Wednesday, April 29, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

New macOS ransomware spotted in the wild

Credit to Author: Lucian Constantin| Date: Wed, 22 Feb 2017 11:09:00 -0800

A new file-encrypting ransomware program for macOS is being distributed through bit torrent websites, and users who fall victim to it won’t be able to recover their files — even if they pay.

Crypto ransomware programs for macOS are rare. This is the second such threat found in the wild so far, and it’s a poorly designed one. The program was named OSX/Filecoder.E by the malware researchers from antivirus vendor ESET who found it.

OSX/Filecoder.E masquerades as a cracking tool for commercial software like Adobe Premiere Pro CC and Microsoft Office for Mac. It is written in Apple’s Swift programming language by what appears to be an inexperienced developer, judging from the many mistakes made in its implementation.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

What’s up with Windows patching, Microsoft?

Credit to Author: Steven J. Vaughan-Nichols| Date: Wed, 22 Feb 2017 08:36:00 -0800

Well, here’s something different. Microsoft, for the first time since it started its monthly Patch Tuesdays in October 2003, has completely blown a deadline. There will be no major patch release in February. Instead, the patch package will be released on March 14.

Why? We don’t know and Microsoft isn’t saying.

Color me concerned.

I have reason to be. Greg Lambert, chairman of Qompat, who covers software patches like paint, had hoped Microsoft would delay the patches by only a week. After all, Lambert observed, “This month’s update cycle from Microsoft is especially important as a now critical zero-day vulnerability (CVE867968) has been reported related to how a component of the Microsoft SMB [Server Message Block] protocol handles traffic. This was initially reported as a denial of service attack, but now looks like to be rated as critical by Microsoft as it may lead to a more serious (RCE) remote code execution scenario.”

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft pushes out critical Flash Player patches after one-week delay

Credit to Author: Lucian Constantin| Date: Wed, 22 Feb 2017 07:29:00 -0800

After deciding to postpone its February patches for a month, Microsoft released one critical security update for Windows on Tuesday that contains Flash Player patches released by Adobe Systems last week.

The new security bulletin, identified as MS17-005, is rated critical for Windows 8.1, Windows RT 8.1, Windows 10 and Windows Server 2016, and moderate for Windows Server 2012 and Windows Server 2012 R2. On these Windows versions, Flash Player is bundled by default with Internet Explorer 11 and Microsoft Edge, so Microsoft delivers patches for it through Windows Update.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

LinkedIn will help people in India train for semi-skilled jobs

Credit to Author: John Ribeiro| Date: Wed, 22 Feb 2017 04:18:00 -0800

Microsoft has launched Project Sangam, a cloud service integrated with LinkedIn that will help train and generate employment for middle and low-skilled workers.

The professional network that was acquired by Microsoft in December has been generally associated with educated urban professionals, but the company is now planning to extend its reach to semi-skilled people in India.

Having connected white-collared professionals around the world with the right job opportunities and training through LinkedIn Learning, the platform is now developing a new set of products that extends this service to low- and semi-skilled workers, said Microsoft CEO Satya Nadella at an event on digital transformation in Mumbai on Wednesday.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

7 Wi-Fi vulnerabilities beyond weak passwords

Credit to Author: Eric Geier| Date: Wed, 22 Feb 2017 03:00:00 -0800

To keep private Wi-Fi networks secure, encryption is a must-have — and using strong passwords or passphrases is necessary to prevent the encryption from being cracked. But don’t stop there! Many other settings, features and situations can make your Wi-Fi network as much or even more insecure as when you use a weak password. Make sure you’re not leaving your network vulnerable by doing any of the following.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More
IndependentSecuriteam
admin

SSD Advisory – Oracle Java FTP Stream Injection

Credit to Author: Maor Schwartz| Date: Tue, 21 Feb 2017 13:51:34 +0000

Vulnerability Summary The following advisory describes a FTP protocol stream injection vulnerability found in Oracle Java. Java is a general-purpose computer programming language that is concurrent, class-based, object-oriented, and specifically designed to have as few implementation dependencies as possible. It is intended to let application developers “write once, run anywhere” (WORA). Credit An independent security … Continue reading SSD Advisory – Oracle Java FTP Stream Injection

Read More
IndependentSecuriteam
admin

SSD Advisory – HiSilicon multiple vulnerabilities

Credit to Author: Maor Schwartz| Date: Tue, 21 Feb 2017 07:44:16 +0000

Vulnerabilities Summary The following advisory describes 2 vulnerabilities found in HiSilicon application-specific integrated circuit (ASIC) chip set firmware. HiSilicon provides ASICs and solutions for communication network and digital media. These ASICs are widely used in over 100 countries and regions around the world. In the digital media field, HiSilicon has already released the SoC and … Continue reading SSD Advisory – HiSilicon multiple vulnerabilities

Read More