Tuesday, April 28, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

4 charged, including Russian gov't agents, for massive Yahoo hack

Credit to Author: Martyn Williams| Date: Wed, 15 Mar 2017 09:22:00 -0700

The FBI on Wednesday charged four people, including two Russian state intelligence agents, for their involvement in a massive hack of Yahoo that affected half a billion accounts.

In September, Yahoo said hackers had managed to steal personal data on more than 500 million users during an attack in late 2014. The stolen data included names, email addresses, telephone numbers and hashed passwords. Blame for the attack was put on a “state-sponsored” group.

The FBI said that group was the Russian Federal Security Service, the FSB, and it identified agents Dmitry Dokuchaev and Igor Sushchin as leaders of the attack.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Malicious uploads allowed hijacking of WhatsApp and Telegram accounts

Credit to Author: Lucian Constantin| Date: Wed, 15 Mar 2017 07:55:00 -0700

A vulnerability patched in the web-based versions of encrypted communications services WhatsApp and Telegram would have allowed attackers to take over accounts by sending users malicious files masquerading as images or videos.

The vulnerability was discovered last week by researchers from Check Point Software Technologies and was patched by the WhatsApp and Telegram developers after the company privately shared the flaw’s details with them.

The web-based versions of WhatsApp and Telegram synchronize automatically with the apps installed on users’ phones. At least in the case of WhatsApp, once paired using a QR code, the phone needs to have an active internet connection for WhatsApp messages to be relayed to the browser on the computer.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Twitter accounts hacked, Twitter Counter steps forward as culprit

Credit to Author: Peter Sayer| Date: Wed, 15 Mar 2017 07:37:00 -0700

Twitter Counter, a third-party analytics service, appears once again to have provided a gateway for hackers to post messages to high-profile Twitter accounts.

An unlikely number of Twitter users suddenly learned to speak Turkish on Wednesday, posting an inflammatory message in the language replete with Nazi swastikas.

Among those posting the message were the Twitter accounts of Forbes magazine, the Atlanta Police Department, and Amnesty International, one of the few hacked accounts one might expect to actually speak Turkish.

Fears that these accounts had all been hacked were quickly allayed, when Twitter identified a third-party app as being to blame.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Twitter Counter hacked: Hundreds of high-profile Twitter accounts hijacked

Credit to Author: Darlene Storm| Date: Wed, 15 Mar 2017 06:16:00 -0700

Twitter seemed to temporarily be overtaken by tweets featuring swastikas, Turkish flags and Nazi references after third-party analytics app Twitter Counter was hacked.

It’s unclear how many Twitter accounts were affected – hundreds or thousands – considering Twitter Counter claims to have more than two million users who linked their Twitter accounts to its service for the purpose of providing statistics and tracking responses to tweets.

Infosec journalist Graham Cluley apologized “for the Nazi spam” after his account was hijacked. There was a rush of people scrubbing their accounts as Amnesty International, Duke University, Forbes, Reuters Japan, BBC North America, UNICEF USA, the UK Department of Health, the CEO of Sprint, bitcoin wallet Blockchain, the Atlanta Police Department, Starbucks Argentina, the European Parliament, Nike Spain, sports stars, celebrities and many others were compromised and also spewed Nazi spam.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Court blocks American from suing Ethiopia for infecting his computer

Credit to Author: John Ribeiro| Date: Wed, 15 Mar 2017 04:10:00 -0700

An appeals court has barred an Ethiopian-born U.S. citizen from filing a civil suit against the African country, which allegedly infected his computer with spyware and monitored his communications.

The U.S. Court of Appeals for the District of Columbia Circuit ruled Tuesday that foreign states are immune from lawsuits in a U.S. court unless an exception to the Foreign Sovereign Immunities Act (FSIA) applies.

The person, who is referred to in court documents by the pseudonym Kidane, was born in Ethiopia and lived there for 30 years before seeking asylum in the U.S. He lives in Maryland.

To read this article in full or to leave a comment, please click here

Read More
IndependentSecuriteam
admin

SSD Advisory – SolarWinds Multiple Vulnerabilities

Credit to Author: Maor Schwartz| Date: Tue, 14 Mar 2017 07:15:01 +0000

Vulnerabilities Summary SolarWinds Server and Application Monitor version 6.1.1 has been found to contain multiple vulnerabilities: Node Custom Properties Persistent XSS Audit Events Module Persistent XSS Custom “Data Source” and ‘Where Clause’ Persistent XSS “Build Dynamic Query Name” Persistent XSS Multiple Persistent XSS Vulnerabilities Via ‘Title’ field Application Monitor Template Persistent XSS NOC View Name … Continue reading SSD Advisory – SolarWinds Multiple Vulnerabilities

Read More
ComputerWorldIndependent
admin

Microsoft stays security bulletins' termination

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 13:17:00 -0700

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month’s slate of vulnerabilities and accompanying patches.

The bulletins’ last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the “Security Updates Guide” or SUG.

But just hours before February’s security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing “a last-minute issue” that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

DOJ: No, we won't say how much the FBI paid to hack terrorist's iPhone

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 11:31:00 -0700

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist’s iPhone or disclose how much it paid for the hacking job, court documents showed.

That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.

In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple’s help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.

To read this article in full or to leave a comment, please click here

Read More