RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Mon, 16 Jul 2018 19:09:51 +0000
A 21-year-old Kentucky man has pleaded guilty to authoring and distributing a popular hacking tool called “LuminosityLink,” a malware strain that security experts say was used by thousands of customers to gain unauthorized access to tens of thousands of computers across 78 countries worldwide.
Read More
Credit to Author: Woody Leonhard| Date: Fri, 13 Jul 2018 06:43:00 -0700
As I reported yesterday, the July 2018 Windows and Office patches teem with bugs. We’re just beginning to see the fallout.
The July 3 non-security Office 2016 patch KB 4018385 is officially yanked. If you don’t recall KB 4018385 — a small patch in a sea of Office fixes — the original KB article describes it thusly:
Credit to Author: Lucas Mearian| Date: Fri, 13 Jul 2018 03:12:00 -0700
After months of speculation, Taiwanese electronics company Huawei Technologies Ltd. (HTC) has confirmed it will be releasing a blockchain-enabled smartphone this year that will allow users to securely store cryptocurrency offline and act as a compute node in a blockchain network.
“We want to double and triple the number of nodes of Ethereum and Bitcoin,” HTC said in its marketing material for the device. The new smartphone is expected to be able to work with multiple blockchain protocols allowing for interoperability between them.
In addition, the HTC Exodus blockchain-enabled smartphone will allow owners to play CryptoKitties, a decentralized app (Dapp) game. Dapps are applications that run across multiple nodes on peer-to-peer (P2P) networks.
Credit to Author: Gregg Keizer| Date: Thu, 12 Jul 2018 13:32:00 -0700
Google has switched on a defensive technology in Chrome that will make it much more difficult for Spectra-like attacks to steal information such as log-on credentials.
Called “Site Isolation,” the new security technology has a decade-long history. But most recently it’s been cited as a shield to guard against threats posed by Spectre, the processor vulnerability sniffed out by Google’s own engineers more than year ago. Google unveiled Site Isolation in late 2017 within Chrome 63, making it an option for enterprise IT staff members, who could customize the defense to shield workers from threats harbored on external sites. Company administrators could use Windows GPOs – Group Policy Objects – as well as command-line flags prior to wider deployment via group policies.
Credit to Author: BrianKrebs| Date: Thu, 12 Jul 2018 14:19:53 +0000
Here’s a clever new twist on an old email scam that could serve to make the con far more believable. The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient’s email address.
Read More
Credit to Author: Woody Leonhard| Date: Thu, 12 Jul 2018 06:18:00 -0700
You know it’s going to be an Alice in Wonderland month when some sites report that Microsoft plugged 54 vulnerabilities on Patch Tuesday, while others report 53. Fact is, patching has become so brutal — and so banal — that there’s no consensus on counting, much less on what’s good and bad.
Suffice to say that, once again this month, there was a huge number of security patches (129 individual patches, according to the Microsoft Update Catalog), with no pressing security fixes unless you’re using the Edge browser or Internet Explorer. Microsoft changed Win10 version 1803 to “Semi-Annual Channel,” but the term now means less than it ever has before. If that’s possible.
Credit to Author: BrianKrebs| Date: Wed, 11 Jul 2018 17:19:35 +0000
Score one for the good guys: Bitcanal, a Portuguese Web hosting firm long accused of helping spammers hijack large swaths of dormant Internet address space over the years, was summarily kicked off the Internet this week after a half-dozen of the company’s bandwidth providers chose to sever ties with the company.
Read More
Credit to Author: BrianKrebs| Date: Wed, 11 Jul 2018 02:34:41 +0000
Microsoft and Adobe each issued security updates for their products today. Microsoft’s July patch batch includes 14 updates to fix more than 50 security flaws in Windows and associated software. Separately, Adobe has pushed out an update for its Flash Player browser plugin, as well as a monster patch bundle for Adobe Reader/Acrobat.
Read More