Wednesday, March 25, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

If at first you don’t succeed, .Net, .Net, .Net again

Credit to Author: Woody Leonhard| Date: Tue, 31 Jul 2018 05:49:00 -0700

July will go down in the Microsoft Patching Halls of Infamy as one of the worst months ever. Every version of Win10 got three big cumulative updates, and a fourth should be hot on their heels. Let that sink in for a second: Windows patches used to come out once a month, then twice, and now we’re up to three or four a month, sprinkled on random days of the month. And they’re big bunches of fixes.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

An open letter to Microsoft management re: Windows updating

Credit to Author: Woody Leonhard| Date: Mon, 30 Jul 2018 06:34:00 -0700

From: Susan Bradley

To: Mr. Satya Nadella, Mr. Carlos Picoto and Mr. Scott Guthrie

Dear Sirs:

Today, as Windows 10 turns three years old, I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months. The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don’t install updates and leave machines subject to attack.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

New MacBook Pros at work? Here's how to manage them right

Credit to Author: Ryan Faas| Date: Mon, 30 Jul 2018 02:59:00 -0700

Earlier this month, Apple unveiled its newest generation of MacBook Pros; all feature a significant bump in performance, a redesigned butterfly keyboard, the arrival of “Hey Siri” commands and a second generation of Apple’s T-series chips. The T2 chip works to improve performance and includes a Secure Enclave for encryption operations to secure the laptops and power Apple’s TouchID as well as the Touch Bar. (The T2 chip is already in Apple’s iMac Pro.)

To read this article in full, please click here

(Insider Story)

Read More
IndependentSecuriteam
admin

SSD Advisory – LINE Corporation URI Handlers Remote Commands Execution

Credit to Author: SSD / Ori Nimron| Date: Sun, 29 Jul 2018 05:10:59 +0000

Vulnerabilities Summary LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. A user clicking on a specially crafted link, can use this vulnerability to cause the user to insecurely load an arbitrary DLL which can be used to cause arbitrary code execution. Vendor Response “We released version 5.8.0 … Continue reading SSD Advisory – LINE Corporation URI Handlers Remote Commands Execution

Read More
IndependentKrebs
admin

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

Credit to Author: BrianKrebs| Date: Fri, 27 Jul 2018 15:45:09 +0000

Here’s a timely reminder that email isn’t the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact discs (CDs) apparently sent from China, KrebsOnSecurity has learned. This particular ruse, while crude and simplistic, preys on the curiosity of recipients who may be enticed into popping the CD into a computer. According to a non-public alert sent by the Multi-State Information Sharing and Analysis Center (MS-ISAC), the scam arrives in a Chinese postmarked envelope and includes a “confusingly worded typed letter with occasional Chinese characters.”

Read More
ComputerWorldIndependent
admin

Microsoft Patch Alert: Still reeling from one of the worst patching months ever

Credit to Author: Woody Leonhard| Date: Thu, 26 Jul 2018 14:31:00 -0700

If you ever wondered why people — and organizations — are taking longer and longer to willfully install patches, take a look at what happened this month. After a disastrous start, Windows 10 patches seem to be OK, but .NET and Server patches still stink.

For most of the year, we’ve seen two big cumulative updates every month for each of the supported Win10 versions. This month, so far, we’ve had three. Microsoft’s claim that it will install the Win7 and Win8.1 Monthly Rollups defies logic. The .NET patches are in such bad shape that the .NET devs have thrown in the towel. And here we sit not knowing exactly which way is up.

Three Win10 cumulative updates for each version in July

On Patch Tuesday, July 10, as usual, Microsoft rolled out cumulative updates for all of the supported versions of Windows 10. Almost immediately we heard screams of pain as four big bugs, later officially acknowledged, hit the fan. Six days later, Microsoft released a second set of cumulative updates, again for all versions of Win10. Those updates were specifically designed to fix the bugs introduced by the original updates. The build numbers in the Knowledge Base articles didn’t match the build numbers that people actually installed but, well, that’s Microsoft.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Android security: Analysis, advice, and next-level knowledge

Credit to Author: JR Raphael| Date: Thu, 26 Jul 2018 03:00:00 -0700

It’s tough to talk about Android security without venturing into sensational terrain.

A large part of that is due to the simple fact that the forces driving most Android security coverage are companies that make their money by selling Android security software — and thus companies with strong interests in pushing the narrative that every Android phone is on the perpetual brink of grave, unfathomable danger. Plus, let’s face it: A headline about 70 gazillion Android phones being vulnerable to the MegaMonsterSkullCrusher Virus is far more enticing than one explaining the nuanced realities of Android security.

In actuality, though, Android security is a complex beast — one with multiple layers in place to protect you and one that almost never warrants an alarmist attitude. I’ve been covering Android security closely since the platform’s earliest days, and I’ve busted more myths and called out more shameless publicity stunts than I can even count at this point.

To read this article in full, please click here

Read More