Monday, June 30, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

IndependentKrebs
admin

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Credit to Author: BrianKrebs| Date: Tue, 13 Dec 2022 23:54:21 +0000

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.

Read More
ComputerWorldIndependent
admin

European Commission takes step toward approving EU-US data privacy pact

The European Commission announced Tuesday that is has officially begun the process of approving the EU-US Data Privacy Framework—hammered together to allow the flow of data between the US and the European Union—after concluding that the framework provides privacy safeguards comparable to those of the EU.

After President Biden signed the executive order that implemented rules for the Trans-Atlantic Data Policy Framework in the US in October, the Commission conducted an assessment into the US legal framework that the bill was based upon. That assessment, released Tuesday, says that the legislation ensures an adequate level of protection for personal data transferred from the EU to US companies.

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

Apple sets a security challenge for 2023

Given Apple’s big moves this week to roll out new data protection tools for iMessage and allow users to encrypt more of their data in iCloud, it seems obvious that security is going to be a major Apple priority in the year ahead.

Stamping out surveillance

The Biden administration’s decision to blacklist the mercenary hackers at NSO Group was a welcome move, but it hasn’t stopped the “surveillance-as-a-service” industry. Instead, it’s atomized it, which means we now have more companies offering such “services” than ever before.

To read this article in full, please click here

Read More
IndependentKrebs
admin

New Ransom Payment Schemes Target Executives, Telemedicine

Credit to Author: BrianKrebs| Date: Thu, 08 Dec 2022 18:25:04 +0000

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.

Read More
ComputerWorldIndependent
admin

Apple finally adds encryption to iCloud backups

Apple today introduced several new security features focused on fending off threats to user data in the cloud, including end-to-end encryption for backups for iCloud users.

Along with end-to-end encryption for iCloud, Apple’s cloud storage and computing platform, the company announced iMessage Contact Key Verification, allowing users to verify they are communicating only with whom they intend.

apple advanced security advanced data protection inline.jpg.large Apple

Apple also announced hardware Security Keys for Apple ID, giving users the choice to require two-factor authentication to sign into their Apple ID account. (Hardware security keys use devices, such as USB thumb drives or near-field communication (NFC) dongles, to enable access to a service or application.)

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

A compliance fight in Germany could hurt Microsoft customers

Credit to Author: eschuman@thecontentfirm.com| Date: Wed, 07 Dec 2022 04:32:00 -0800

If there are two things that should never mix, it’s cybersecurity/privacy compliance and corporate politics. And yet, that’s at the heart of a compliance fight between Microsoft and German authorities that might wind up punishing the company’s customers. 

The German Datenschutzkonferenz — the regulatory body entrusted to handle Germany’s flavor of the European Union’s General Data Protection Regulation (GDPR) — has publicly declared that “no data protection-compliant use of Microsoft Office 365 was possible.”

To read this article in full, please click here

Read More
ComputerWorldIndependent
admin

What you need to know about the UK’s Online Safety Bill

Three years and four prime ministers after the UK government first published its Online Harms white paper—the basis for the current Online Safety Bill—the Conservative Party’s ambitious attempt at internet regulation has found its way back to Parliament after multiple amendments.

If the bill becomes law, it will apply to any service or site that has users in the UK, or targets the UK as a market, even if it is not based in the country. Failure to comply with the proposed rules will place organizations at risk of fines of up to 10% of global annual turnover or £18 million (US$22 million), whichever is higher.

A somewhat bloated and confused version of its former self, the bill, which was dropped from the legislative agenda when Boris Johnson was ousted in July, has now passed its final report stage, meaning the House of Commons now has one last chance to debate its contents and vote on whether to approve it.

To read this article in full, please click here

Read More