tweeted Matt Suiche, founder of Dubai-based security firm Comae Technologies.

MS17-010, one of several security bulletins Microsoft issued in March, was just one of several cited Friday by the Redmond, Wash. developer when it said it had already patched most of the vulnerabilities exploited by just-leaked hacking tools.

Those tools — 12 different Windows exploits — had been included in a large data dump made April 14 by a hacker group dubbed Shadow Brokers, which is believed to have ties to Russia. The exploits, as well as a trove of documents, had been stolen from the National Security Agency (NSA), Shadow Brokers claimed.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

How one personal cyber insurance policy stacks up

Credit to Author: Evan Schuman| Date: Tue, 18 Apr 2017 04:00:00 -0700

As cyber insurance slowly moves from corporate to consumer coverage, some interestingly comprehensive policies have been introduced. One, introduced this month by AIG, puts a strong emphasis on services to prevent attacks rather than merely paying for them once they happen. We decided to dive into the fine print to see how much wiggle room the insurer gave itself.

The new policy, called Family CyberEdge, is designed as a supplement to existing homeowner’s insurance and will cost an extra $597 for $50,000 limits for each key area, consisting of cyber extortion, data restoration, crisis management and cyber bullying, with no deductibles beyond a flat $1,000 for data restoration. Bump the coverage limit up to $100,000 and the annual premium rises to $972, or go for the maximum coverage of $250,000 and the annual premium comes in at $1,723.

To read this article in full or to leave a comment, please click here

Read More