RSS Reader for Computer Security Articles
Credit to Author: Alex Perekalin| Date: Mon, 16 Oct 2017 16:10:36 +0000
Every Wi-Fi network using WPA or WPA2 encryption is vulnerable to a key reinstallation attack. Here are some more details and means of protection.
Read More
Credit to Author: Lily Hay Newman| Date: Mon, 16 Oct 2017 15:03:13 +0000
A vulnerability called KRACK affects nearly every Wi-Fi device on the market.
Read MoreCredit to Author: Kaspersky Team| Date: Mon, 16 Oct 2017 15:24:15 +0000
What Russian hackers, American spies, the Israeli Intelligence Service, and Kaspersky Lab have to do with each other. What is happening, anyway?
Read More
Credit to Author: Steven J. Vaughan-Nichols| Date: Mon, 16 Oct 2017 07:23:00 -0700
When I hear people worrying about cloud security, they’re usually shaking in their boots about some obscure bug beyond their control. Ha! Ordinary, stupid human mistakes are more than bad enough.
For example, Accenture left hundreds of gigabytes of private user and corporate data on four unsecured Amazon Web Services (AWS) S3 cloud servers. The data included passwords and decryption keys. What did you need to dig into this treasure trove? The servers’ web addresses.
That’s all. No user ID, no password, no nothing.
Adding insult to injury, according to Chris Vickery, director of cyber-risk research at security firm UpGuard, Accenture’s revealed data included its AWS Key Management System (KMS) master keys. With those, an attacker could have also taken control of all the company’s encrypted AWS data.
To read this article in full or to leave a comment, please click here
Look ahead to Europe's rollout of the the General Data Protection Regulation in May 2018, and its expected impact on data handling, with expert insights from Gary Southwell, vice president and general manager, products division, at CSPI.
Credit to Author: Lucas Mearian| Date: Sun, 15 Oct 2017 21:07:00 -0700
IBM has partnered with a Polynesian payments system provider and an open-source FinTech payment network to implement a new international exchange based on a blockchain electronic ledger.
The new payment network uses IBM’s Blockchain Platform, a cloud service, to enable the electronic exchange of 12 different currencies across Pacific Islands as well as Australia, New Zealand and the United Kingdom.
KlickEx Group, a United Nations-funded, Pacific-region financial services company, and Stellar.org, a nonprofit organization that supports an open-source blockchain network for financial services, are backing the new cross-border payments service.
To read this article in full or to leave a comment, please click here
Credit to Author: Lily Hay Newman| Date: Sun, 15 Oct 2017 11:00:00 +0000
By decertifying the nuclear deal with Iran, President Trump could risk provoking hacks from a country that hasn’t focused on US cyberattacks in years.
Read More
Credit to Author: Gregg Keizer| Date: Sat, 14 Oct 2017 12:58:00 -0700
Microsoft’s Edge browser, the default in Windows 10, blocked a higher percentage of phishing and socially-engineered malware (SEM) attacks than Google’s Chrome and Mozilla’s Firefox, a Texas security testing firm said Friday.
According to NSS Labs of Austin, Tex., Edge automatically blocked 92% of all in-browser credential phishing attempts and stymied 100% of all SEM attacks. The latter encompassed a wide range of attacks, but their common characteristic was that they tried to trick users into downloading malicious code. The tactics that SEM attackers deploy include links from social media, such as Facebook and Twitter, and bogus in-browser notifications of computer infections or other problems.
To read this article in full or to leave a comment, please click here