Saturday, January 17, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Apple, Amazon server spy story is wake-up call to security pros (u)

Credit to Author: Jonny Evans| Date: Fri, 05 Oct 2018 04:29:00 -0700

Apple and Amazon have strenuously denied Bloomberg’s claims of a sophisticated hardware exploit against servers belonging to them and numerous other entities, including U.S. law enforcement  

Chinese, Apple and chips

Put in very simple terms, the claim is that malicious chips were found inside servers used in data centers belonging to the tech firms.

These chips (it’s claimed) worked to exfiltrate data from those servers, which were themselves sourced from server manufacturer Super Micro. That company’s server products are/were also used by Amazon, the U.S. government, and 30 other organizations. The chips were allegedly put in place by employees bribed by Chinese government agents.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Spy chips on servers? Lessons learned (and questions to ask)

Credit to Author: Ryan Faas| Date: Sat, 06 Oct 2018 04:17:00 -0700

On Thursday, Bloomberg Businessweek published an in-depth report alleging that Chinese suppliers for server hardware company Supermicro had placed microchips onto motherboards ordered by the San Jose-based company that were later sold to fill orders from as many as 30 customers. 

To read this article in full, please click here

(Insider Story)

Read More
ComputerWorldIndependent
admin

Apple, Amazon server spy story is wake-up call to security pros

Credit to Author: Jonny Evans| Date: Fri, 05 Oct 2018 04:29:00 -0700

Apple and Amazon have strenuously deniedBloomberg’s claims of a sophisticated hardware exploit against servers belonging to themselves and numerous other entities, including U.S. law enforcement  

Chinese, Apple and chips

Put in very simple terms, the claim is that malicious chips were found inside servers used in data centers belonging to the tech firms.

These chips (it’s claimed) worked to exfiltrate data from those servers, which were themselves sourced from server manufacturer, Super Micro. That company’s server products are/were also used by Amazon, the U.S. government and 30 other organizations. The chips were (it is alleged) put in place by employees bribed by Chinese government agents.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Time to lock the security team in a hotel room?

Credit to Author: Sharky| Date: Fri, 05 Oct 2018 03:00:00 -0700

IT security has laptops at this company really locked down, and that includes only limited admin rights, reports a road warrior pilot fish.

“On a recent trip, at my hotel I had to make an internet connection and open a web page to log into the hotel’s internet service before I could get a connection to the real internet,” fish says.

“Problem was, the work laptop was not going to let me use the browsers until I had established a VPN connection, which of course I could not do without the web page login.

“In a way, that was good — I took some real vacation time.

“In another way, it was bad, I have big hands and fingers, so using an iPhone and those stupid virtual keyboards is a one-finger, error-prone task. An email that could take seconds to type on a full-size keyboard takes minutes on the phone.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Open door policy

Credit to Author: Sharky| Date: Mon, 01 Oct 2018 03:00:00 -0700

This server room is getting keycard access to make sure only those on the approved list are allowed to enter, reports a pilot fish on the scene.

“A card reader is installed on the outside of the door to get in,” fish says. “But how to handle exiting the room? Someone has the bright idea that a system administrator inside the server room might have their hands full when they’re trying to leave.

“So a motion sensor is installed on the inside, looking down on the doorway. That way, if someone walks up to the door from the inside, it will automatically unlock.

“But whoever created this system is a much more trusting soul than one of the sysadmins, who looks over the already installed system and sees the flaw.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Easy-to-prevent Apple flaw may threaten enterprise security

Credit to Author: Jonny Evans| Date: Thu, 27 Sep 2018 06:46:00 -0700

An obscure flaw in Apple’s Device Enrollment Program (DEP) may make it possible for determined hackers to access enterprise networks, though the solution is quite straightforward.

Serial number spoofing

Duo Security researchers say they’ve figured out how to enroll a rogue device onto an enterprise’s mobile device management (MDM) system if the business has failed to enable authentication on devices enrolled on the system.

To make this work, attackers need to get hold of the valid serial number for an Apple device that is registered to Apple’s Device Enrollment Program (DEP) but not yet set up on the company’s MDM server, they said.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Easy to prevent Apple flaw may threaten enterprise security

Credit to Author: Jonny Evans| Date: Thu, 27 Sep 2018 06:46:00 -0700

An obscure flaw in Apple’s Device Enrollment Program (DEP) may make it possible for determined hackers to access enterprise networks, though the solution is quite straightforward.

Serial number spoofing

Duo Security researchers say they’ve figured out how to enrol a rogue device onto an enterprise’s MDM system, if the business has failed to enable authentication on devices enrolled on the system.

To make this work, attackers need to get hold of the valid serial number for an Apple device that is registered to Apple’s Device Enrolment Program (DEP), but not yet set-up on the company’s MDM server, they said.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Apple's dropping Back To My Mac Remote Access. Here's an Alternative, Currently Discounted.

Credit to Author: DealPost Team| Date: Fri, 21 Sep 2018 08:10:00 -0700

Apple is dropping the Back To My Mac remote access feature, and in a recent support document they urge you to be prepared by looking for alternatives.

RemotePC by iDrive is a full-featured remote access solution that lets you connect to your work or office computer securely from anywhere, and from any iOS or Android device. Right now, their 50 computer package is 90% off or just $6.95 for your 1st year. So if you need an alternative to Back To My Mac, or have been thinking about remote access, now is a good time to consider RemotePC. Learn more about it here.

To read this article in full, please click here

Read More