Sunday, May 10, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security

ComputerWorldIndependent
admin

How to protect yourself from ATM crime

Credit to Author: Mike Elgan| Date: Sat, 25 Mar 2017 04:00:00 -0700

The ATM card is dead. Or is it?

Starting Monday, all 13,000 Wells Fargo ATMs will enable you to withdraw money without using your card, according to Jonathan Velline, head of Wells Fargo ATM and branch strategy.

It works like this: Open the Wells Fargo app on your phone. Tap a button in the app for a temporary eight-digit code. Then enter the code, followed by your PIN, to access your account.

Wells Fargo is the first major U.S. bank to offer app-based access to all of its ATMs.

Citigroup, Chase and Bank of America and others are working on similar ATM functions, with only some machines already upgraded.

wellsfargo atm code Wells Fargo

Wells Fargo will enable ATM access without a card via a temporary eight-digit code accessible in its mobile app.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Apple: Macs and iPhones are safe from newly revealed CIA exploits

Credit to Author: Lucian Constantin| Date: Fri, 24 Mar 2017 12:11:00 -0700

The Mac and iPhone exploits described in new documents attributed to the CIA were patched years ago, according to Apple.

WikiLeaks released a new set of files Thursday that supposedly came from the CIA. They contain details about the agency’s alleged malware and attack capabilities against iPhones and Mac computers.

The documents, dated 2012 and earlier, describe several “implants” that the CIA can install in the low-level extensible firmware interface (EFI) of Mac laptop and desktop computers. These EFI rootkits allow the agency’s macOS spying malware to persist even after the OS is reinstalled.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Google Play faces cat-and-mouse game with Android malware

Credit to Author: Michael Kan| Date: Fri, 24 Mar 2017 11:16:00 -0700

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store — where software is vetted – is perhaps the best advice.  

But that doesn’t mean Google Play is perfect.

Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up with sneaky ways to infiltrate the platform, despite the vetting processes that protect it.

“Eventually, every wall can be breached,” said Daniel Padon, a researcher at mobile security provider Check Point.

To be sure, most Android users will probably never encounter malware on the Google Play store. Last year, the amount of malicious software that reached the platform amounted to only 0.16 percent of all apps, according to a new report from Google.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

To punish Symantec, Google may distrust a third of the web's SSL certificates

Credit to Author: Lucian Constantin| Date: Fri, 24 Mar 2017 10:32:00 -0700

Google is considering a harsh punishment for repeated incidents in which Symantec or its certificate resellers improperly issued SSL certificates. A proposed plan is to force the company to replace all of its customers’ certificates and to stop recognizing the extended validation (EV) status of those that have it.

According to a Netcraft survey from 2015, Symantec is responsible for about one in every three SSL certificates used on the web, making it the largest commercial certificate issuer in the world. As a result of acquisitions over the years the company now controls the root certificates of several formerly standalone certificate authorities including VeriSign, GeoTrust, Thawte and RapidSSL.

To read this article in full or to leave a comment, please click here

Read More
SecurityTrendMicro
admin

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 20, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 24 Mar 2017 13:33:43 +0000

The 10th anniversary of Pwn2Own is now in the books! It was a crazy week at the CanSecWest Conference, full of drama with the biggest contest ever with teams from Asia, Europe and North America! It was a tight race with only three points separating first and second place. In the end, we saw a…

Read More
ComputerWorldIndependent
admin

FBI director floats international framework on encrypted data access

Credit to Author: Michael Kan| Date: Thu, 23 Mar 2017 15:21:00 -0700

FBI director James Comey has suggested that an international agreement between governments could ease fears about IT products with government-mandated backdoors, but privacy advocates are doubtful.

Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

“I could imagine a community of nations committed to the rule of law developing a set of norms, a framework, for when government access is appropriate,” he said on Thursday.

Comey made his comments at the University of Texas at Austin, when trying to address a key concern facing U.S. tech firms in the encryption debate: the fear that providing government access to their products might dampen their business abroad.

To read this article in full or to leave a comment, please click here

Read More