RSS Reader for Computer Security Articles
Matt Gangwer, CTO of Rook Security and Ryan O'Leary, VP of Threat Research Center and Tech Support at WhiteHat Security join CSO Online's Steve Ragan to talk about the evolution of ransomware, and what companies need to do to combat it.
Credit to Author: Lucian Constantin| Date: Thu, 02 Mar 2017 07:46:00 -0800
Google has expanded its Safe Browsing service, allowing Google Chrome on macOS to better protect users from programs that locally inject ads into web pages or that change the browser’s home page and search settings.
The Safe Browsing service is used by Google’s search engine, as well as by Google Chrome and Mozilla Firefox, to block users from accessing websites that host malicious code or malicious software. Chrome also uses the service to scan downloaded files and to block users from executing those that are flagged as malicious.
“Safe Browsing is broadening its protection of macOS devices, enabling safer browsing experiences by improving defenses against unwanted software and malware targeting macOS,” Google said in a blog post Wednesday. “As a result, macOS users may start seeing more warnings when they navigate to dangerous sites or download dangerous files.”
To read this article in full or to leave a comment, please click here
Credit to Author: John Ribeiro| Date: Thu, 02 Mar 2017 03:59:00 -0800
The U.S. Federal Communications Commission has halted new rules that would require high-speed internet providers to take ‘reasonable’ steps to protect customer data.
In a 2-1 vote that went along party lines, the FCC voted Wednesday to stay temporarily one part of privacy rules passed in October that would give consumers the right to decide how their data is used and shared by broadband providers.
The rules include the requirement that internet service providers should obtain “opt-in” consent from consumers to use and share sensitive information such as geolocation and web browsing history, and also give customers the option to opt out from the sharing of non-sensitive information such as email addresses or service tier information.
To read this article in full or to leave a comment, please click here
Credit to Author: Michael Kan| Date: Thu, 02 Mar 2017 03:42:00 -0800
If your company has experienced a data breach, it’s probably a good idea to thoroughly investigate it promptly.
Unfortunately, Yahoo didn’t, according to a new internal investigation. The internet pioneer, which reported a massive data breach involving 500 million user accounts in September, knew an intrusion had occurred back in 2014, but allegedly botched its response.
The findings were made in a Yahoo securities exchange filing on Wednesday that offered more details about the 2014 breach, which the company has blamed on a state-sponsored hacker.
To read this article in full or to leave a comment, please click here
Credit to Author: BrianKrebs| Date: Thu, 02 Mar 2017 03:14:52 +0000
Among today’s fastest-growing cybercrime epidemics is “ransomware,” malicious software that encrypts all of your computer files, photos, music and documents and then demands payment in Bitcoin to recover access to the files. A big reason for the steep increase in ransomware attacks in recent years comes from the proliferation of point-and-click tools sold in the cybercrime underground that make it stupid simple for anyone to begin extorting others for money.
Read More
Credit to Author: Michael Kan| Date: Wed, 01 Mar 2017 13:59:00 -0800
More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers.
The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.
Google has already removed the apps from its Play store. But what’s interesting is the developers behind the apps probably aren’t to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.
To read this article in full or to leave a comment, please click here
Credit to Author: Grant Gross| Date: Wed, 01 Mar 2017 12:05:00 -0800
Any reform of a controversial U.S. law allowing the National Security Agency to spy on people overseas will likely focus on its impact on U.S. residents, without curbing its use elsewhere.
Section 702 of the Foreign Intelligence Surveillance Act (FISA) expires on Dec. 31, and some digital rights groups are calling on Congress to overhaul the law to protect the privacy of residents of both the U.S. and other countries. Congress will almost certainly extend the provision in some form.
But a congressional hearing on Wednesday focused largely on the NSA’s “inadvertent” collection of U.S. residents’ data, with little time given to the privacy concerns of people overseas.
To read this article in full or to leave a comment, please click here
Credit to Author: Lucian Constantin| Date: Wed, 01 Mar 2017 08:29:00 -0800
An analysis of robots used in homes, businesses and industrial installations has revealed many of the same basic weaknesses that are common in IoT devices, raising questions about security implications for human safety.
The robotics industry has already seen significant growth in recent years and will only further accelerate. Robots are expected to serve in many roles, from assisting people in homes, stores and medical facilities, to manufacturing in factories and even handling security and law enforcement tasks.
“When you think of robots as computers with arms, legs or wheels, they become kinetic IoT devices that, if hacked, can pose new serious threats we have never encountered before,” researchers from cybersecurity consultancy firm IOActive said in a new report.
To read this article in full or to leave a comment, please click here