Sunday, June 22, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

Choosing a genAI partner: Trust, but verify

Credit to Author: eschuman@thecontentfirm.com| Date: Tue, 19 Dec 2023 10:03:00 -0800

Enterprise executives, still enthralled by the possibilities of generative artificial intelligence (genAI), more often than not are insisting that their IT departments figure out how to make the technology work. 

Let’s set aside the usual concerns about genAI, such as the hallucinations and other errors that make it essential to check every single line it generates (and obliterate any hoped-for efficiency boosts). Or that data leakage is inevitable and will be next to impossible to detect until it is too late. (OWASP has put together an impressive list of the biggest IT threats from genAI and LLMs in general.) 

To read this article in full, please click here

Read More
IndependentKrebs
admin

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Credit to Author: BrianKrebs| Date: Mon, 08 Jan 2024 17:57:55 +0000

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a fascinating and untold backstory behind the two Russian men involved, who co-ran Russia’s most popular spam forum for years.

Read More
IndependentKrebs
admin

Happy 14th Birthday, KrebsOnSecurity!

Credit to Author: BrianKrebs| Date: Fri, 29 Dec 2023 22:16:27 +0000

KrebsOnSecurity celebrates its 14th year of existence today! I promised myself this post wouldn’t devolve into yet another Cybersecurity Year in Review. Nor do I wish to hold forth about whatever cyber horrors may await us in 2024. But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

Read More
IndependentKrebs
admin

BlackCat Ransomware Raises Ante After FBI Disruption

Credit to Author: BrianKrebs| Date: Tue, 19 Dec 2023 22:49:43 +0000

The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems. Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.

Read More
ComputerWorldIndependent
admin

For December, an exceptionally light Patch Tuesday

Over the past year, we’ve seen Microsoft make radical improvements in its browser stability and significant positive changes to its Windows update communication and telemetry strategies.  And this month’s Patch Tuesday release brings with it an incredibly light set of updates — maybe the fewest number of updates I have ever seen.

There are no zero-days, which is a great finish to 2023, though Windows gets three critical updates and Visual Studio will require immediate attention due to several re-releases of past critical application patches.

The team at Readiness has created a helpful infographic to outline the risks associated with each update in this last release of 2023. One note of caution: we have seen several potential updates to older patches (October/November) potentially coming down the release pipeline from Microsoft. It might be worth checking in during the upcoming holiday break to see whether there are any out-of-band patches for the Windows ecosystem.

To read this article in full, please click here

Read More
IndependentKrebs
admin

Ten Years Later, New Clues in the Target Breach

Credit to Author: BrianKrebs| Date: Thu, 14 Dec 2023 17:51:39 +0000

On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string “Rescator,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. Ten years later, KrebsOnSecurity has uncovered new clues about the real-life identity of Rescator.

Read More
ComputerWorldIndependent
admin

Internet traffic soars in 2023, with generative AI a standout trend: Report

This year saw a 25% rise in global internet traffic, reflecting an increasing reliance on online services, according to a new report by cloud performance and security company Cloudflare.

In its annual Year in Review reports, Cloudflare offers an overview of online trends and security issues. This year, Cloudflare said, Google retained its position as the most popular internet site,  followed by Facebook, Apple, and TikTok. Facebook surpassed 2022’s leader, TikTok, in social media, with Instagram and Twitter/X also ranking highly.

The emerging category of generative AI services saw OpenAI in the lead, followed by Character AI, Quillbot, and Hugging Face.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

What is Stolen Device Protection for iPhone and how does it work?

Take that, iPhone thieves — Apple is about to make it even more difficult to use its smartphones when you have no right to do so. In the upcoming iOS 17.3, it is testing out a new security system called “Stolen Device Protection.”

Here’s a look at what this is, and what it does.

Stolen Device Protection explained

Apple’s beta notes explain: “Stolen Device Protection adds an additional layer of security in the unlikely case that someone has stolen your iPhone and also obtained your passcode.”

The company explains the features this way:

  • Accessing your saved passwords requires Face/Touch ID to be sure it’s you.
  • Changing sensitive settings like your Apple ID password is protected by a security delay.
  • No delay is required when iPhone is at familiar locations such as home and work.

The idea is that Stolen Device Protection introduces another obstacle that makes it difficult for thieves to gain access to your data, erase it, or delete the device to factory fresh status for resale.

To read this article in full, please click here

Read More