Monday, January 19, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

SEC eyes crackdown on cryptocurrencies

Credit to Author: Lucas Mearian| Date: Thu, 01 Mar 2018 14:24:00 -0800

The Securities and Exchange Commission (SEC) is cracking down on FinTech companies issuing initial coin offerings (ICOs), and has served dozens of subpoenas and information requests.

The regulatory action is the latest in a series of warnings related to the multi-billion cryptocurrency market and the sale of digital tokens, which in some cases may violate federal laws, according to the Wall Street Journal.

The SEC declined comment on the report.

Cryptocurrencies, or digial tokens such as bitcoin, Ether and Ripple, are based on blockchain technology and have existed in a gray area that allows for cross-border transactions that are far more efficient than traditional fiat-based currencies such as dollars or euros.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Microsoft Patch day brings bug warnings, another Office CtR, and the return of KB 2952664

Credit to Author: Woody Leonhard| Date: Wed, 28 Feb 2018 05:54:00 -0800

Once upon a time, the fourth Tuesday of the month was reserved by Microsoft for non-security patches. How times have changed. Yesterday, we saw a bunch of new bug warnings — including an admonition to uninstall a previous buggy .Net Preview patch — and an unexpected fourth update this month for Office 365’s reputedly stable Monthly Channel.

New .Net Preview warning to uninstall

The Feb. 2018 .Net Framework Previews — which were pulled last Thursday — got new warnings. Each of these updated KB articles:

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Microsoft Patch Alert: February's fixes aren’t as bad as last month, but problems abound

Credit to Author: Woody Leonhard| Date: Mon, 26 Feb 2018 09:34:00 -0800

The January 2018 Microsoft patching cycle may have been the worst and most invasive set of Microsoft releases in recent memory. The February updates, by marked contrast, only clobber a limited number of machines. How many? We don’t know — and Microsoft isn’t saying.

Bad Win10 Fall Creators Update patch

What we do know for sure is that the buggy Win10 Fall Creators Update cumulative update KB 4074588 tossed many PCs into bluescreen hell and disabled USB devices of various stripes. That’s quite an accomplishment for version 1709 which, according to AdDuplex, is now said to run on 85% of all Windows 10 machines. To look at it a different way, Microsoft blew the cumulative update to the most-used version (1709) of the most-used Windows (Win10 now surpasses Win7).

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

New non-security patches arrive for Win10 1607 and 1703; 1709 update likely soon

Credit to Author: Woody Leonhard| Date: Fri, 23 Feb 2018 04:26:00 -0800

Microsoft last night released a flood of unexpected patches. Yes, that’s a Thursday night dump. No, there weren’t any pressing security fixes – at least, none that were advertised. I have no idea why Microsoft’s pushing this offal out the Automatic Update chute.

In addition to a scattering of Preview patches for Win7, 8.1 and Server 2002 – which are usually posted on the third “Week C” Tuesday of the month – and the Surface Pro 3 firmware patch that was announced, but not delivered, Wednesday, we have two new cumulative updates: one for Win10 Anniversary Update (version 1607) and one for Win10 Creators Update (version 1703). Susan Bradley has a full list with links on the AskWoody site.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Clever, redefined

Credit to Author: Sharky| Date: Fri, 23 Feb 2018 03:00:00 -0800

It’s the 1990s, and this pilot fish is hired at a big international company to maintain a group of Linux servers — and they definitely need help.

“My initial survey of the systems uncovered some serious security problems,” says fish. “Everything had been set up and users added with no regard to security.

“As a temporary holding action, I set all the users’ login shells to a custom restricted shell that allowed each user access to only the directories and commands necessary for their work while I analyzed all the systems, planned a decent security configuration for each, got approvals, did testing and, finally, implemented the new security.”

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Throwback Thursday: Now he's feeling even LESS secure

Credit to Author: Sharky| Date: Thu, 22 Feb 2018 03:00:00 -0800

This organization’s IT security officer leaves and isn’t replaced. “A year and a half goes by and the organization suffers a web page defacement,” says a pilot fish on the scene. “During the course of the remediation, another server that has a couple of Trojans on it is found.”

That’s not really a big surprise. Since the infosec guy’s departure, the CIO has repeatedly demanded that ports be opened in the firewall, external connections be made to servers bypassing the firewall and servers in the DMZ be connected to internal servers.

The support manager objects every time — and is always overruled.

“Worse, support isn’t part of the process of selection or meetings with potential vendors for the new web services,” fish says. “Support only finds out about the requirements when they are directed to create the holes.”

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Intel releases more Meltdown/Spectre firmware fixes, Microsoft feints an SP3 patch

Credit to Author: Woody Leonhard| Date: Wed, 21 Feb 2018 07:56:00 -0800

One month ago today, Intel told the world that their Meltdown/Spectre patches were a mess. Their advice read something like, “Ooopsie. Those extremely important BIOS/UEFI firmware updates we released a coupla weeks ago are causing Intel machines to drop like bungee cows. In spite of what we told you then, stop installing them now. And if you installed a bad BIOS/UEFI patch, well golly, contact your PC manufacturer to see if they know how to get you out of the mess.”

To read this article in full, please click here

Read More