Thursday, June 26, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

IndependentKrebs
admin

Microsoft Patch Tuesday, June 2023 Edition

Credit to Author: BrianKrebs| Date: Tue, 13 Jun 2023 20:44:28 +0000

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.

Read More
IndependentKrebs
admin

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.

Read More
ComputerWorldIndependent
admin

WWDC: 18+ ways Apple plans to make you more secure

Vision Pro, Apple Silicon, Macs, new enterprise tools — and privacy protection were all among the many WWDC announcements Apple made this week.

Introducing these protections, Craig Federighi, Apple’s senior vice president for  software engineering said: “We are focused on keeping our users in the driver’s seat when it comes to their data by continuing to provide industry-leading privacy features and the best data security in the world.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Cisco brings generative AI to Webex and Cisco Security Cloud

Cisco is adding new generative AI capabilities to its Webex collaboration platform, aimed at increasing productivity through automated meeting and conversation summaries.

The new offerings, announced at the Cisco Live! customer event in Las Vegas on Wednesday, include summarization capabilities that allow users to catch up on missed meetings or focus on the most important action items from a call. The capabilities also extend to Cisco’s asynchronous Vidcast tool and the Webex Contact Center.

To read this article in full, please click here

Read More
IndependentKrebs
admin

Service Rents Email Addresses for Account Signups

Credit to Author: BrianKrebs| Date: Tue, 06 Jun 2023 20:09:13 +0000

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.

Read More
ComputerWorldIndependent
admin

Governments worldwide grapple with regulation to rein in AI dangers

Ever since generative AI exploded into public consciousness with the launch of ChatGPT at the end of last year, calls to regulate the technology to stop it from causing undue harm have risen to fever pitch around the world. The stakes are high — just last week, technology leaders signed an open public letter saying that if government officials get it wrong, the consequence could be the extinction of the human race.

To read this article in full, please click here

Read More
IndependentKrebs
admin

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Credit to Author: BrianKrebs| Date: Thu, 01 Jun 2023 16:15:34 +0000

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on “Megatraffer,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.

Read More