Thursday, April 30, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorldIndependent
admin

Cisco starts patching critical flaw in WebEx browser extension

Cisco Systems has started to patch a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on computers.

The company released a patched version of the extension — 1.0.7 — for Google Chrome on Thursday and is working on similar patches for the Internet Explorer and Mozilla Firefox versions.

The vulnerability was found by Google security researcher Tavis Ormandy and stemmed from the fact that the WebEx extension exposed functionality to any website that had “cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html” in its URL or inside an iframe. Some of that WebEx functionality allowed for the execution of arbitrary code on computers.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

A.I.-based typing biometrics might be authentication's next big thing

Identifying or authenticating people based on how they type is not a new idea, but thanks to advances in artificial intelligence it can now be done with a very high level of accuracy, making it a viable replacement for other forms of biometrics.

Research in the field of keystroke dynamics, also known as keyboard or typing biometrics, spans back over 20 years. The technique has already been used for various applications that need to differentiate among computer users, but its widespread adoption as a method of authentication has been held back by insufficient levels of accuracy.

Keystroke dynamics relies on unique patterns derived from the timing between key presses and releases during a person’s normal keyboard use. The accuracy for matching such typing-based “fingerprints” to individual persons by using traditional statistical analysis and mathematical equations varies around 60 percent to 70 percent, according to Raul Popa, CEO and data scientist at Romanian startup firm TypingDNA.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Right answer, wrong question

This credit union updates its online banking website, so a pilot fish with accounts there updates all her family’s accounts.

“The new feature was security questions,” says fish. “I didn’t like the three that were given, so I did the drop-down to see more questions. I chose my three new questions and wrote down the answers so the spouse knew what they were.”

But the first time he tries it, he blows the password. Fish has to go through the whole process of recreating the account setup.

Next time he tries, fish has to go through the entire process again — but this time she prints out screen captures of the questions she chose, and writes the answers on them.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Trump administration is giving us a good lesson on Twitter security

Several recent incidents involving U.S. President Donald Trump’s administration can teach users something about IT security — particularly about Twitter and what not to do with it.

It turns out that several White House-related Twitter accounts — including the president’s official account, @POTUS — until recently were revealing sensitive information that hackers might be able to exploit.

The problem revolves around the service’s password reset function. If the account holder doesn’t take certain steps to secure it, Twitter exposes information that anyone with the right skills can use to uncover what email address — in redacted form — was used to secure a Twitter account.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Gmail will block JavaScript attachments, a common source of malware

Starting Feb. 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.

Users will no longer be able to attach .JS files to emails in Gmail, regardless of whether they attach them directly or they include them in archives like .gz, .bz2, .zip or .tgz. For those rare cases when such files need to be shared via email, users can upload them to a storage service like Google Drive and then share the link.

The .JS file extension will be added an existing list of other banned file attachments that includes: .ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF and .WSH. Most of these file types have long been abused by cybercriminals to send malware via email.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: 14 ways to keep your data safe on Data Privacy Day

Read More
ComputerWorldIndependent
admin

Self-protection is key to Linux kernel security

Linux has quietly taken over the world. The operating system now powers the large datacenters that make all our cloud applications and services possible, along with billions of Android devices and internet-connected gadgets that comprise the internet of things (IoT). Even the systems that handle the day-to-day operations on the International Space Station run Linux.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More
ComputerWorldIndependent
admin

Face-off: Oracle vs. CA for identity management

Employees come and go, or switch departments, so IT managers seek an automated way to give (or deny) them access privileges to corporate systems. Two of the top software products for identity and access management (IAM) are Oracle Identity Manager and CA Identity Manager, according to IT Central Station, an online community where IT professionals review enterprise products.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More