Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Microsoft stays security bulletins' termination

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 13:17:00 -0700

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month’s slate of vulnerabilities and accompanying patches.

The bulletins’ last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the “Security Updates Guide” or SUG.

But just hours before February’s security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing “a last-minute issue” that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

DOJ: No, we won't say how much the FBI paid to hack terrorist's iPhone

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 11:31:00 -0700

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist’s iPhone or disclose how much it paid for the hacking job, court documents showed.

That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.

In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple’s help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Hackers use dangerous Petya ransomware in targeted attacks

Credit to Author: Lucian Constantin| Date: Tue, 14 Mar 2017 11:19:00 -0700

In a case of no honor among thieves, a group of attackers has found a way to hijack the Petya ransomware and use it in targeted attacks against companies without the program creators’ knowledge.

A computer Trojan dubbed PetrWrap, being used in attacks against enterprise networks, installs Petya on computers and then patches it on the fly to suit its needs, according to security researchers from antivirus vendor Kaspersky Lab.

The Trojan uses programmatic methods to trick Petya to use a different encryption key than the one its original creators have embedded inside its code. This ensures that only the PetrWrap attackers can restore the affected computers to their previous state.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

The NSA's foreign surveillance: 5 things to know

Credit to Author: Grant Gross| Date: Tue, 14 Mar 2017 09:27:00 -0700

A contentious piece of U.S. law giving the National Security Agency broad authority to spy on people overseas expires at the end of the year. Expect heated debate about the scope of U.S. surveillance law leading up to Dec. 31.

One major issue to watch involves the way the surveillance treats communications from U.S. residents. Critics say U.S. emails, texts, and chat logs — potentially millions of them — are caught up in surveillance authorized by Section 702 of the Foreign Intelligence Surveillance Act (FISA).

U.S. residents who communicate with foreign targets of the NSA surveillance have their data swept up in what the NSA calls “incidental” collection. The FBI can then search those communications, but it’s unclear how often that happens.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

It's time to turn on HTTPS: The benefits are well worth the effort

Credit to Author: Lucian Constantin| Date: Tue, 14 Mar 2017 05:30:00 -0700

After Edward Snowden revealed that online communications were being collected en masse by some of the world’s most powerful intelligence agencies, security experts called for encryption of the entire web. Four years later, it looks like we’ve passed the tipping point.

The number of websites supporting HTTPS — HTTP over encrypted SSL/TLS connections — has skyrocketed over the past year. There are many benefits to turning on encryption, so if your website does not yet support the technology it’s time to make the move.

Recent telemetry data from Google Chrome and Mozilla Firefox shows that over 50 percent of web traffic is now encrypted, both on computers and mobile devices. Most of that traffic goes to a few large websites, but even so, it’s a jump of over 10 percentage points since a year ago.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Mirai is the hydra of IoT security: Too many heads to cut off

Credit to Author: Michael Kan| Date: Tue, 14 Mar 2017 04:05:00 -0700

Efforts to stop Mirai, a malware found infecting thousands of IoT devices, have become a game of whack-a-mole, with differing opinions over whether hackers or the security community are making any headway.

The malicious code became publicly available in late September. Since then, it’s been blamed for enslaving IoT devices such as DVRs and internet cameras to launch massive distributed denial-of-service attacks, one of which disrupted internet access across the U.S. in October.

The good news: Last month, police arrested one suspected hacker who may have been behind several Mirai-related DDoS attacks.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

WikiLeaks dump spotlights CIA spying powers

Credit to Author: Michael Kan| Date: Mon, 13 Mar 2017 10:51:00 -0700

Has the CIA ever spied on you? That’s a key question swirling around the WikiLeaks document dump that allegedly details the U.S. agency’s secret hacking tools.

The documents themselves don’t reveal much about who the CIA might have snooped on. But the agency certainly has the power to spy on foreigners outside the U.S., said Paul Pillar, a former deputy counterterrorism chief with the CIA.

That’s its job after all: To collect foreign intelligence. But even so, the CIA is pretty selective with its targets.   

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Of course your TV’s spying on you

Credit to Author: Steven J. Vaughan-Nichols| Date: Mon, 13 Mar 2017 10:22:00 -0700

Julian Assange, Wikileaks’ founder and Russian propagandist, must be proud of himself. In his latest “revelation” that the Central Intelligence Agency (CIA) can hack Apple and Android smartphones, PC operating systems and smart TVs, he has people throwing fits about how awful the CIA is.

Please. Give me a break.

Wikileaks uncovered nothing really new. Zero. Zilch.

As my fellow Computerworld writer buddy Mike Elgin said, “The Wikileaks/CIA stories simply remind us anything with a camera, microphone or IP address could theoretically be hacked.”

To read this article in full or to leave a comment, please click here

Read More