Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Newer car tech opens doors to CIA attacks

Credit to Author: Lucas Mearian| Date: Fri, 10 Mar 2017 03:01:00 -0800

The revelation through Wikileaks that the CIA has explored hacking vehicle computer control systems should concern consumers, particularly as more and more cars and trucks roll off assembly lines with autonomous features.

“I think it’s a legitimate concern considering all of the computers being added to cars,” said Kit Walsh, a staff attorney with the privacy group Electronic Frontier Foundation (EFF). “There’s no reason the CIA or other intelligence agencies or bad actors couldn’t use those vulnerabilities to hurt people.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

WikiLeaks plans to share CIA hacking details, but can companies use it?

Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 19:06:00 -0800

WikiLeaks plans to share details about what it says are CIA hacking tools with the tech companies so that software fixes can be developed.

But will software companies want it?

The information WikiLeaks plans to share comes from 8,700-plus documents it says were stolen from an internal CIA server. If the data is classified — and it almost certainly is — possessing it would be a crime.

That was underlined on Thursday by White House press secretary Sean Spicer, who advised tech vendors to consider the legal consequences of receiving documents from WikiLeaks.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

WikiLeaks plans share CIA hacking details, but can companies use it?

Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 19:06:00 -0800

WikiLeaks plans to share details about what it says are CIA hacking tools with the tech companies so that software fixes can be developed.

But will software companies want it?

The information WikiLeaks plans to share comes from 8,700-plus documents it says were stolen from an internal CIA server. If the data is classified — and it almost certainly is — possessing it would be a crime.

That was underlined on Thursday by White House press secretary Sean Spicer, who advised tech vendors to consider the legal consequences of receiving documents from WikiLeaks.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

After CIA leak, Intel Security releases detection tool for EFI rootkits

Credit to Author: Lucian Constantin| Date: Thu, 09 Mar 2017 13:32:00 -0800

Intel Security has released a tool that allows users to check if their computer’s low-level system firmware has been modified and contains unauthorized code.

The release comes after CIA documents leaked Tuesday revealed that the agency has developed EFI (Extensible Firmware Interface) rootkits for Apple’s Macbooks. A rootkit is a malicious program that runs with high privileges — typically in the kernel — and hides the existence of other malicious components and activities.

The documents from CIA’s Embedded Development Branch (EDB) mention an OS X “implant” called DerStarke that includes a kernel code injection module dubbed Bokor and an EFI persistence module called DarkMatter.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

After WikiLeaks' CIA dump, China tells U.S. to stop spying

Credit to Author: Gregg Keizer| Date: Thu, 09 Mar 2017 10:37:00 -0800

China today asked the U.S. government to stop spying on it, China’s first reaction to WikiLeaks’ disclosure of a trove of CIA documents that alleged the agency was able to hack smartphones, personal computers, routers and other digital devices worldwide.

“We urge the U.S. to stop listening in, monitoring, stealing secrets and [conducting] cyber-attacks against China and other countries,” said Geng Shuang, a Foreign Ministry spokesman said today in a Beijing press briefing.

Geng also said that China would protect its own networks, was willing to work with others toward what he called “orderly cyberspace,” and repeated his government’s stock denunciation of hacking.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Assange: CIA had lost control of its cyberweapon documents

Credit to Author: Grant Gross| Date: Thu, 09 Mar 2017 08:53:00 -0800

Information about purported CIA cyberattacks was “passed around” among members of the U.S. intelligence community and contractors before it was published by WikiLeaks this week, Julian Assange says.

The CIA “lost control of its entire cyberweapons arsenal,” the WikiLeaks editor-in-chief said during a press conference Thursday. “This is a historic act of devastating incompetence, to have created such an arsenal and stored all in one place and not secured it.”

Assange declined to name the source who gave the information to WikiLeaks, but he seemed to suggest the 8,700-plus documents, purportedly from an isolated CIA server, came from an insider source.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Credit to Author: Lucian Constantin| Date: Thu, 09 Mar 2017 04:19:00 -0800

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

Apache Struts is an open-source web development framework for Java web applications. It’s widely used to build corporate websites in sectors including education, government, financial services, retail and media.

On Monday, the Apache Struts developers fixed a high-impact vulnerability in the framework’s Jakarta Multipart parser. Hours later, an exploit for the flaw appeared on Chinese-language websites, which was almost immediately followed by real-world attacks, according to researchers from Cisco Systems.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Why email is safer in Office 365 than on your Exchange server

Credit to Author: Mary Branscombe| Date: Thu, 09 Mar 2017 04:11:00 -0800

Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More