Wednesday, April 29, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

Microsoft shelves all February security updates

Credit to Author: Gregg Keizer| Date: Tue, 14 Feb 2017 10:35:00 -0800

Microsoft today took the unprecedented step of postponing an entire month’s slate of security updates for Windows and its other products just hours before the patches were to begin rolling out to customers.

“We discovered a last-minute issue that could impact some customers and was not resolved in time for our planned updates today,” Microsoft said in a post to the MSRC (Microsoft Security Research Center) blog. “After considering all options, we made the decision to delay this month’s updates.”

Today was set as Patch Tuesday, the monthly release of security fixes from Microsoft. Normally, Microsoft issues the updates around 10 a.m. PT (1 p.m. ET). Although Microsoft did not time stamp its blog post, the SAN Institute’s Internet Storm Center (ISC) pointed out the delay at 8:22 a.m. PT (11:22 ET).

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Russian cyberspies blamed for U.S. election hacks are now targeting Macs

Credit to Author: Lucian Constantin| Date: Tue, 14 Feb 2017 10:28:00 -0800

Security researchers have discovered a macOS malware program that’s likely part of the arsenal used by the Russian cyberespionage group blamed for hacking into the U.S. Democratic National Committee last year.

The group — known in the security industry under different names including Fancy Bear, Pawn Storm, and APT28 — has been operating for almost a decade. It is believed to be the sole user and likely developer of a Trojan program called Sofacy or X-Agent.

X-Agent variants for Windows, Linux, Android, and iOS have been found in the wild in the past, but researchers from Bitdefender have now come across what appears to be the first macOS version of the Trojan.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft's president wants a Geneva Convention for cyberwar

Credit to Author: Blair Hanley Frank| Date: Tue, 14 Feb 2017 08:52:00 -0800

Microsoft is calling for a Digital Geneva Convention, as global tensions over digital attacks continue to rise. The tech giant wants to see civilian use of the internet protected as part of an international set of accords, Brad Smith, the company’s president and chief legal officer, said in a blog post.

The manifesto, published alongside his keynote address at the RSA conference in San Francisco on Tuesday, argued for codifying recent international norms around cyberwarfare and for establishing an independent agency to respond to and analyze cyberattacks.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Forget the network perimeter, say security vendors

Credit to Author: Lucian Constantin| Date: Tue, 14 Feb 2017 08:13:00 -0800

What if all your company’s computers and applications were connected directly to the Internet? That was the assumption behind BeyondCorp, a new model for network security that Google proposed back in 2014, and it’s one that’s starting to get some attention from networking and security vendors.

Enterprises have moved beyond the traditional workspace in recent years, allowing employees to work remotely by using their personal devices and accessing apps in private or public clouds. To bring roaming workers back into the fold, under the security blanket of their local networks, companies rely on VPNs and endpoint software to enforce network access controls.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Cybersecurity alliance promoting intel-sharing seeks to expand

Credit to Author: Michael Kan| Date: Tue, 14 Feb 2017 04:48:00 -0800

The Cyber Threat Alliance, a group of security firms that often compete, is seeking to expand. In an effort to recruit more members, the Cyber Threat Alliance is announcing that it’s become a not-for-profit. In addition, a former White House official will be its new leader.

 

Rivals including Fortinet, Intel Security, Palo Alto Networks and Symantec originally entered into the alliance over two years ago, even as doubts arose over whether it would last.

The intelligence sharing between the vendors will also accelerate. Before it was done manually, and involved sharing 1,000 malware samples each day. But alliance members have built a platform that will now automate the information sharing in real-time.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Researcher develops ransomware attack that targets water supply

Credit to Author: Michael Kan| Date: Tue, 14 Feb 2017 04:35:00 -0800

A security researcher is showing that it’s not hard to hold industrial control systems for ransom. He’s experimented with a simulated water treatment system based on actual programmable logic controllers (PLCs) and documented how these can be hacked.

David Formby, a PhD student at Georgia Institute of Technology, conducted his experiment to warn the industry about the danger of poorly secured PLCs. These small dedicated computers can be used to control important factory processes or utilities, but are sometimes connected to the internet.

For instance, Formby found that 1,500 of these industrial PLCs are accessible online, he said while speaking at the RSA cybersecurity conference on Monday. It’s not hard to imagine a hacker trying to exploit these exposed PLCs, he added. Cybercriminals have been infecting businesses across the world with ransomware, a form of malware that can hold data hostage in exchange for bitcoin.

To read this article in full or to leave a comment, please click here

Read More