Independent – Page 82 – Computer Security Articles

Credit to Author: Susan Bradley| Date: Mon, 14 Mar 2022 08:56:00 -0700

Where does your software come from?

That’s one of the questions online users at AskWoody.com have asked in recent weeks. Obviously, this comes up as the world sees what’s going on in Ukraine. For many years, one security software vendor in particular was tagged as possibly having Russian ties — and as far back as 2017, the US Government banned the use of Kaspersky antivirus over fears the security software could spy on defense contractors for Russia.

To read this article in full, please click here

ComputerWorld Independent

March 12, 2022 admin

Microsoft delivers a solid, low-impact Patch Tuesday

Credit to Author: Greg Lambert| Date: Sat, 12 Mar 2022 05:10:00 -0800

March brings us a solid set of updates from Microsoft for Windows, Microsoft Office, Exchange, and Edge (Chromium), but no critical issues requiring a “Patch Now” release schedule (though Microsoft Exchange will require some technical effort this month). We have published some testing guidelines, with a focus on printing, remote desktop over VPN connections, and server-based networking changes. We also recommend testing your Windows installer packages with a specific focus on roll-back and uninstall functionality.

You can find more information about the risk of deploying these Patch Tuesday updates with this useful infographic. And, if you are looking for more information on .NET updates, there is a great post from Microsoft that highlights this month’s changes.

To read this article in full, please click here

Independent Krebs

March 11, 2022 admin

Report: Recent 10x Increase in Cyberattacks on Ukraine

Credit to Author: BrianKrebs| Date: Fri, 11 Mar 2022 16:50:11 +0000

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

Independent Krebs

March 9, 2022 admin

Microsoft Patch Tuesday, March 2022 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.

Independent Krebs

March 8, 2022 admin

Internet Backbone Giant Lumen Shuns .RU

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 23:35:15 +0000

Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukraine.

ComputerWorld Independent

March 8, 2022 admin

Phishing e-mails are more prevalent (and dangerous) than ever

Credit to Author: Steven J. Vaughan-Nichols| Date: Tue, 08 Mar 2022 08:56:00 -0800

Phishing, those malicious e-mails that pretend to be legitimate messages, has been a problem since Canter and Siegel launched the first spam campaign in 1994. (Mea culpa — it seems they learned about this thing called the Internet from some of my articles.) Today, spam, while still annoying, is the least of our e-mail troubles. In addition to invading Ukraine, Russian agents are now doing their best to invade our IT systems via phishing e-mails.

To read this article in full, please click here

ComputerWorld Independent

March 8, 2022 admin

Google buys cybersecurity company Mandiant for $5.4B

Credit to Author: Charlotte Trueman| Date: Tue, 08 Mar 2022 04:58:00 -0800

In a move to offer an end-to-end security operations suite from its cloud platform, Google has announced it will acquire cyberdefense and response company Mandiant for $5.4 billion, in a deal expected to close later this year.

The acquisition will complement Google Cloud’s existing security services and together, the companies will deliver a security operations suite as well as advisory services that help customers address critical security challenges and stay protected at every stage of the security lifecycle, Mandiant said in a press release.

The company recently announced a new Ransomware Defense Validation service for its SaaS-based XDR (extended detection and response) platform, Mandiant Advantage, to help enterprises gauge the ability of their security systems to guard against ransomware attacks.

To read this article in full, please click here

Independent Krebs

March 7, 2022 admin

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 01:38:36 +0000

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.