Saturday, May 9, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security

ComputerWorldIndependent
admin

Patch to fix Intel-based PCs with enterprise bug rolls out this week

Credit to Author: Michael Kan| Date: Mon, 08 May 2017 04:31:00 -0700

PC vendors this week will start rolling out patches that fix a severe vulnerability found in certain Intel-based business systems, including laptops, making them easier to hack.   

Intel on Friday released a new notice urging clients to take steps to secure their systems.

The chipmaker has also released a downloadable tool that can help IT administrators and users discover whether a machine they own has the vulnerability.

In addition, vendors including Fujitsu, HP and Lenovo have released lists showing which products are affected and when the patches will roll out. 

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Email, email, in the cloud

Credit to Author: Mathias Thurman| Date: Mon, 08 May 2017 03:45:00 -0700

As my company continues to move enterprise applications to the cloud, the latest development presents a security opportunity. We are giving up our on-premises Microsoft Exchange email in favor of the Microsoft Office 365 service. With the transition, we might be able to curtail the common employee practice of communicating and storing sensitive business-related data in email.

I am encouraging the IT organization to tighten security by implementing controls that were either not available in our on-premises deployment or never implemented. The first order of business is a cleanup of accounts and distribution lists. We have hundreds of email-enabled distribution lists, and too many of them are available to the world. We should be able to cut down the number of lists and set rules about who can use them.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Cyberspies tap free tools to build powerful malware framework

Credit to Author: Lucian Constantin| Date: Fri, 05 May 2017 07:54:00 -0700

Over the past year, a group of attackers has managed to infect hundreds of computers belonging to government agencies with a malware framework stitched together from JavaScript code and publicly available tools.

The attack, analyzed by researchers from antivirus firm Bitdefender, shows that cyberespionage groups don’t necessarily need to invest a lot of money in developing unique and powerful malware programs to achieve their goals. In fact, the use of publicly available tools designed for system administration can increase an attack’s efficiency and makes it harder for security vendors to detect it and link it to a particular threat actor.

To read this article in full or to leave a comment, please click here

Read More
SecurityTrendMicro
admin

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 1, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 05 May 2017 12:00:04 +0000

As you read this blog, I am probably sitting on a beach in Cancun, Mexico getting a nice tan and not thinking about security (well, maybe just a little). A couple of days before I left, I had to deal with the inevitable. It never fails – every time I am about to go on…

Read More
ComputerWorldIndependent
admin

Google Docs phishing scam underscores OAuth security risks

Credit to Author: Michael Kan| Date: Thu, 04 May 2017 16:20:00 -0700

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.

One security researcher has already managed to replicate it, even as Google is trying to protect users from such attacks.

“It looks exactly like the original spoof,” said Matt Austin, director of security research at Contrast Security.

The phishing scheme — which may have circulated to 1 million Gmail users — is particularly effective because it fooled users with a dummy app that looked like Google Docs.

To read this article in full or to leave a comment, please click here

Read More