Independent – Page 214 – Computer Security Articles

Credit to Author: Ken Mingis| Date: Fri, 26 Jan 2018 11:30:00 -0800

When it comes to tech trends we’re likely to see in 2018, nothing would likely be more welcome than the end of passwords. With companies looking for ever better ways to protect data, it seems clear that “password123” has no indefinite future. (Nor does you pet’s name, if that’s what you use.)

But just how quickly passwords will be shunted aside, and by what technology – biometrics? two-factor authentication? algorithms? – remains unclear.

That was topic No. 1 for our panel of tech experts – CSO‘s Michael Nadeau, Infoworld‘s Serdar Syegulalp, Computerworld Executive Editor Ken Mingis and Macworld‘s Michael Simon – as they peer into the near-future to discern what’s coming in 2018 and what’s not.

To read this article in full, please click here

ComputerWorld Independent

January 26, 2018 admin

Tech Talk: IT trends for 2018 – passwords on the way out, blockchain evolves

Our tech panel envisions the end of passwords, looks at how blockchain is evolving, details why 'serverless' computing is a boon to devs and wonders why Apple's HomePod seems late to the game.

ComputerWorld Independent

January 25, 2018 admin

Microsoft Patch Alert: Lots of lingering problems in a very messy month

Credit to Author: Woody Leonhard| Date: Thu, 25 Jan 2018 10:00:00 -0800

On the heels of a relatively benevolent December Patch Tuesday, the stream of patches pouring out of Microsoft (and Intel!) in January reached epic proportions. To be fair, it looks as if Microsoft got drawn into releasing its Meltdown/Spectre barrage early – on Jan. 3 – but they were so buggy they were withdrawn for AMD processors on Jan. 8, and gradually re-released in phases over the next two weeks.

To read this article in full, please click here

ComputerWorld Independent

January 25, 2018 admin

WD turns to single app portal to create 'mobile moments' for workers

Credit to Author: Lucas Mearian| Date: Thu, 25 Jan 2018 03:11:00 -0800

Over the past year and a half, storage hardware maker Western Digital (WD) has been in the throes of a massive integration of three companies onto a single application portal.

After acquiring two multi-billion dollar competitors in the past five years – HGST and SanDisk – WD chose to create a new, single application web portal instead of choosing from among the three already in use by each company.

One of the drivers for starting from scratch with a single corporate app portal was to help speed up the integration of future mergers and acquisitions, as well as hardening mobile security. The company also wanted to empower end users by giving them open access to whatever business app they need on any mobile device.

To read this article in full, please click here

ComputerWorld Independent

January 25, 2018 admin

Throwback Thursday: Oops!

Credit to Author: Sharky| Date: Thu, 25 Jan 2018 03:00:00 -0800

This company has just completed its project to build a dedicated secure server room — and it’s really something, reports an IT pilot fish who’s getting the grand-opening tour.

“The construction was led by the building maintenance manager and an IT manager,” fish says. “We were shown the raised floor in case of a flood, and the fireproof and reinforced door with a electronic security key that could keep track of individuals entering the room — and, of course, keep intruders out, as the door had a heavy-duty bolt lock.”

Fish is impressed, right up until the end of the tour. That’s when the door closes as the tour group leaves, and fish turns back for one last look.

To read this article in full, please click here

Independent Krebs

January 24, 2018 admin

Chronicle: A Meteor Aimed At Planet Threat Intel?

Credit to Author: BrianKrebs| Date: Wed, 24 Jan 2018 22:56:52 +0000

Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools. Countless organizations rely on a hodgepodge of security software, hardware and services to find and detect cybersecurity intrusions before an incursion by malicious software or hackers has the chance to metastasize into a full-blown data breach.

Independent Securiteam

January 24, 2018 admin

SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Wed, 24 Jan 2018 14:11:46 +0000

Vulnerabilities summary The following advisory describes two (2) guest to host escape found in Oracle VirtualBox version 5.1.30, and VirtualBox version 5.2-rc1. Credit An independent security researcher, Niklas Baumstark, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response Oracle were informed of the vulnerabilities and released patches to address them. For … Continue reading SSD Advisory – Oracle VirtualBox Multiple Guest to Host Escape Vulnerabilities

Independent Krebs

January 24, 2018 admin

Expert: IoT Botnets the Work of a ‘Vast Minority’

Credit to Author: BrianKrebs| Date: Wed, 24 Jan 2018 15:38:52 +0000

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured “Internet of Things” or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks. The FBI and the DOJ had help in their investigation from many security experts, but this post focuses on one expert whose research into the Dark Web and its various malefactors was especially useful in that case. Allison Nixon is director of security research at Flashpoint, a cyber intelligence firm based in New York City. Nixon spoke with KrebsOnSecurity at length about her perspectives on IoT security and the vital role of law enforcement in this fight.