Independent – Page 366 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Fri, 28 Jul 2017 21:13:42 +0000

Last month, KrebsOnSecurity identified U.K. citizen Daniel Kaye as the likely real-life identity behind a hacker responsible for clumsily wielding a powerful botnet built on Mirai, a malware strain that enslaves poorly secured Internet of Things (IoT) devices for use in large-scale online attacks. Today, a German court issued a suspended sentence for Kaye, who now faces related cybercrime charges in the United Kingdom.

ComputerWorld Independent

July 28, 2017 admin

How the dark web has gone corporate

Some criminals on the dark web are taking their cues from the practices of corporate IT. Illicit offerings run the gamut from code that buyers have to implement themselves to turnkey solutions and consulting services. Here’s a look at what’s out there.

ComputerWorld Independent

July 28, 2017 admin

Bringing behavioral game theory to security defenses

Kelly Shortridge and CSO senior writer Fahmida Y Rashid talk about using behavioral game theory to take advantage of hackers’ mistakes and manipulate the data they think they're receiving. People generally make decisions by either thinking ahead to figure out how people may act in a given situation, or by learning over time by observing what people are doing. Since attackers learn over time by collecting feedback, obfuscating what they get can really mess up what the attackers are able to learn.

ComputerWorld Independent

July 27, 2017 admin

Microsoft releases KB 3213643, 2956078, 4011078, 4011052 to fix June Outlook security bugs

Credit to Author: Woody Leonhard| Date: Thu, 27 Jul 2017 14:00:00 -0700

A week ago, I lamented the lack of a fix for the bad June Office security patches. On June 13, those of you with Automatic Update turned on were treated to seven different, documented bugs that persisted until today.

I expected to see these patches on Tuesday, in normal cadence. For reasons that are only known to Microsoft, they waited until today, Thursday, to release the files.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

July 27, 2017 admin

Simple tips to keep your devices secure when you travel

CSO security reporters Fahmida Rashid and Steve Ragan share some easy ways to keep your data and devices secure while traveling, even at the Black Hat conference, where active scanning is the norm. (And check out the built-in Faraday cage in Fahmida's jacket).

ComputerWorld Independent

July 27, 2017 admin

How DevOps and cloud will speed up security

Zane Lackey, CSO and co-founder of Signal Sciences, talks with CSO senior writer Fahmida Rashid about how DevOps and cloud can help organizations embed security into their technology structures, enabling business to move faster.

Independent Krebs

July 27, 2017 admin

Gas Pump Skimmer Sends Card Data Via Text

Credit to Author: BrianKrebs| Date: Thu, 27 Jul 2017 11:08:59 +0000

Skimming devices that crooks install inside fuel station gas pumps frequently rely on an embedded Bluetooth component allowing thieves to collect stolen credit card data from the pumps wirelessly with any mobile device. The downside of this approach is that Bluetooth-based skimmers can be detected by anyone else with a mobile device. Now, investigators in the New York say they are starting to see pump skimmers that use cannibalized cell phone components to send stolen card data via text message.

Independent Securiteam

July 26, 2017 admin

SSD Advisory – Supervisor Authenticated Remote Code Execution

Credit to Author: SSD / Maor Schwartz| Date: Wed, 26 Jul 2017 10:45:54 +0000

Vulnerability Summary The following advisory describes an authenticated remote code execution vulnerability in Supervisor version 3.1.2 and Supervisor version 3.3.2. Supervisor is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems – used to control processes related to a project or a customer, and is … Continue reading SSD Advisory – Supervisor Authenticated Remote Code Execution