Sunday, May 3, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

'Fileless malware' attacks, used on banks, have been around for years

Fileless malware attacks, which were recently discovered in the networks of at least 140 banks, telecoms and governments, account for about 15% of known attacks today and have been around for years in different forms.

“Fileless malware attacks are becoming much more common and circumvent most of the endpoint protection and detection tools deployed today,” Gartner security analyst Avivah Litan said.

A recent discovery of fileless malware was reported on Wednesday by researchers at Moscow-based Kaspersky Labs. The attackers have not been identified and “attribution [is] almost impossible,” according to Kaspersky.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Windows Trojan hacks into embedded devices to install Mirai

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they’re less vulnerable.

Researchers from Russian antivirus vendor Doctor Web have recently come across a Windows Trojan program that was designed to gain access to embedded devices using brute-force methods and to install the Mirai malware on them.

Mirai is a malware program for Linux-based internet-of-things devices, such as routers, IP cameras, digital video recorders and others. It’s used primarily to launch distributed denial-of-service (DDoS) attacks and spreads over Telnet by using factory device credentials.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: Balancing security and convenience on your Android phone

In an ideal world, we wouldn’t need passwords, lock screens, or to take any other steps to protect our security and privacy.

In the real world, we need to find the right balance of security and convenience. It can be difficult to find the sweet spot with an acceptable level of risk and ease of use because — even though no one likes to think it will happen to them — millions of phones are lost or stolen each year.

A modern smartphone can provide access to almost every aspect of your life, ranging from your email to your banking information. It is important to keep the level of risk in mind when you are choosing how much effort you are willing to put towards ensuring that information remains private.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IT and C-level leaders point fingers at each other over cyber defense

IT managers disagree with chief executives over who is responsible for a cyber security breach, according to a survey released Thursday.

The survey — of a group of 221 chief executive officers and other C-level executives and another group of 984 IT decision makers — found that each group largely believes the other group is responsible in the event of a breach.

In the survey, 35% of C-level respondents said IT teams would be responsible in a breach, while 50% of IT leaders think that responsibility rests with their senior managers.

Also, IT managers estimate a single cyber attack will cost their business nearly twice what top-level executives estimate. The IT managers put the cost of a single attack at $19 million, compared to the C-suite estimate of about $11 million.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

U.S. proposal to collect travelers' passwords alarms privacy experts

To better vet foreign travelers, the U.S. might demand that some visa applicants hand over the passwords to their social media accounts, a proposal that’s alarming privacy experts.

“If they don’t want to give us the information, then they don’t come,” said John Kelly, the head of the Department of Homeland Security, on Tuesday.

Kelly mentioned the proposal in a congressional hearing when he was asked what his department was doing to look at visa applicants’ social media activity.

He said it was “very hard to truly vet” the visa applicants from the seven Muslim-majority countries covered by the Trump administration’s travel ban, which is now in legal limbo. Many of the countries are failed states with little internal infrastructure, he said.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

AT&T, IBM, Nokia join to make IoT systems safer

Some big players in security and the internet of things, including AT&T and Nokia, are joining forces to solve problems that they say make IoT vulnerable in many areas.

The IoT Cybersecurity Alliance, formed Wednesday, also includes IBM, Symantec, Palo Alto Networks, and mobile security company Trustonic. The group said it won’t set standards but will conduct research, educate consumers and businesses, and influence standards and policies.

As IoT technologies take shape, there’s a danger of new vulnerabilities being created in several areas. Consumer devices have been in the security spotlight thanks to incidents like the DDoS attacks last year that turned poorly secured set-top boxes and DVRs into botnets. But the potential weaknesses are much broader, spanning the network, cloud, and application layers, the new group said in a press release.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Accenture wants to help businesses secure their blockchains

Accenture wants to help businesses use blockchain technologies more securely by locking away the encryption keys they use to sign transactions.

It’s built a system that blockchain developers can use to store credentials in specialized cryptoprocessors called hardware security modules (HSMs).

HSMs are typically used by banks to store the PINs associated with payment cards or the credentials used to make interbank payments over the SWIFT network, and are much more secure than storing the credentials, even in encrypted form, on network-connected servers from where attackers could steal them.

The PINs or credentials never leave the HSMs, and their use within them is strictly controlled.

To read this article in full or to leave a comment, please click here

Read More