Saturday, November 15, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Krebs

IndependentKrebs
admin

Microsoft Patch Tuesday, May 2018 Edition

Credit to Author: BrianKrebs| Date: Tue, 08 May 2018 20:38:16 +0000

Microsoft today released a bundle of security updates to fix at least 67 holes in its various Windows operating systems and related software, including one dangerous flaw that Microsoft warns is actively being exploited. Meanwhile, as it usually does on Microsoft’s Patch Tuesday — the second Tuesday of each month — Adobe has a new Flash Player update that addresses a single but critical security weakness. First, the Flash Tuesday update, which brings Flash Player to v. 29.0.0.171. Some (present company included) would argue that Flash Player is in itself “a single but critical security weakness.” Nevertheless, Google Chrome and Internet Explorer/Edge ship with their own versions of Flash, which get updated automatically when new versions of these browsers are made available.

Read More
IndependentKrebs
admin

Study: Attack on KrebsOnSecurity Cost IoT Device Owners $323K

Credit to Author: BrianKrebs| Date: Mon, 07 May 2018 16:47:20 +0000

A monster distributed denial-of-service attack (DDoS) against KrebsOnSecurity.com in 2016 knocked this site offline for nearly four days. The attack was executed through a network of hacked “Internet of Things” (IoT) devices such as Internet routers, security cameras and digital video recorders. A new study that tries to measure the direct cost of that one attack for IoT device users whose machines were swept up in the assault found that it may have cost device owners a total of $323,973.75 in excess power and added bandwidth consumption. My bad.

Read More
IndependentKrebs
admin

Twitter to All Users: Change Your Password Now!

Credit to Author: BrianKrebs| Date: Thu, 03 May 2018 22:40:48 +0000

Twitter just asked all 300+ million users to reset their passwords, citing the exposure of user passwords via a bug that stored passwords in plain text — without protecting them with any sort of encryption technology that would mask a Twitter user’s true password. The social media giant says it has fixed the bug and that so far its investigation hasn’t turned up any signs of a breach or that anyone misused the information. But if you have a Twitter account, please change your account password now.

Read More
IndependentKrebs
admin

When Your Employees Post Passwords Online

Credit to Author: BrianKrebs| Date: Wed, 02 May 2018 19:26:47 +0000

Storing passwords in plaintext online is never a good idea, but it’s remarkable how many companies have employees who are doing just that using online collaboration tools like Trello.com. Last week, KrebsOnSecurity notified a host of companies that employees were using Trello to share passwords for sensitive internal resources. Among those put at risk by such activity included an insurance firm, a state government agency and ride-hailing service Uber.com.

Read More
IndependentKrebs
admin

Security Trade-Offs in the New EU Privacy Law

Credit to Author: BrianKrebs| Date: Fri, 27 Apr 2018 17:27:40 +0000

On two occasions this past year I’ve published stories here warning about the prospect that new European privacy regulations could result in more spams and scams ending up in your inbox. This post explains in a question and answer format some of the reasoning that went into that prediction, and responds to many of the criticisms leveled against it.

Read More
IndependentKrebs
admin

DDoS-for-Hire Service Webstresser Dismantled

Credit to Author: BrianKrebs| Date: Wed, 25 Apr 2018 17:41:37 +0000

Authorities in the U.S., U.K. and the Netherlands on Tuesday took down popular online attack-for-hire service WebStresser.org and arrested its alleged administrators. Investigators say that prior to the takedown, the service had more than 136,000 registered users and was responsible for launching somewhere between four and six million attacks over the past three years.

Read More