January 2017 – Computer Security Articles

Data Privacy Day – 10 tips to keep your data secure

January 31, 2017 admin data privacy day, Online privacy, phishing, ransomware, Safe Banking

Recognized annually on January 28th, Data Privacy Day is defined as a centered approach towards respecting privacy, safeguarding data, and enabling trust. It is a global effort to raise and promote awareness around protecting one’s data and privacy. With this thought in mind, we have put together these 10 security…

The post Data Privacy Day – 10 tips to keep your data secure appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

ComputerWorld Independent

How to make PC security alerts better? Make them twirl, jiggle

January 31, 2017 admin Enterprise Applications, Malware & Vulnerabilities, Security

Have you ever ignored a security alert on your PC? You’re not the only one.

The warnings are designed to save us from malware infections and hacking risks, but often we’ll neglect them. It could be because we’re too busy or we’ve seen them too many times, and we’ve become conditioned to dismiss them — even the most serious ones, according to Anthony Vance, a professor at Brigham Young University.

Vance has been studying the problem and he’s found that introducing certain small but noticeable changes can make the alerts more useful — and harder to ignore.

“Our security UI (user interface) needs to be designed to be compatible with the way our brains work,” he said at the USENIX Enigma 2017 conference on Tuesday. “Not against it.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Trump stresses cybersecurity but postpones executive order

January 31, 2017 admin Government IT, Security

U.S. President Donald Trump called on government agencies to better protect their networks, but he delayed signing an executive order to kick-start a government-wide review of cybersecurity policy.

A draft copy of the order, leaked earlier, would give the Department of Defense and the Department of Homeland Security 60 days to submit a list of recommendations to protect U.S. government and private networks.

Trump had been scheduled to sign the executive order Tuesday but canceled shortly before it was due to happen.

To read this article in full or to leave a comment, please click here

Independent Krebs

Shopping for W2s, Tax Data on the Dark Web

January 31, 2017 admin Federal Trade Commission, Kirai Restaurant Group, Kirsta Grauberger, Other, seagate technology, Sunrun, tax refund fraud, The Payroll Professionals, W-2 fraud

The 2016 tax season is now in full swing in the United States, which means scammers are once again assembling vast dossiers of personal data and preparing to file fraudulent tax refund requests on behalf of millions of Americans. But for those lazy identity thieves who can’t be bothered to phish or steal the needed data, there is now another option: Buying stolen W-2 tax forms from other crooks who have phished the documents wholesale from corporations.

Security Wired

Spoofed Grindr Accounts Turned One Man’s Life Into a ‘Living Hell’

January 31, 2017 admin apps, Grindr, lawsuits, Security, spoofing, Threat Level

When someone started making fake Grindr profiles for Matthew Herrick, more than 700 men came to his home and work. The post Spoofed Grindr Accounts Turned One Man’s Life Into a ‘Living Hell’ appeared first on WIRED.

MalwareBytes Security

A look back at the Zyns iframer campaign

January 31, 2017 admin campaign, eitest, exploit kits, Exploits, iframe, malvertising, malware, ransomware, Threat analysis, Zyns iframer

Behind compromised sites or malvertising, you will often find trails that can take you back years and see how infection chains evolved, or didn’t, over time.

Categories:

Tags: campaign eitest exploit kits iframe malvertising malware ransomware Zyns iframer

(Read more…)

ComputerWorld Independent

Easy-to-exploit authentication bypass flaw puts Netgear routers at risk

January 31, 2017 admin Networking, Security

For the past half-year, Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it’s still not done.

While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available to date. A manual workaround is available for the rest.

The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

Trump to sign cybersecurity order calling for government-wide review

January 31, 2017 admin Government IT, Security

President Donald Trump is due to sign an executive order Tuesday that gives each cabinet official more responsibility for the safety of data within his or her agency.

It will be accompanied by a government-wide review of cybersecurity by the Office of Management and Budget, looking at the technology in place that guards U.S. government systems from cyberattacks, according to a White House official.

The results of that review could lead to a government-wide upgrade of federal cybersecurity systems.

The U.S. government has been hit by hacks in the last few years. The State Department spent months trying to get rid of intruders in its unclassified network, and the Office of Personnel Management lost personal information about millions of government workers through a second hack.

To read this article in full or to leave a comment, please click here

← Previous