Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

New Mirai IoT variant launched 54-hour DDoS attack against a US college

Credit to Author: Darlene Storm| Date: Wed, 29 Mar 2017 08:10:00 -0700

A new variant of the Mirai IoT malware was spotted in the wild when it launched a 54-hour DDoS attack against an unnamed US college.

While the attack occurred on February 28, Imperva Incapsula is informing the world about it today. The researchers believe it is a new variant of Mirai, one that is “more adept at launching application layer assaults.”

The average traffic flow was 30,000 requests per second (RPS) and peaked at about 37,000 RPS, which the DDoS mitigation firm said was the most it has seen out of any Mirai botnet so far. “In total, the attack generated over 2.8 billion requests.”

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Insecure security cameras sound like a joke, but aren’t

Credit to Author: Evan Schuman| Date: Wed, 29 Mar 2017 04:00:00 -0700

Reports recently surfaced that Google was alerted to security holes in its IoT security camera products and declined to patch them. This was quite frightening for two reasons. First, the fix was apparently straightforward, and second, the hole was readily and easily available to burglars with even a modicum of tech savviness.

Meanwhile, eBay seems to be encouraging users to downgrade their security defenses by giving up the hardware tokens they use for two-factor authentication and relying on text messages instead. Yes, eBay suggested that users make themselves more vulnerable to identity thieves. With these two recent incidents, is it any wonder that IT is suspicious about whether major companies are taking security seriously?

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

What it takes to become an IT security engineer

Credit to Author: Stacy Collett| Date: Wed, 29 Mar 2017 03:56:00 -0700

When Scott Copeland got his associate degree in network administration back in 2004, the community college he attended didn’t offer IT security courses, “but it gave me the foundation to learn more about network security,” he says. His determination and thirst for learning led him to his current job as an IT security engineer at FedEx Services in Memphis, Tenn.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More
ComputerWorldIndependent
admin

House votes to undo broadband privacy rules

Credit to Author: Michael Kan| Date: Tue, 28 Mar 2017 16:09:00 -0700

The U.S. House of Representatives has followed the Senate in voting to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.

On Tuesday, the House voted 215-205 to do away with the privacy rules that the U.S. Federal Communications Commission passed last year. The rules had yet to come into effect.

They require broadband carriers to first obtain opt-in approval from customers before using and sharing their sensitive personal information, such as web browsing history, geo-location data and what applications they’ve used.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

46% off CyberPower Surge Protector 3-AC Outlet with 2 USB (2.1A) Charging Ports – Deal Alert

Credit to Author: DealPost Team| Date: Tue, 28 Mar 2017 14:06:00 -0700

The Professional Surge Protector CSP300WUR1 safeguards common home and office devices, such as computers and electronics, by absorbing spikes in energy caused by storms and electrical power surges. Designed for convenience, the portable CSP300WUR1 is ideal for travelers. It provides 600 joules of protection, has three surge-protected outlets, and a folding wall tap plug. Two USB ports (2.1 Amp shared) charge personal electronics, including smartphones, digital cameras, MP3 players, and other devices. A Limited-Lifetime Warranty ensures that this surge suppressor has passed high quality standards in design, assembly, material or workmanship and further protection is offered by a $50,000 Connected Equipment Guarantee. It currently averages 4 out of 5 stars on Amazon, where its typical list price of $21.955 has been reduced 46% to just $11.88. See the discounted CSP300WUR1 on Amazon.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Scammers scare iPhone users into paying to unlock not-really-locked Safari

Credit to Author: Gregg Keizer| Date: Tue, 28 Mar 2017 13:28:00 -0700

Apple yesterday patched a bug in the iOS version of Safari that had been used by criminals to spook users into paying $125 or more because they assumed the browser was broken.

The flaw, fixed in Monday’s iOS 10.3 update, had been reported to Apple a month ago by researchers at San Francisco-based mobile security firm Lookout.

“One of our users alerted us to this campaign, and said he had lost control of Safari on his iPhone,” Andrew Blaich, a Lookout security researcher, said in a Tuesday interview. “He said, ‘I can’t use my browser anymore.'”

The criminal campaign, Blaich and two colleagues reported in a Monday post to Lookout’s blog, exploited a bug in how Safari displayed JavaScript pop-ups. When the browser reached a malicious site implanted with the attack code, the browser went into an endless loop of dialogs that refused to close no matter who many times “OK” was tapped. The result: Safari was unusable.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

LastPass is scrambling to fix another serious vulnerability

Credit to Author: Lucian Constantin| Date: Tue, 28 Mar 2017 10:01:00 -0700

For the second time in two weeks, developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.

Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google’s Project Zero team. The researcher revealed the vulnerability’s existence in a message on Twitter, but didn’t publish any technical details about it that could allow attackers to exploit it.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

How to deal with backdoors inserted or left by vendors

Credit to Author: David Geer| Date: Tue, 28 Mar 2017 03:54:00 -0700

It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More