Independent – Page 167 – Computer Security Articles

Credit to Author: Jonny Evans| Date: Wed, 10 Oct 2018 08:23:00 -0700

Everyone who can is looking into using Blockchain and Apple is no exception, though it will be a long time before we see any consumer-facing implementations of this.

Apple looks at lots of technologies

If it’s on the Gartner Hype Cycle you can bet a few bucks Apple is looking at it.

That’s why I think it will eventually introduce a 3D printer that works in conjunction with ARKit (unverified prediction), and also why it must be thinking about how to use blockchain.

To read this article in full, please click here

ComputerWorld Independent

October 10, 2018 admin

What the heck is it with Windows updates?

Credit to Author: Steven J. Vaughan-Nichols| Date: Wed, 10 Oct 2018 03:00:00 -0700

To help make life better for you, my loyal readers, I suffer by running Windows 7 and 10 on two harmless — never hurt anyone in their lives — PCs. Well, I did. But, in the last week I ran into not one, but two, showstopper update bugs.

First, on Windows 10, I was one of those “lucky” people who had files vaporize when I “updated” to Windows 10 October 2018 Update (version 1809). Because I only use Windows for trivial tasks, I didn’t lose anything valuable when the patch decided to erase everything in the My Documents folder.

Somehow, I think most Windows users use Windows for more important work than I do. I hope you have current backups. At least Computerworld’s Woody Leonhard has some good news: You can get those deleted files back.

To read this article in full, please click here

Independent Krebs

October 9, 2018 admin

Naming & Shaming Web Polluters: Xiongmai

Credit to Author: BrianKrebs| Date: Wed, 10 Oct 2018 00:41:56 +0000

What do we do with a company that regularly pumps metric tons of virtual toxic sludge onto the Internet and yet refuses to clean up their act? If ever there were a technology giant that deserved to be named and shamed for polluting the Web, it is Xiongmai — a Chinese maker of electronic parts that power a huge percentage of cheap digital video recorders (DVRs) and Internet-connected security cameras.

Independent Securiteam

October 9, 2018 admin

SSD Advisory – Firefox Information Leak

Credit to Author: SSD / Ori Nimron| Date: Tue, 09 Oct 2018 08:55:15 +0000

Vulnerabilities Summary A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process. Vendor Response “Security vulnerabilities … Continue reading SSD Advisory – Firefox Information Leak

ComputerWorld Independent

October 7, 2018 admin

Apple, Amazon server spy story is wake-up call to security pros (u)

Credit to Author: Jonny Evans| Date: Fri, 05 Oct 2018 04:29:00 -0700

Apple and Amazon have strenuously denied Bloomberg’s claims of a sophisticated hardware exploit against servers belonging to them and numerous other entities, including U.S. law enforcement

Chinese, Apple and chips

Put in very simple terms, the claim is that malicious chips were found inside servers used in data centers belonging to the tech firms.

These chips (it’s claimed) worked to exfiltrate data from those servers, which were themselves sourced from server manufacturer Super Micro. That company’s server products are/were also used by Amazon, the U.S. government, and 30 other organizations. The chips were allegedly put in place by employees bribed by Chinese government agents.

To read this article in full, please click here

ComputerWorld Independent

October 6, 2018 admin

Spy chips on servers? Lessons learned (and questions to ask)

Credit to Author: Ryan Faas| Date: Sat, 06 Oct 2018 04:17:00 -0700

On Thursday, Bloomberg Businessweek published an in-depth report alleging that Chinese suppliers for server hardware company Supermicro had placed microchips onto motherboards ordered by the San Jose-based company that were later sold to fill orders from as many as 30 customers.

To read this article in full, please click here

(Insider Story)

Independent Krebs

October 5, 2018 admin

Supply Chain Security is the Whole Enchilada, But Who’s Willing to Pay for It?

Credit to Author: BrianKrebs| Date: Fri, 05 Oct 2018 19:45:18 +0000

From time to time, there emerge cybersecurity stories of such potential impact that they have the effect of making all other security concerns seem minuscule and trifling by comparison. Yesterday was one of those times. Bloomberg Businessweek on Thursday published a bombshell investigation alleging that Chinese cyber spies had used a U.S.-based tech firm to secretly embed tiny computer chips into electronic devices purchased and used by almost 30 different companies. There aren’t any corroborating accounts of this scoop so far, but it is both fascinating and terrifying to look at why threats to the global technology supply chain can be so difficult to detect, verify and counter.

ComputerWorld Independent

October 5, 2018 admin

Apple, Amazon server spy story is wake-up call to security pros

Credit to Author: Jonny Evans| Date: Fri, 05 Oct 2018 04:29:00 -0700

Apple and Amazon have strenuously deniedBloomberg’s claims of a sophisticated hardware exploit against servers belonging to themselves and numerous other entities, including U.S. law enforcement

Chinese, Apple and chips

Put in very simple terms, the claim is that malicious chips were found inside servers used in data centers belonging to the tech firms.

These chips (it’s claimed) worked to exfiltrate data from those servers, which were themselves sourced from server manufacturer, Super Micro. That company’s server products are/were also used by Amazon, the U.S. government and 30 other organizations. The chips were (it is alleged) put in place by employees bribed by Chinese government agents.

To read this article in full, please click here