Tuesday, March 24, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

One small step forward, one giant leap back

Credit to Author: Sharky| Date: Fri, 14 Sep 2018 03:00:00 -0700

This pilot fish is paying his monthly bills online when he discovers one of his utilities has changed the payment part of its website — a lot.

“I clicked on the ‘Payment’ button, and saw that I now had the option of paying with or without logging in,” says fish.

“OK, the no-login option could be handy, but I’ve been paying this bill online for years, so I clicked on the login option. It asked me for my user name and eight-digit PIN. What PIN? I have a long, secure password. I tried that. It didn’t work.”

And after several unsuccessful attempts, fish tries the no-login version — which just takes him to the same screen asking his PIN.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Throwback Thursday: Just one more thing to worry about

Credit to Author: Sharky| Date: Thu, 13 Sep 2018 03:00:00 -0700

This pilot fish and his wife are planning a long-overdue vacation to an all-inclusive resort — one of those places where you don’t have to worry about things like meals or tipping.

“I log onto the resort’s website in order to make some reservations ahead of our arrival,” fish says, “and am presented with the standard registration page.”

He enters his information on the page, which also asks “for security reasons” that he set up a password.

It’s not until after he has clicked “OK” that fish looks at the icon in his web browser and realizes the page isn’t encrypted. He does a quick browse of the source code for the page, and finds that there’s no SSL anywhere securing the data he’s just typed in.

To read this article in full, please click here

Read More
IndependentKrebs
admin

U.S. Mobile Giants Want to be Your Online Identity

Credit to Author: BrianKrebs| Date: Wed, 12 Sep 2018 20:58:31 +0000

The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as location, customer reputation, and physical attributes of the device. Here’s a look at what’s coming, and the potential security and privacy trade-offs of trusting the carriers to handle online authentication on your behalf.

Read More
IndependentKrebs
admin

Patch Tuesday, September 2018 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Sep 2018 20:35:27 +0000

Adobe and Microsoft today each released patches to fix serious security holes in their software. Adobe pushed out a new version of its beleaguered Flash Player browser plugin. Redmond issued updates to address at least 61 distinct vulnerabilities in Microsoft Windows and related programs, including several flaws that were publicly detailed prior to today and one “zero-day” bug in Windows that is already being actively exploited by attackers.

Read More
IndependentKrebs
admin

In a Few Days, Credit Freezes Will Be Fee-Free

Credit to Author: BrianKrebs| Date: Tue, 11 Sep 2018 02:26:06 +0000

Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents. Maybe you’ve been holding off freezing your credit file because your home state currently charges a fee for placing or thawing a credit freeze, or because you believe it’s just not worth the hassle. If that accurately describes your views on the matter, this post may well change your mind.

Read More
ComputerWorldIndependent
admin

Time to turn off Windows Automatic Update and brace for impact

Credit to Author: Woody Leonhard| Date: Mon, 10 Sep 2018 06:19:00 -0700

August 2018 was a relatively innocuous patching month, although the final resolution to the August problems didn’t appear until late Friday night just as the month was coming to a close — on a three-day weekend in the US.

We’ve seen the same pattern repeat itself almost every month since the beginning of the year: The first round of Microsoft security patches (notably including Win10 patches) introduce bugs, while subsequent rounds of patches each month squash most of them. If we’re lucky.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Mac and iOS apps stealing user data — an enterprise take

Credit to Author: Jonny Evans| Date: Mon, 10 Sep 2018 04:53:00 -0700

Reports claiming numerous apps distributed through Apple’s App Store are secretly exfiltrating user data should be an alarm call to enterprise CIOs. It signals a new battlefront in the eternal enterprise security wars.

The enterprise risk of personal data

On the surface, the data being extracted is kind of … personal, such as location and browser histories. Information like that provides additional insight into what individual users are up to. Why should that concern an enterprise?

That’s a rhetorical question, of course. Most enterprise security professionals recognize that any form of data exfiltration poses an overall challenge.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Mac and iOS apps stealing user data, an enterprise take

Credit to Author: Jonny Evans| Date: Mon, 10 Sep 2018 04:53:00 -0700

Reports claiming numerous apps distributed through Apple’s App Store are secretly exfiltrating user data should be an alarm call to enterprise CIOs. It signals a new battlefront in the eternal enterprise security wars.

The enterprise risk of personal data

On the surface, the data being extracted is kind of… personal: Location, browser histories, information like this provides additional insight into what individual users are up to. Why should that concern an enterprise?

That’s a rhetorical question, of course. Most enterprise security professionals recognize that any form of data exfiltration poses an overall challenge.

To read this article in full, please click here

Read More