Tuesday, November 4, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

With BYOD comes responsibility — and many firms aren't delivering

Apple deployments are accelerating across the global enterprise, so it’s surprising that many organizations don’t properly recognize that change. Even when companies put Macs, iPhones, and iPads in the hands of their employees, they are failing to manage these deployments. It’s quite shocking.

That’s the biggest take-away from the latest Jamf research, which warns that almost half of enterprises across Europe still don’t have a formal Bring-Your-Own-Device (BYOD) policy in place. That’s bad, as it means companies have no control over how employees connect and use corporate resources, creating a nice, soft attack surface for criminals and competitors alike.

To read this article in full, please click here

Read More
IndependentKrebs
admin

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Credit to Author: BrianKrebs| Date: Tue, 29 Aug 2023 18:35:25 +0000

The U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computer systems.

Read More
ComputerWorldIndependent
admin

New law could turn UK into a hacker's playground

It looks as if people are at last waking up to a second extraordinarily dangerous requirement buried within a UK government bill designed to promote the nation as a surveillance state. It means bureaucrats can delay or prevent distribution of essential software updates, making every computer user far less secure.

A poor law

This incredibly damaging limitation is just one of the many bad ideas buried in the UKs latest piece of shoddy tech regulation, the Investigatory Powers Act. What makes the law doubly dangerous is that in the online world, you are only ever as secure as your least secure friend, which means UK businesses will likely suffer by being flagged as running insecure versions of operating systems.

To read this article in full, please click here

Read More
IndependentKrebs
admin

Kroll Employee SIM-Swapped for Crypto Investor Data

Credit to Author: BrianKrebs| Date: Fri, 25 Aug 2023 18:05:10 +0000

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack targeting an employee of Kroll — the company handling both firms’ bankruptcy restructuring.

Read More
ComputerWorldIndependent
admin

Managed Apple IDs, iCloud, and the shadow IT connection

Apple is continuing its expansion of Managed Apple IDs for business customers, giving them increased access to iCloud services and Apple Continuity features. Companies get iCloud backup and new syncing options (particularly for passwords, passkeys, and other enterprise credentials) — along with access to business-friendly Continuity features such as Universal Control.

But they could also lead to increased data sprawl and siloing. Ironically, those issues are typically related to shadow IT, even though they’re enterprise features. Let’s look at what’s going on and how enterprises can take advantage of these features and services without running into trouble.

To read this article in full, please click here

Read More
IndependentKrebs
admin

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

Credit to Author: BrianKrebs| Date: Tue, 22 Aug 2023 17:45:28 +0000

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

Read More
ComputerWorldIndependent
admin

Why and how to create corporate genAI policies

As a large number of companies continue to test and deploy generative artificial intelligence (genAI) tools, many are at risk of AI errors, malicious attacks, and running afoul of regulators — not to mention the potential exposure of sensitive data.

For example, in April, after Samsung’s semiconductor division allowed engineers to use ChatGPT, workers using the platform leaked trade secrets on least three instances, according to published accounts. One employee pasted confidential source code into the chat to check for errors, while another worker shared code with ChatGPT and “requested code optimization.”

To read this article in full, please click here

Read More
IndependentKrebs
admin

Karma Catches Up to Global Phishing Service 16Shop

Credit to Author: BrianKrebs| Date: Thu, 17 Aug 2023 19:58:56 +0000

You’ve probably never heard of “16Shop,” but there’s a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. INTERPOL said authorities in Indonesia arrested the 21-year-old proprietor and one of his alleged facilitators, and that a third suspect was apprehended in Japan.

Read More