Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

True privacy online is not viable

Credit to Author: Evan Schuman| Date: Tue, 21 Feb 2017 03:00:00 -0800

Privacy-concerned consumers desperately want a magic bullet, some simple thing they can use that will protect their identities and their web activity. And although there are a plethora of offerings today that make such a claim — VPNs, privacy-focused browsers such as Tor, privacy search engines such as DuckDuckGo, quite a few services that claim to anonymize anyone’s activity — the practical realities of human behavior make such privacy claims bogus.

Let me stress that almost all of these services do indeed help a person remain anonymous from the casual, untrained observer (the typical roommate, spouse, co-worker, boss, etc.). But any consumer who thinks that these tools will thwart a law enforcement agent, motivated cyberthief or identity thief, or anyone who is willing to spend the time to track you down is in for unhappiness.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Hackers behind bank attack campaign use Russian decoy

Credit to Author: Lucian Constantin| Date: Mon, 20 Feb 2017 07:00:00 -0800

The hackers behind a sophisticated attack campaign that has recently targeted financial organizations around the world have intentionally inserted Russian words and commands into their malware in an attempt to throw investigators off.

Researchers from cybersecurity firm BAE Systems have recently obtained and analyzed additional malware samples related to an attack campaign that has targeted 104 organizations — most of them banks — from 31 different countries.

They found multiple commands and strings in the malware that appear to have been translated into Russian using online tools, the results making little sense to a native Russian speaker.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Uber to investigate female engineer’s ‘abhorrent’ sexual harassment claims

Credit to Author: Darlene Storm| Date: Mon, 20 Feb 2017 05:51:00 -0800

If you are a woman then working at Uber sounds like hell, based upon allegations made by Susan Fowler. She worked as a site reliability engineer at Uber from Nov. 2015 to Dec. 2016; now that she works at Stripe, she has come forward with a sickening tale of sexual harassment, discrimination and an HR department that just let it happen.

Uber CEO Travis Kalanick ordered an “urgent investigation” into Fowler’s harassment and discrimination complaints, promising to fire the people who believe the disgusting behavior is permissible at Uber.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Here’s how the U.S. government can bolster cybersecurity

Credit to Author: Michael Kan| Date: Fri, 17 Feb 2017 13:53:00 -0800

Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before Congress, warning of the dangers of the internet.

Unfortunately, the U.S. government is still struggling to act, Wysopal said. “You’re just going to keep ending up with the status quo,” he said, pointing to the U.S. government’s failure to regulate the tech industry or provide incentives for change.

It’s a feeling that was shared by the experts who attended this week’s RSA cybersecurity show in San Francisco. The U.S. government needs to do more on cybersecurity, but what?  

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: Why February's Patch Tuesday is delayed

Credit to Author: Greg Lambert| Date: Fri, 17 Feb 2017 09:52:00 -0800

After a short break since our Patch Tuesday Debugged analysis in January, it looks like we are going to have some delay with Patch Tuesday in February due to a last minute technical issue with the Microsoft release process.

Microsoft had previously indicated that it was going to change the update process for security-related fixes this month — and a bug discovered during this process change may have caused the delay. Chris Goettl from Ivanti, offers this: “In the hours since Microsoft announced it was going to postpone Update Tuesday I have had a number of people asking if this delay was related to Microsoft’s change to a cumulative update model. If it were just one update that was delayed I would agree, but with all updates being delayed I think it is more of a Windows Update Services infrastructure issue.” I would tend to agree.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Insecure Android apps put connected cars at risk

Credit to Author: Lucian Constantin| Date: Fri, 17 Feb 2017 09:08:00 -0800

Android applications that allow millions of car owners to remotely locate and unlock their vehicles are missing security features that could prevent tampering by hackers.

Researchers from antivirus vendor Kaspersky Lab took seven of the most popular Android apps that accompany connected cars from various manufacturers, and analyzed them from the perspective of a compromised Android device. The apps and manufacturers have not been named.

The researchers looked at whether such apps use any of the available countermeasures that would make it hard for attackers to hijack them when the devices they’re installed on are infected with malware. Other types of applications, such as banking apps, have such protections.

To read this article in full or to leave a comment, please click here

Read More