RSS Reader for Computer Security Articles
Credit to Author: Brian Barrett| Date: Sat, 17 Feb 2018 12:00:00 +0000
The most chilling aspect of that blockbuster Mueller indictment? The bureaucracy behind Russia’s onslaught.
Read More
Credit to Author: Molly McKew| Date: Sat, 17 Feb 2018 03:25:07 +0000
In the wake of the Mueller indictment of a Russian troll farm, any attempt to claim that the 2016 election wasn’t affected by Russian meddling is laughable.
Read More
Credit to Author: Andy Greenberg| Date: Fri, 16 Feb 2018 22:29:43 +0000
A new Justice Department indictment alleges Russia’s disinformation operations created bank and social media accounts using the stolen identities of real US citizens.
Read More
Credit to Author: Garrett M. Graff| Date: Fri, 16 Feb 2018 21:12:23 +0000
Robert Mueller’s office has come out with a 37-page indictment that details the extraordinary lengths Russian agents went to influence the 2016 presidential election.
Read More
Credit to Author: Andy Greenberg| Date: Thu, 15 Feb 2018 23:20:08 +0000
After its negligence on Russian election hacking, the Trump administration is taking Russia’s global malware attack more seriously.
Read More
Credit to Author: Woody Leonhard| Date: Fri, 16 Feb 2018 09:12:00 -0800
The Microsoft Update Catalog uses insecure HTTP links – not HTTPS links – on the download buttons, so patches you download from the Update Catalog are subject to all of the security problems that dog HTTP links, including man-in-the-middle attacks.
Security researcher Stefan Kanthak, writing on Seclist’s Bugtraq mailing list, elaborates:
Even if you browse the “Microsoft Update Catalog” via the HTTPS link, ALL download links published there use HTTP, not HTTPS!
That’s trustworthy computing … the Microsoft way!
Despite numerous mails sent to <secure () microsoft com> in the last years, and numerous replies “we’ll forward this to the product groups,” nothing happens at all.
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 16 Feb 2018 13:00:28 +0000
Valentine’s Day was earlier this week, and there was so much love in the air. There was also a lot of love in the Trend Micro world as our teams worked diligently to make sure our customers were protected from this month’s bevy of critical vulnerabilities across several vendors. This week, we focus on Microsoft,…
Credit to Author: Gregg Keizer| Date: Thu, 15 Feb 2018 12:11:00 -0800
Microsoft’s free Windows Analytics service now scans enterprise Windows 7, Windows 8.1 and Windows 10 PCs, and reports whether they’ve been updated to defend against potential attacks exploiting the Meltdown and Spectre processor vulnerabilities.
The new capabilities of Windows Analytics’ “Upgrade Readiness” were announced Tuesday by Terry Myerson, the top Windows executive at the company. Myerson called the vulnerabilities – found by Google security researchers and reported to vendors in mid-2017 – “a new challenge for all of us” because they were in the silicon, not in software.
“We have added new capabilities to our free Windows Analytics service to report the status for all the Windows devices that [IT professionals] manage,” Myerson wrote in a post to a company blog.