Independent – Page 379 – Computer Security Articles

Credit to Author: Darlene Storm| Date: Wed, 31 May 2017 06:31:00 -0700

If your web browser was recording audio and video of you without any indication it was doing so, would you consider that invasion of privacy a security issue? Chrome doesn’t.

After AOL web developer Ran Bar-Zik discovered that a website can record audio and video without the red recording light appearing on the Chrome tab, he reported the bug.

But since users are the crux of problem, Google doesn’t classify it as a security flaw. That’s because before any audio or video recordings, a user has to give a site permission before it can access a user’s webcam or microphone.

To read this article in full or to leave a comment, please click here

Independent Securiteam

May 30, 2017 admin

SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Interscan Web Security Virtual Appliance version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads.” The vulnerabilities found in Trend Micro … Continue reading SSD Advisory – Trend Micro Interscan Web Security Virtual Appliance Multiple Vulnerabilities

ComputerWorld Independent

May 30, 2017 admin

Answering the WannaCry wake-up call

Credit to Author: Selena J. Linde, T. Markus Funk, Todd M. Hinnen and Jonathan G. Hardin| Date: Tue, 30 May 2017 04:35:00 -0700

The widespread WannaCry attack demonstrated the acute vulnerability of computer systems to ransomware attacks. There is no reason to think that larger, more sophisticated attacks aren’t already being planned — the perpetrators of WannaCry reportedly profited handsomely — and companies that have not assessed and addressed the risk posed to their systems by such attacks may remain vulnerable.

Companies can take prophylactic steps to protect their systems against ransomware, focusing on improving data security hygiene, establishing effective governance and raising employees’ awareness of the threat.

To read this article in full or to leave a comment, please click here

Independent Securiteam

May 29, 2017 admin

SSD Advisory – Trend Micro Deep Security Multiple Vulnerabilities

Credit to Author: SSD / Maor Schwartz| Date: Thu, 25 May 2017 11:52:44 +0000

Vulnerabilities Summary The following advisory describes three (3) vulnerabilities found in Trend Micro Deep Security version 6.5. “The Trend Micro Hybrid Cloud Security solution, powered by XGen security, delivers a blend of cross-generational threat defense techniques that have been optimized to protect physical, virtual, and cloud workloads. It features Trend Micro Deep Security, the market … Continue reading SSD Advisory – Trend Micro Deep Security Multiple Vulnerabilities

ComputerWorld Independent

May 29, 2017 admin

US 'might' ban laptops on all international flights & TSA may make you unpack carry-ons

Credit to Author: Darlene Storm| Date: Mon, 29 May 2017 06:54:00 -0700

The US “might” ban laptops from the cabin of all international flights into and out of the US and “likely will” require air travelers to unpack carry-on bags for TSA inspections.

Homeland Security Secretary John Kelly told Fox News Sunday anchor Chris Wallace that the US “might” ban laptops from the cabin of all international flights into and out of the US.

Pressed to reveal more, Kelly added, “There’s a real threat. Numerous threats against aviation, that’s really the thing that they are obsessed with, the terrorists, the idea of knocking down an airplane in flight, particularly if it’s a U.S. carrier, particularly if it’s full of mostly U.S. folks, people. It’s real.”

To read this article in full or to leave a comment, please click here

Independent Krebs

May 25, 2017 admin

Trump’s Dumps: ‘Making Dumps Great Again’

Credit to Author: BrianKrebs| Date: Fri, 26 May 2017 04:45:24 +0000

It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for these shops that run continuously on various cybercrime forums. Exhibit A: McDumpals, a hugely popular carding site that borrows the Ronald McDonald character from McDonald’s and caters to bulk buyers. Exhibit B: Uncle Sam’s dumps shop, which wants YOU! to buy American. Today, we’ll look at an up and coming credit card shop called Trump’s-Dumps, which invokes 45’s likeness and promises to “make credit card fraud great again.”

Independent Securiteam

May 25, 2017 admin

SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

Credit to Author: SSD / Noam Rathaus| Date: Thu, 25 May 2017 06:01:41 +0000

KEMP’s main product, the LoadMaster, is a load balancer built on its own proprietary software platform called LMOS, that enables it to run on almost any platform: As a KEMP LoadMaster appliance, a Virtual LoadMaster (VLM) deployed on Hyper-V, VMWare, on bare metal or in the public cloud. KEMP is available in Azure, where it … Continue reading SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

ComputerWorld Independent

May 25, 2017 admin

IDG Contributor Network: Eight steps to the GDPR countdown

Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 12:52:00 -0700

One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.

To read this article in full or to leave a comment, please click here