Saturday, January 17, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Throwback Thursday: Just one more thing to worry about

Credit to Author: Sharky| Date: Thu, 13 Sep 2018 03:00:00 -0700

This pilot fish and his wife are planning a long-overdue vacation to an all-inclusive resort — one of those places where you don’t have to worry about things like meals or tipping.

“I log onto the resort’s website in order to make some reservations ahead of our arrival,” fish says, “and am presented with the standard registration page.”

He enters his information on the page, which also asks “for security reasons” that he set up a password.

It’s not until after he has clicked “OK” that fish looks at the icon in his web browser and realizes the page isn’t encrypted. He does a quick browse of the source code for the page, and finds that there’s no SSL anywhere securing the data he’s just typed in.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Time to turn off Windows Automatic Update and brace for impact

Credit to Author: Woody Leonhard| Date: Mon, 10 Sep 2018 06:19:00 -0700

August 2018 was a relatively innocuous patching month, although the final resolution to the August problems didn’t appear until late Friday night just as the month was coming to a close — on a three-day weekend in the US.

We’ve seen the same pattern repeat itself almost every month since the beginning of the year: The first round of Microsoft security patches (notably including Win10 patches) introduce bugs, while subsequent rounds of patches each month squash most of them. If we’re lucky.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Mac and iOS apps stealing user data — an enterprise take

Credit to Author: Jonny Evans| Date: Mon, 10 Sep 2018 04:53:00 -0700

Reports claiming numerous apps distributed through Apple’s App Store are secretly exfiltrating user data should be an alarm call to enterprise CIOs. It signals a new battlefront in the eternal enterprise security wars.

The enterprise risk of personal data

On the surface, the data being extracted is kind of … personal, such as location and browser histories. Information like that provides additional insight into what individual users are up to. Why should that concern an enterprise?

That’s a rhetorical question, of course. Most enterprise security professionals recognize that any form of data exfiltration poses an overall challenge.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Mac and iOS apps stealing user data, an enterprise take

Credit to Author: Jonny Evans| Date: Mon, 10 Sep 2018 04:53:00 -0700

Reports claiming numerous apps distributed through Apple’s App Store are secretly exfiltrating user data should be an alarm call to enterprise CIOs. It signals a new battlefront in the eternal enterprise security wars.

The enterprise risk of personal data

On the surface, the data being extracted is kind of… personal: Location, browser histories, information like this provides additional insight into what individual users are up to. Why should that concern an enterprise?

That’s a rhetorical question, of course. Most enterprise security professionals recognize that any form of data exfiltration poses an overall challenge.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Why security is the first thing to go, episode 65,723

Credit to Author: Sharky| Date: Mon, 10 Sep 2018 03:00:00 -0700

IT contractor has a project to upgrade some software for a client — and the project is way behind schedule, says a pilot fish on the client side.

And why is that such a problem? “The existing product goes End-of-Life soon, at which time it will no longer be an approved product for us,” fish explains.

“The contractor’s people come in and pitch their schedule to upper management. In the briefing, they bring up the fact that the new product is not even approved to be on our highly secured network, and they have not even started on getting it approved.

“Essentially, if they have to get it approved, they can never get it deployed on time.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Throwback Thursday: Well, trial and error IS a mechanism

Credit to Author: Sharky| Date: Thu, 06 Sep 2018 03:00:00 -0700

New regulations go into effect requiring more physical and electronic security at this health insurance company, so the company hires a chief security officer to oversee the efforts, says a pilot fish there.

“I was involved in the original security implementation on most of the systems and offered to help, but the new CSO refused our input,” fish says. “He put keycard access on the computer room and UPS room and confiscated any physical keys he could find.

“When asked what would happen if the keycard system went down, he responded that ‘mechanisms are in place,'” fish recalls.

Soon, only three people have physical keys: the CSO, chief financial officer and facilities manager.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Get caught up on your July and August Windows/Office patches

Credit to Author: Woody Leonhard| Date: Wed, 05 Sep 2018 12:29:00 -0700

With the arrival of “Fourth Week” patches on the last working day of August, and having had a few days to vet them, it looks as if we’re ready to release the cracklin’ Kraken.

The steaming pile of Windows Intel microcode patches

Microsoft continues to unleash microcode patches for Meltdown and Spectre (versions 1, 2, 3, 3a, 4, n for n >=4). You won’t get stung by any of them, unless you specifically go looking for trouble.

To read this article in full, please click here

Read More