Saturday, March 21, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

IndependentKrebs
admin

Meet Bluetana, the Scourge of Pump Skimmers

Credit to Author: BrianKrebs| Date: Wed, 14 Aug 2019 12:25:32 +0000

“Bluetana,” a new mobile app that looks for Bluetooth-based payment card skimmers hidden inside gas pumps, is helping police and state employees more rapidly and accurately locate compromised fuel stations across the nation, a study released this week suggests. Data collected in the course of the investigation also reveals some fascinating details that may help explain why these pump skimmers are so lucrative and ubiquitous.

Read More
IndependentKrebs
admin

Patch Tuesday, August 2019 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Aug 2019 21:57:13 +0000

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

Read More
ComputerWorldIndependent
admin

Why blockchain-based voting could threaten democracy

Credit to Author: Lucas Mearian| Date: Mon, 12 Aug 2019 03:00:00 -0700

Public tests of blockchain-based mobile voting are growing.

Even as there’s been an uptick in pilot projects, security experts warn that blockchain-based mobile voting technology is innately insecure and potentially a danger to democracy through “wholesale fraud” or “manipulation tactics.”

The topic of election security has been in the spotlight recently after Congress held classified briefings on U.S. cyber infrastructure to identify and defend against threats to the election system, especially after Russian interference was uncovered in the 2016 Presidential election.

To read this article in full, please click here

Read More
IndependentKrebs
admin

iNSYNQ Ransom Attack Began With Phishing Email

Credit to Author: BrianKrebs| Date: Fri, 09 Aug 2019 18:18:55 +0000

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQ’s internal network to properly stage things before unleashing the ransomware. iNSYNQ ultimately declined to pay the ransom demand, and it is still working to completely restore customer access to files.

Read More
ComputerWorldIndependent
admin

Apple announces a new iPhone (and you can’t have it)

Credit to Author: Jonny Evans| Date: Fri, 09 Aug 2019 06:55:00 -0700

Apple has announced a new iPhone for 2020, but it will only be made available to a select group of security researchers – along with huge bounties to anyone informing the company of a new OS vulnerability.

Probably the world’s most exclusive iPhone

Ivan Krstić, Apple’s head of security engineering provided big insights into Apple’s platform security during his presentation at Black Hat U.S. 2019.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Many VPN apps on Apple’s App store can’t be trusted, researcher warns

Credit to Author: Jonny Evans| Date: Thu, 08 Aug 2019 05:50:00 -0700

I’m told Apple is at last looking into the privacy and security of free VPN apps made available across its platforms, following a report from researcher, Simon Migliano.

Who owns your VPN service?

The researcher has flagged up several concerns that really should be recognized by anyone choosing a VPN service from both the Apple and Google App Stores:

  • Ownership: Migliano claims that almost 60 percent of the most popular VPN apps are actually owned (sometimes opaquely) by Chinese companies.
  • Privacy: The researcher also found that as many as 77% of these VPN apps may have what he calls “serious privacy flaws”,including no privacy policy at all, generic policies with no mention of VPN or no detailed logging policy.
  • Data protection: Migliano claims Apple is not enforcing its third-party data-sharing ban against VPN apps, with 80 percent of the top free VPN apps “in breach of the rules”, he said. Many are sharing data with third parties, he claims.

That last allegation is particularly concerning.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Almost half of tested free Android antivirus apps fail. That might prove very useful to IT.

Credit to Author: Evan Schuman| Date: Thu, 08 Aug 2019 03:00:00 -0700

One of the problems with enterprise mobile BYOD efforts is that corporate apps — and lots of corporate data, including sensitive intellectual property — must coexist on the same device with whatever employees choose to download on the personal side. That’s far from ideal, but even worse is if employees choose to download a second antivirus program. Unlike doubling up on most apps (two VPNs, two word processors, two email programs, etc.), antivirus programs often conflict and fight each other, generating false positives and other bad results.

Unlike two deadbolts on a door, doubling up on security not only doesn’t work with antivirus, it can actually sharply weaken security. This all assumes that both antivirus programs are professional, effective and well-intentioned. But that’s often not the case. There are quite a few free antivirus programs out there, and they are disproportionately the ones employees opt to download. After all, if the company has already installed a high-level antivirus on the phone, why would an employee pay to install a second? But a free antivirus program is much more tempting.

To read this article in full, please click here

Read More