RSS Reader for Computer Security Articles
Credit to Author: Lily Hay Newman| Date: Thu, 14 Jul 2022 11:00:00 +0000
Researchers have found a way to use the web’s basic functions to identify who visits a site—without the user detecting the hack.
Read More
Credit to Author: Dan Goodin, Ars Technica| Date: Wed, 13 Jul 2022 16:00:00 +0000
The exploit can leak password information and other sensitive material, but the chipmakers are rolling out mitigations.
Read More
Credit to Author: JR Raphael| Date: Wed, 13 Jul 2022 03:00:00 -0700
Man, I had one hell of a streak.
All these years — approximately 7,967 since I first started using and writing about Android — and somehow, rather miraculously, I’d never outright broken a phone.
Impressive, I know. But don’t let yourself get wrapped in awe yet, my fellow drop-dreading denizen: My streak of impeccable Android phone protection has officially come to a crashing halt.
Now, I didn’t technically drop my phone, mind you. And I didn’t technically break it myself, either. But it was definitely broken. And it happened on my watch.
Credit to Author: Varsha Bansal| Date: Tue, 12 Jul 2022 17:01:51 +0000
Nonprofit donors had their information given to law enforcement without consent, highlighting limited data protections in the world’s largest democracy.
Read More
Credit to Author: Garrett M. Graff| Date: Mon, 11 Jul 2022 18:27:00 +0000
The US House committee has already uncovered a more organized and sinister plot than many imagined. But history suggests the worst may be yet to come.
Read More
Credit to Author: Matt Burgess| Date: Mon, 11 Jul 2022 11:00:00 +0000
The pro-Russian group Killnet is targeting countries supporting Ukraine. It has declared “war” against 10 nations.
Read More
Credit to Author: Enoch Root| Date: Mon, 11 Jul 2022 16:17:30 +0000
A new method for detecting hidden cameras, microphones and other IoT spy devices that seems to actually work.
Read More
Credit to Author: Susan Bradley| Date: Mon, 11 Jul 2022 08:56:00 -0700
On July 8, Microsoft pulled back from its decision in February to block macros in Excel documents by default. Microsoft had said it would block Excel files that contained macros if they were downloaded from the internet. (Malicious actors use these lures as a way to launch attacks on networks; specifically, ransomware and other types of malicious activity can launched from a plain, old malicious spreadsheet.)
Microsoft still plans to put this blocking in place, but only after “a better experience.” In the meantime, there are actions you can take now so you won’t need to worry about the change in the future.
If you work for a firm that’s developed spreadsheets for your own internal office use, chances are the spreadsheet does not have a digital signature. Signing machos is similar to how websites use SSL certificates to validate the site is legit. The hardest part of the self-signing process is deciding whether you want to purchase a code-signing certificate or use the self-signed certificate process. (I can tell you from personal experience that trying to purchase a code-signing certificate is an expensive and cumbersome process. I don’t recommend that option, except for large enterprises where the code-signing process is routine.)