Independent – Page 408 – Computer Security Articles

Credit to Author: DealPost Team| Date: Tue, 28 Mar 2017 14:06:00 -0700

The Professional Surge Protector CSP300WUR1 safeguards common home and office devices, such as computers and electronics, by absorbing spikes in energy caused by storms and electrical power surges. Designed for convenience, the portable CSP300WUR1 is ideal for travelers. It provides 600 joules of protection, has three surge-protected outlets, and a folding wall tap plug. Two USB ports (2.1 Amp shared) charge personal electronics, including smartphones, digital cameras, MP3 players, and other devices. A Limited-Lifetime Warranty ensures that this surge suppressor has passed high quality standards in design, assembly, material or workmanship and further protection is offered by a $50,000 Connected Equipment Guarantee. It currently averages 4 out of 5 stars on Amazon, where its typical list price of $21.955 has been reduced 46% to just $11.88. See the discounted CSP300WUR1 on Amazon.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 28, 2017 admin

Scammers scare iPhone users into paying to unlock not-really-locked Safari

Credit to Author: Gregg Keizer| Date: Tue, 28 Mar 2017 13:28:00 -0700

Apple yesterday patched a bug in the iOS version of Safari that had been used by criminals to spook users into paying $125 or more because they assumed the browser was broken.

The flaw, fixed in Monday’s iOS 10.3 update, had been reported to Apple a month ago by researchers at San Francisco-based mobile security firm Lookout.

“One of our users alerted us to this campaign, and said he had lost control of Safari on his iPhone,” Andrew Blaich, a Lookout security researcher, said in a Tuesday interview. “He said, ‘I can’t use my browser anymore.'”

The criminal campaign, Blaich and two colleagues reported in a Monday post to Lookout’s blog, exploited a bug in how Safari displayed JavaScript pop-ups. When the browser reached a malicious site implanted with the attack code, the browser went into an endless loop of dialogs that refused to close no matter who many times “OK” was tapped. The result: Safari was unusable.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 28, 2017 admin

LastPass is scrambling to fix another serious vulnerability

Credit to Author: Lucian Constantin| Date: Tue, 28 Mar 2017 10:01:00 -0700

For the second time in two weeks, developers of the popular LastPass password manager are working to fix a serious vulnerability that could allow malicious websites to steal user passwords or infect computers with malware.

Like the LastPass flaws patched last week, the new issue was discovered and reported to LastPass by Tavis Ormandy, a researcher with Google’s Project Zero team. The researcher revealed the vulnerability’s existence in a message on Twitter, but didn’t publish any technical details about it that could allow attackers to exploit it.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 28, 2017 admin

How to deal with backdoors inserted or left by vendors

Credit to Author: David Geer| Date: Tue, 28 Mar 2017 03:54:00 -0700

It’s bad enough when black hat hackers insert malicious backdoors into systems and software after vendors/makers have sold these into the marketplace. It is another matter when the vendors who create these devices and programs unwittingly or purposely leave backdoors inside their products.

To read this article in full or to leave a comment, please click here

(Insider Story)

ComputerWorld Independent

March 27, 2017 admin

Blockchain can help secure medical devices, improve patient privacy

Credit to Author: Tim Greene| Date: Mon, 27 Mar 2017 11:20:00 -0700

BOSTON — Blockchain can help secure medical devices and improve patient privacy, but the key is proper implementation, according to a top security pro at Partners Healthcare.

The downsides would include mistrust of the technology because of blockchain’s potential performance problems, and its association with ransomware and use as payment for illegal items on the Dark Web, Partners’ Deputy CISO Esmond Kane told the SecureWorld audience last week in Boston.

On the other hand, the decentralized, encrypted public ledger could have a wealth of applications in healthcare, Kane says. These include streamlining the resolution of insurance claims, management of internet of things medical devices and providing granular privacy settings for personal medical data.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 27, 2017 admin

iPad bomb plot allegedly led to electronic device ban on flights

Credit to Author: Darlene Storm| Date: Mon, 27 Mar 2017 08:58:00 -0700

A plot allegedly involving an iPad bomb was one of the factors which sparked US and UK restrictions on bringing electronic devices larger than a smartphone into the passenger cabin of flights traveling from the Middle East.

It’s unclear if the alleged bomb was inside an iPad knockoff or used an iPad shell, but the tablet filled with explosives was not in itself enough to trigger the electronic device ban. An unnamed source told The Guardian that the US and UK bans “were not the result of a single specific incident but a combination of factors.”

To read this article in full or to leave a comment, please click here

Independent Krebs

March 27, 2017 admin

Alleged vDOS Owners Poised to Stand Trial

Credit to Author: BrianKrebs| Date: Mon, 27 Mar 2017 13:56:31 +0000

Police in Israel are recommending that the state attorney’s office indict and prosecute two 18-year-olds suspected of operating vDOS, until recently the most popular attack service for knocking Web sites offline. On Sept. 8, 2016, KrebsOnSecurity published a story about the hacking of vDOS, a service that attracted tens of thousands of paying customers and facilitated countless distributed denial-of-service (DDoS) attacks. That story named two young Israelis — Yarden Bidani and Itay Huri — as the likely owners and operators of vDOS, and within hours of its publication the two were arrested by Israeli police, placed on house arrest for 10 days, and forbidden from using the Internet for a month.

ComputerWorld Independent

March 27, 2017 admin

IDG Contributor Network: Saks self-leaked customer data unencrypted, violating multiple rules

Credit to Author: Evan Schuman| Date: Mon, 27 Mar 2017 04:00:00 -0700

With so many retailers being impacted by cyber attacks, it’s easy to conclude that thieves are necessary for data breaches. Not necessarily. Saks last week made clear that it can breach itself quite efficiently.

That revelation comes courtesy of Buzzfeed News, which visited the site and noticed private data about quite a few fellow site visitors and shoppers.

To read this article in full or to leave a comment, please click here