Wednesday, April 29, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

AT&T extends NetBond service to secure IoT connections

The internet is what made IoT happen, providing a common protocol to take the place of separate, specialized networks. But the public internet itself may not always be the best path between a connected device and the cloud.

Enterprises can now connect cellular IoT devices to back-end systems via NetBond, a private network service from AT&T, instead of the Internet. The NetBond service sets up a VPN (virtual private network) from an edge device to the cloud. It can connect to 16 different public clouds, including Amazon Web Services and Microsoft Azure, or a private or hybrid cloud.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Obama-led sanction affected U.S. tech firms in Russia

Sanctions imposed by former President Obama on Russia for hacking during the U.S. election had an unintended side effect: they essentially barred U.S. tech firms from selling new IT products in the country.

Part of last month’s sanction order was designed to block U.S. companies from doing business with Russia’s Federal Security Service, also known as the FSB, because of its suspected role in influencing last year’s election.

But the FSB isn’t just an intelligence agency. It’s also a crucial regulator in Russia that clears new IT products, including smartphones and tablets, for sale in the country.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

How to eliminate insider threats

Insider threats are a major security problem
eliminate insider threats 1

Image by Thinkstock

For years, the primary security objective has been to protect the perimeter—the focus on keeping outsiders from gaining access and doing harm. But statistics prove that more risk exists within an organization. Indeed, many compliance regulations require monitoring of systems to identify and eliminate insider threat. According to Forrester, 58 percent of breaches are caused from internal incidents or with a business partner’s organization. And 55 percent of attacks are originated by an insider as cited in the 2015 IBM Cyber Security Intelligence Index.

To read this article in full or to leave a comment, please click here

Read More
IndependentKrebs
admin

IRS: Scam Blends CEO Fraud, W-2 Phishing


Most regular readers here are familiar with CEO fraud — e-mail scams in which the attacker spoofs the boss and tricks an employee at the organization into wiring funds to the fraudster. Loyal readers also have heard an earful about W-2 phishing, in which crooks impersonate the boss and request a copy of all employee tax forms. According to a new “urgent alert” issued by the U.S. Internal Revenue Service, scammers are now combining both schemes and targeting a far broader range of organizations than ever before.

Read More
ComputerWorldIndependent
admin

Cisco patches critical flaw in Prime Home device management server

Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.

The vulnerability affects Cisco Prime Home, an automated configuration server (ACS) that communicates with subscriber devices using the TR-069 protocol. In addition to remotely managing customer equipment, it can also “automatically activate and configure subscribers and deliver advanced services via service packages” over mobile, fiber, cable, and other ISP networks.

“A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges,” Cisco said in its advisory.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

WordPress silently fixes dangerous code injection vulnerability

Developers of the widely used WordPress content management system released an update last week, but intentionally delayed announcing that the patch addressed a severe vulnerability.

WordPress version 4.7.2 was released on January 26 as a security update, but the accompanying release notes mentioned only fixes for three moderate risk vulnerabilities, one of which did not even affect the platform’s core code.

On Wednesday, a week later, the WordPress security team disclosed that a fourth vulnerability, much more serious than the others, was also patched in version 4.7.2.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Hackers seek company insiders on the black market

If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.

Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers. 

These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday. 

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

HPE acquires security startup Niara to boost its ClearPass portfolio

Hewlett Packard Enterprise has acquired Niara, a startup that uses machine learning and big data analytics on enterprise packet streams and log streams to detect and protect customers from advanced cyberattacks that have penetrated perimeter defenses.

The financial terms of the deal were not disclosed.

Operating in the User and Entity Behavior Analytics (UEBA) market, Niara’s technology starts by automatically establishing baseline characteristics for all users and devices across the enterprise and then looking for anomalous, inconsistent activities that may indicate a security threat, Keerti Melkote, senior vice president and general manager of HPE Aruba and cofounder of Aruba Networks, wrote in a blog post on Wednesday.

To read this article in full or to leave a comment, please click here

Read More