Monday, October 2, 2023
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorld Independent 

Jamf: Generative AI is coming to an Apple IT admin near you

admin , , , , ,

Imagine running fleets of iPhones that alert you when unexpected security-related incidents take place, or when otherwise legitimate service requests arrive from devices at an unexpected time or location. Imagine management and security software that not only identified these kinds of anomalies but gave you useful advice to help remediate the problem.

This, and more, is the kind of protection Jamf hopes to deliver using generative AI tools.

Generative IT for Apple admins

Jamf believes generative AI can be a big benefit to tech support and IT admin, and talked about its efforts at the end of an extensive Jamf Nation User Conference (JNUC) keynote. Akash Kamath, the company’s senior vice president, engineering, explained that just as the Mac made computing personal, genAI makes AI personal.

To read this article in full, please click here

Read more
Independent Krebs 

Who’s Behind the 8Base Ransomware Website?

admin , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 19 Sep 2023 02:12:53 +0000

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website’s code was written by a 36-year-old programmer residing in the capital city of Moldova.

Read more
ComputerWorld Independent 

Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday

admin , , , ,

Microsoft released 59 updates in its September Patch Tuesday release, with critical patches for Microsoft Office and Visual Studio, and  continued the trend of including non-Microsoft applications in its update cycle. (Notepad++ is a notable addition, with Autodesk returning with a revised bulletin.) We’ve made “Patch Now” recommendations for Microsoft development platforms (Visual Studio) and Microsoft Word.

Unfortunately, updates for Microsoft Exchange Server have also returned, requiring server reboots this time, too.

The team at Readiness has created this infographic outlining the risks associated with each of the September updates.

To read this article in full, please click here

Read more
Independent Krebs 

FBI Hacker Dropped Stolen Airbus Data on 9/11

admin , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 14 Sep 2023 00:22:05 +0000

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “USDoD” had infiltrated the FBI’s vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold. But on Sept. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus, while promising to visit the same treatment on top U.S. defense contractors.

Read more
Independent Krebs 

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

admin , , , , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 12 Sep 2023 22:36:01 +0000

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.

Read more
ComputerWorld Independent 

Message to IT: Update all your Apple devices right away

admin , , , , ,

Apple has pushed out an essential security update to defend against yet another attack by an out-of-control mercenary surveillance group.

Like a bad smell, NSO Group has clawed its way back into the spotlight with yet another unprincipled attack against free speech and citizens’ rights, as revealed by Citizen Lab. The security researchers found this latest example of a sinister, yet egregious zero-click attack while checking the device of an “Individual employed by a Washington DC-based civil society organization with international offices.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

UK rolls back controversial encryption rules of Online Safety Bill

admin , ,

The UK government has conceded one of the more controversial parts of its Online Safety Bill, stating that the powers granted by the legislation will not be used to scan encrypted messaging apps for harmful content until it can be done in a targeted manner.

Companies will not be required to scan encrypted messages until it is “technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content,” said Stephen Parkinson, the Parliamentary Under-Secretary of State for Arts and Heritage, in a planned statement during the bill’s third reading in the House of Lords on Wednesday afternoon.

To read this article in full, please click here

Read more
Independent Krebs 

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

admin , , , , , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Wed, 06 Sep 2023 00:21:07 +0000

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.

Read more