RSS Reader for Computer Security Articles
Credit to Author: Andy Greenberg| Date: Thu, 25 May 2017 15:51:43 +0000
A group of security researchers present the most systematic analysis yet showing Russian hackers mix fakes in with their hacked revelations. The post Russian Hackers Are Using ‘Tainted’ Leaks to Sow Disinformation appeared first on WIRED.
Read More
Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 12:52:00 -0700
One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.
To read this article in full or to leave a comment, please click here
Credit to Author: Mathias Thurman| Date: Thu, 25 May 2017 10:05:00 -0700
A couple of weeks ago, possibly every security manager in the world was dealing with the repercussions of WannaCry, a ransomware worm that screamed across the internet and flooded the media. IT and security departments, placed on high alert, had to scramble — whether or not any of their systems had been infected. I was no exception.
Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 05:47:00 -0700
Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.
First, if you haven’t done this already, install the password quality checking library with this command:
apt-get -y install libpam-pwquality
The files that contain most of the settings we’re going to look at will be:
To read this article in full or to leave a comment, please click here
Credit to Author: Trend Micro| Date: Thu, 25 May 2017 13:48:37 +0000
For all the panic it caused, WannaCry looks finally to have been contained by organisations round the globe. But this isn’t the time to forget about it and move on. There are valuable lessons to be learned about this attack, why it was so successful and what can be done to prevent it happening again….
Credit to Author: Darlene Storm| Date: Wed, 24 May 2017 08:26:00 -0700
Well, well, well, the NSA may not waltz away legally unscathed after spying on Americans’ private communications due to the dogged determination of the Wikimedia Foundation, the ACLU, the Knight First Amendment Institute at Columbia University and eight other co-plaintiffs.
The 4th US Circuit Court of Appeals ruled to give Wikimedia a chance to legally challenge the NSA’s mass surveillance as being unconstitutional. The government has previously argued that the NSA’s Upstream warrantless spying is authorized under Section 702 of the Foreign Intelligence Surveillance Act. Thanks to Upstream surveillance, the NSA sucks up and searches through American’s international internet communications.
To read this article in full or to leave a comment, please click here
Credit to Author: Jon Clay| Date: Wed, 24 May 2017 13:22:58 +0000
Ransomware has gained global attention over the course of the last two weeks due to the huge spread of WannaCry. Following the initial attacks, we’ve seen UIWIX, Adylkuzz and now EternalRocks come onto the scene leveraging the same core set of vulnerabilities. The common thread between the three threats is MS17-010 along with other tools…
Credit to Author: Lily Hay Newman| Date: Wed, 24 May 2017 04:00:08 +0000
Cybersecurity company Cybereason has shared new details about how one of the world’s most mysterious hacking groups operates. The post An Up-Close View of the Notorious APT32 Hacking Group in Action appeared first on WIRED.
Read More