Thursday, April 25, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Mobile & Wireless

ComputerWorld Independent 

Samsung's squashing of Tizen smart-TV bugs is turning messy

admin , ,

Credit to Author: Agam Shah| Date: Fri, 07 Apr 2017 11:08:00 -0700

After 40 critical vulnerabilities on Samsung’s Tizen — used in smart TVs and smartwatches — were exposed this week by Israeli researcher Amihai Neiderman, the company is scrambling to patch them.

But Samsung still doesn’t know many of the bugs that need to be patched. It’s also unclear when Tizen devices will get security patches, or if older Tizen devices will even get OS updates to squash the bugs.

Beyond Samsung’s smart TVs, Tizen is also used in wearables like Gear S3 and handsets like Samsung’s Z-series phones, which have sold well in India. Samsung wants to put Tizen in a range of appliances and IoT devices. Tizen also has been forked to be used in Raspberry Pi.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Google's Android hacking contest fails to attract exploits

admin , ,

Credit to Author: Lucian Constantin| Date: Fri, 31 Mar 2017 11:32:00 -0700

Six months ago, Google offered to pay $200,000 to any researcher who could remotely hack into an Android device by knowing only the victim’s phone number and email address. No one stepped up to the challenge.

While that might sound like good news and a testament to the mobile operating system’s strong security, that’s likely not the reason why the company’s Project Zero Prize contest attracted so little interest. From the start, people pointed out that $200,000 was too low a prize for a remote exploit chain that wouldn’t rely on user interaction.

“If one could do this, the exploit could be sold to other companies or entities for a much higher price,” one user responded to the original contest announcement in September.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

How to protect yourself from ATM crime

admin , ,

Credit to Author: Mike Elgan| Date: Sat, 25 Mar 2017 04:00:00 -0700

The ATM card is dead. Or is it?

Starting Monday, all 13,000 Wells Fargo ATMs will enable you to withdraw money without using your card, according to Jonathan Velline, head of Wells Fargo ATM and branch strategy.

It works like this: Open the Wells Fargo app on your phone. Tap a button in the app for a temporary eight-digit code. Then enter the code, followed by your PIN, to access your account.

Wells Fargo is the first major U.S. bank to offer app-based access to all of its ATMs.

Citigroup, Chase and Bank of America and others are working on similar ATM functions, with only some machines already upgraded.

wellsfargo atm code Wells Fargo

Wells Fargo will enable ATM access without a card via a temporary eight-digit code accessible in its mobile app.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

The ultimate guide to strategic tech partners

admin , , , , ,

Credit to Author: Bob Violino| Date: Mon, 20 Mar 2017 03:38:00 -0700

The IT vendor landscape is constantly in flux, with mergers, acquisitions, new technology developments and the growth of the cloud having a huge impact on which companies might be the most strategic partners for organizations looking to enhance their technology infrastructure.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more
ComputerWorld Independent 

BlackBerry preps a more secure Samsung Galaxy S7

admin , , , , ,

Credit to Author: Peter Sayer| Date: Sun, 19 Mar 2017 10:58:00 -0700

Secusmart, the BlackBerry subsidiary that secures the German Chancellor Angela Merkel’s smartphone, will roll out a version of its SecuSuite security software compatible with Samsung Electronics’ Knox platform later this year.

That means that organizations looking for smartphones offering government-grade security will be able to buy the Samsung Galaxy S7 or, soon, the S8 rather than the now-discontinued BlackBerry OS smartphones like the one Merkel uses.

In addition to encrypting communications and data stored on the device, the new SecuSuite also secures voice calls using the SNS standard set by Germany’s Federal Office for Information Security (BSI). Organizational app traffic is passed through an IPsec VPN, while data from personal apps can go straight to the internet. Encrypted voice calls go through a different gateway, not the VPN.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

admin , , ,

Credit to Author: Lucian Constantin| Date: Wed, 15 Mar 2017 07:55:00 -0700

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw’s details with them.

The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users’ phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Twitter accounts hacked, Twitter Counter steps forward as culprit

admin , , ,

Credit to Author: Peter Sayer| Date: Wed, 15 Mar 2017 07:37:00 -0700

Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.

An unlikely number of Twitter users suddenly learned to speak Turkish on Wednesday, posting an inflammatory message in the language replete with Nazi swastikas.

Among those posting the message were the Twitter accounts of Forbes magazine, the Atlanta Police Department, and Amnesty International, one of the few hacked accounts one might expect to actually speak Turkish.

Fears that these accounts had all been hacked were quickly allayed, when Twitter identified a third-party app as being to blame.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Android devices coming with preinstalled malware

admin , , ,

Credit to Author: Darlene Storm| Date: Mon, 13 Mar 2017 07:52:00 -0700

The phone, given to you by your company, could be targeted at some point and end up with a malware infection, but you wouldn’t expect the malware to be preinstalled “somewhere along the supply chain.” Yet preinstalled malware is precisely what one security vendor found on 38 Android devices.

Check Point Software Technologies did not name the affected companies, saying only that the phones belonged to “a large telecommunications company” and “a multination technology company.” A good chunk of the infected phones were Samsung models, but phones by Lenovo, LG, Asus, ZTE, Vivo, Oppo and Xiaomi were also preinstalled with malware after leaving the manufacturers but before landing in the hands of the companies’ employees.

To read this article in full or to leave a comment, please click here

Read more