Independent – Page 205 – Computer Security Articles

Credit to Author: Jonny Evans| Date: Wed, 07 Mar 2018 03:59:00 -0800

One of the biggest reasons Apple users need to beware of phishing attacks is that compromised iCloud accounts are among the most valuable of those traded on the dark web at $15 per account.

All your data are belongs to us

Think about the value of your Apple ID data: Not only is your account the golden portal into all your personal data, but it unlocks all manner of other valuable items: credit card details, online purchasing, passwords for your websites and more.

That’s why every Apple ID user really should think about the value of the data they are trying to protect and create tough alphanumeric passcodes, even if they do need to spend significant time memorising those codes.

To read this article in full, please click here

Independent Krebs

March 6, 2018 admin

What Is Your Bank’s Security Banking On?

Credit to Author: BrianKrebs| Date: Tue, 06 Mar 2018 21:24:17 +0000

A large number of banks, credit unions and other financial institutions just pushed customers onto new e-banking platforms that asked them to reset their account passwords by entering a username plus some other static identifier — such as the first six digits of their Social Security number, or a mix of partial SSN, date of birth or surname. Here’s a closer look at what may be going on (spoiler: small, regional banks and credit unions have grown far too reliant on the whims of just a few major online banking platform providers). You might think it odd that any self-respecting financial institution would seek to authenticate customers via static data like partial SSN for passwords, and you’d be justified for thinking that, too. Nobody has any business using these static identifiers for authentication because it’s all for sale on most Americans quite easily and cheaply in the cybercrime underground. The Equifax breach might have “refreshed” some of those data stores for identity thieves, but most U.S. adults have had their static details on sale for years now. On Feb. 16, KrebsOnSecurity reader Brent Hoeft shared a copy of an email he’d just received from his financial institution Associated Bank, which at $30+ billion in assets happens to be Wisconsin’s largest by asset size.

ComputerWorld Independent

March 6, 2018 admin

Feds move to secure mobile devices with machine learning, biometrics

Credit to Author: Lucas Mearian| Date: Tue, 06 Mar 2018 03:24:00 -0800

Amid the growing use of mobile devices for work by federal employees, U.S. defense and intelligence agencies are fast adopting biometrics and other alternative ways of computers, smartphones and tablets, according to a new report.

More than 90% of federal agency IT officials in an online survey said their organizations provide secure mobile access for work-issued devices, but less than 20% support workers’ personal devices to access most agency systems. Forty percent of those same officials voiced concern about securing personal devices, according to the online survey of federal government IT and cybersecurity officials.

To read this article in full, please click here

ComputerWorld Independent

March 5, 2018 admin

Get the February Microsoft patches applied, unless you’re using Win10 Fall Creators Update

Credit to Author: Woody Leonhard| Date: Mon, 05 Mar 2018 11:57:00 -0800

Granted, February’s patches from Microsoft weren’t as malevolent as January’s patches, but they still managed to knock out lots and lots of PCs. That said, if you can tiptoe around the problems, now is a good time to get the latest versions of the latest patches installed.

Problems with Win10 Fall Creators Update

The worst problem I see at this point involves clobbered USB connections on Win10 Fall Creators Update (version 1709) machines after installing the latest cumulative update, KB 4074588. To its credit, Microsoft has acknowledged the problem. But the only offered fix, a complex manual workaround, would drive a hardened MS-DOS junkie to drink.

To read this article in full, please click here

ComputerWorld Independent

March 5, 2018 admin

Scammers spoof Office 365, DocuSign and others | Salted Hash Ep 21

As phishing attacks evolve, hackers are using customization and targeted scams to ensnare users. Asaf Cidon, vice president, email security services at Barracuda, talks with host Steve Ragan about the ever-changing cat-and-mouse game of phishing.

Independent Securiteam

March 4, 2018 admin

beVX Conference Challenge

Credit to Author: SSD / Noam Rathaus| Date: Sun, 04 Mar 2018 07:27:05 +0000

During the event of OffensiveCon, we launched a reverse engineering and encryption challenge and gave the attendees the change to win great prizes. The challenge was divided into two parts, a file – can be downloaded from here: https://www.beyondsecurity.com/bevxcon/bevx-challenge-1 – that you had to download and reverse engineer and server that you had to access … Continue reading beVX Conference Challenge

Independent Krebs

March 2, 2018 admin

Powerful New DDoS Method Adds Extortion

Credit to Author: BrianKrebs| Date: Fri, 02 Mar 2018 22:41:55 +0000

Attackers have seized on a relatively new method for executing distributed denial-of-service (DDoS) attacks of unprecedented disruptive power, using it to launch record-breaking DDoS assaults over the past week. Now evidence suggests this novel attack method is fueling digital shakedowns in which victims are asked to pay a ransom to call off crippling cyberattacks.

ComputerWorld Independent

March 1, 2018 admin

SEC eyes crackdown on cryptocurrencies

Credit to Author: Lucas Mearian| Date: Thu, 01 Mar 2018 14:24:00 -0800

The Securities and Exchange Commission (SEC) is cracking down on FinTech companies issuing initial coin offerings (ICOs), and has served dozens of subpoenas and information requests.

The regulatory action is the latest in a series of warnings related to the multi-billion cryptocurrency market and the sale of digital tokens, which in some cases may violate federal laws, according to the Wall Street Journal.

The SEC declined comment on the report.

Cryptocurrencies, or digial tokens such as bitcoin, Ether and Ripple, are based on blockchain technology and have existed in a gray area that allows for cross-border transactions that are far more efficient than traditional fiat-based currencies such as dollars or euros.

To read this article in full, please click here