Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Defensive Computing for email attachments

Credit to Author: Michael Horowitz| Date: Wed, 15 Mar 2017 12:12:00 -0700

Email attachments remain an effective way to infect/compromise computers because people trust them too much. Blindly opening them is easy, simple and quick, but, it’s also not secure. What is secure?

Never open email attachments using Microsoft Office or Adobe’s PDF reading software.

Really should go without saying at this point.

Never open attachments on a Windows, Mac or Linux computer you care about or use regularly.

These old desktop systems are simply not as secure as more modern operating systems.

The safest computers for opening suspect files run iOS or Chrome OS.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft fixes record number of flaws, some publicly known

Credit to Author: Lucian Constantin| Date: Wed, 15 Mar 2017 11:54:00 -0700

Microsoft’s batch of security patches for March is one of the largest ever and includes fixes for several vulnerabilities that are publicly known and actively exploited.

The company published 17 security bulletins covering 135 vulnerabilities in its own products and one separate bulletin for Flash Player, which has its security patches distributed through Windows Update. Nine bulletins are rated critical and nine are rated as important.

The affected products include Windows, Internet Explorer, Microsoft Edge, Microsoft Office, Exchange, Skype for Business, Microsoft Lync, and Silverlight.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: Largest ever Patch Tuesday from Microsoft

Credit to Author: Greg Lambert| Date: Wed, 15 Mar 2017 11:44:00 -0700

After last month’s rather brief Patch Tuesday from Microsoft, we see the largest ever release of updates for Windows and Microsoft Office — and of course another critical update for Adobe Flash Player.

For this March update, we see an unusually large number of critical updates — nine patches rated as critical and the remaining nine rated by Microsoft as important. In addition to this large cohort of patches, we also get a security advisory with KB3123479.

We have added both browser patches (MS17-006 and MS17-007) and the Adobe Flash Player update (MS17-023) to our “Patch Now” list. In addition, the core XML Services patch (MS17-022), though only rated as important by Microsoft, attempts to resolve a publicly disclosed zero-day flaw. MS17-022 was therefore also added to our “Patch Now” list.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

4 charged, including Russian gov't agents, for massive Yahoo hack

Credit to Author: Martyn Williams| Date: Wed, 15 Mar 2017 09:22:00 -0700

The FBI on Wednesday charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.

In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a “state-sponsored” group.

The FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

Credit to Author: Lucian Constantin| Date: Wed, 15 Mar 2017 07:55:00 -0700

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw’s details with them.

The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users’ phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Twitter accounts hacked, Twitter Counter steps forward as culprit

Credit to Author: Peter Sayer| Date: Wed, 15 Mar 2017 07:37:00 -0700

Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.

An unlikely number of Twitter users suddenly learned to speak Turkish on Wednesday, posting an inflammatory message in the language replete with Nazi swastikas.

Among those posting the message were the Twitter accounts of Forbes magazine, the Atlanta Police Department, and Amnesty International, one of the few hacked accounts one might expect to actually speak Turkish.

Fears that these accounts had all been hacked were quickly allayed, when Twitter identified a third-party app as being to blame.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Twitter Counter hacked: Hundreds of high-profile Twitter accounts hijacked

Credit to Author: Darlene Storm| Date: Wed, 15 Mar 2017 06:16:00 -0700

Twitter seemed to temporarily be overtaken by tweets featuring swastikas, Turkish flags and Nazi references after third-party analytics app Twitter Counter was hacked.

It’s unclear how many Twitter accounts were affected – hundreds or thousands – considering Twitter Counter claims to have more than two million users who linked their Twitter accounts to its service for the purpose of providing statistics and tracking responses to tweets.

Infosec journalist Graham Cluley apologized “for the Nazi spam” after his account was hijacked. There was a rush of people scrubbing their accounts as Amnesty International, Duke University, Forbes, Reuters Japan, BBC North America, UNICEF USA, the UK Department of Health, the CEO of Sprint, bitcoin wallet Blockchain, the Atlanta Police Department, Starbucks Argentina, the European Parliament, Nike Spain, sports stars, celebrities and many others were compromised and also spewed Nazi spam.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Court blocks American from suing Ethiopia for infecting his computer

Credit to Author: John Ribeiro| Date: Wed, 15 Mar 2017 04:10:00 -0700

An appeals court has barred an Ethiopian-born U.S. citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.

The U.S. Court of Appeals for the District of Columbia Circuit ruled Tuesday that foreign states are immune from lawsuits in a U.S. court unless an exception to the Foreign Sovereign Immunities Act (FSIA) applies.

The person, who is referred to in court documents by the pseudonym Kidane, was born in Ethiopia and lived there for 30 years before seeking asylum in the U.S. He lives in Maryland.

To read this article in full or to leave a comment, please click here

Read More