Thursday, April 30, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

IDG Contributor Network: Most of the Windows zero-day exploits have already been patched

Credit to Author: Andy Patrizio| Date: Mon, 17 Apr 2017 12:46:00 -0700

Late last week, a hacker group known as The Shadow Brokers released a trove of Windows exploits it claims to have obtained from National Security Agency’s (NSA’s) elite hacking team. The group released the tools and presentations and files claiming to detail the agency’s methods of carrying out clandestine surveillance on Windows server software dating back to Windows XP and set off a mild panic for what was otherwise a slow Friday.

There’s just one problem: Microsoft says it has already issued patches for the majority of exploits, with some of them coming out as recently last month. The MSRC team made a blog post on Friday, the same day Shadow Brokers released the exploits, pointing this out. It was a remarkably quick response.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft confirms it's patched most of the NSA's Windows exploits

Credit to Author: Gregg Keizer| Date: Mon, 17 Apr 2017 12:05:00 -0700

Microsoft on Friday said it had patched most of the Windows vulnerabilities purportedly exploited by the National Security Agency (NSA) using tools that were leaked last week.

The Windows flaws were disclosed by the hacking gang Shadow Brokers in a large data dump earlier Friday. The group has released several collections of documents about the internal operations of the NSA, and the code it allegedly has used to compromise computers and other devices worldwide.

“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” Phillip Misner, a group manager in the Microsoft Security Response Center (MSRC), wrote in a post to a company blog.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

1,175 hotels listed in payment card breach of Holiday Inn parent company

Credit to Author: Darlene Storm| Date: Mon, 17 Apr 2017 10:11:00 -0700

You may recall commercials for Holiday Inn Express that revolved around a “Stay smart” theme, but if you stayed in Holiday Inn Express, or other InterContinental Hotels Group-branded franchise hotel late last year, then you would be really smart if you keep an eye out for unexpected charges on your credit card.

IHG finally reported the findings from an investigation into a breach of the company’s payment systems. The company has over 5,000 hotels across 100 counties, with brands such as Holiday Inn, Holiday Inn Resort, Holiday Inn Express, Crowne Plaza, Hotel Indigo, InterContinental, Kimpton, Staybridge Suites and Candlewood Suites. Hackers managed to get malware into the front desk payment system at some IHG-branded franchise hotels in the United States and Puerto Rico and made off with payment card data.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Profiling 10 types of hackers

Credit to Author: Ryan Francis| Date: Mon, 17 Apr 2017 04:00:00 -0700

Different shapes and sizes
01 hackers intro

Image by Thinkstock

Hackers, like the attacks they perpetrate, come in many forms, with motivations that range from monetary to political to ethical. Understanding the different types of hackers that exist and what motivates them can help you identify the attackers you are most susceptible to and properly defend yourself and your organization against cyberattacks. Travis Farral, director of security strategy at Anomali, outlines the top 10 types of hackers you should have on your radar.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

An introduction to six types of VPN software

Credit to Author: Michael Horowitz| Date: Sat, 15 Apr 2017 15:44:00 -0700

A VPN is simply an encrypted connection between two computers, each side running VPN software. The two sides, however, are not equal.

The software that you, as the user of a VPN service deal with, is known as the VPN client. The software run by a VPN company is a VPN server. The encrypted connection always starts with a VPN client making a request to a VPN server.

There are many different flavors of VPN connections, each with its own corresponding client and server software. The most popular flavors are probably L2TP/IPsec, OpenVPN, IKEv2 and PPTP.

Some VPN providers support only one flavor, others are much more flexible. Astrill, for example, supports OpenWeb, OpenVPN, PPTP, L2TP, Cisco IPSec, IKEv2, SSTP, StealthVPN and RouterPro VPN. At the other extreme, OVPN, as their name implies, only supports OpenVPN.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Honesty is not the best privacy policy

Credit to Author: Mike Elgan| Date: Sat, 15 Apr 2017 04:00:00 -0700

Digital privacy invasion is more than a theoretical or actual threat to our freedoms. It’s also a huge distraction.

Take MIT genius Steven Smith. He’s recently taken time away from his specialties of radar, sonar, and signal processing at MIT’s Lincoln Laboratory to automate the pollution of his family’s web traffic with thousands of arbitrary searches and sites.

His code essentially lies about internet activity to whomever is listening.

The software is an artful liar. According to a piece in The Atlantic, Smith’s algorithm uses web activity-spoofing software called PhantomJS to conduct searches in a way and on a timeline that mimics normal human online behavior.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft begins denying updates to some Windows 7 users

Credit to Author: Gregg Keizer| Date: Fri, 14 Apr 2017 12:56:00 -0700

Microsoft this week began blocking Windows 7 and 8.1 PCs equipped with the very newest processors from receiving security updates, making good on a policy it announced but did not implement last year.

But the company also refused to provide security fixes to Windows 7 systems that were powered by AMD’s “Carrizo” CPUs, an architecture that was supposed to continue receiving patches.

The decree that led to the update bans, whether allowable or not under Microsoft’s new policy, was revealed in January 2016, when the company said making Windows 7 and Windows 8.1 run on the latest processors was “challenging.” Microsoft then ruled that Windows 10 would be the only supported edition on seventh-generation and later CPUs and simultaneously dictated a substantial shortening of support of both editions.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Quantum computing advances toward the enterprise

Credit to Author: Sharon Gaudin| Date: Fri, 14 Apr 2017 12:19:00 -0700

 

Quantum computing may still sound like the stuff of science fiction, but within the next 10 years, it could be a reality

“Systems are still pretty rudimentary,” said Charles King, an analyst with Pund-IT.  “Though they perform some specific kinds of calculations faster than traditional computers, they are defined by their limitations. When true, fully operable quantum systems come online, they will force the IT industry, public and private sector organizations and individuals to fundamentally rethink certain kinds of problems and all but abandon some conventional solutions.”

To read this article in full or to leave a comment, please click here

Read More