RSS Reader for Computer Security Articles
In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Jeff Fagnan from Accomplice, a venture capital and private equity firm in Cambridge, Mass. The two discuss the current state of VC funding in security companies and where the money is going (and not going), and why CSOs should "follow the money."
Credit to Author: Michael Kan| Date: Tue, 21 Mar 2017 11:20:00 -0700
The U.K. is joining the U.S. in its ban restricting passengers from bringing some electronic devices onto flights from the Middle East.
Phones, laptops, and tablets that are larger than 16 cm (6.3 inches) in length and wider than 9.3 cm will no longer be allowed in the cabin on select flights coming from several Middle Eastern countries, the U.K.’s department of transportation said on Tuesday.
The U.K. said it was in “close contact” with the U.S. since the country announced its own ban on Monday. However, the U.K. made no mention of any specific risk, only that it faces “evolving” terrorism threats.
To read this article in full or to leave a comment, please click here
Credit to Author: Lucian Constantin| Date: Tue, 21 Mar 2017 10:48:00 -0700
Organizations that use the popular Moodle learning management system should deploy the latest patches as soon as possible because they fix vulnerabilities that could allow attackers to take over web servers.
Moodle is an open source platform used by schools, universities, and other organizations to set up websites with interactive online courses. It’s used by more than 78,000 e-learning websites from 234 countries that together have more than 100 million users.
A week ago the Moodle developers released updates for the still supported branches of the platform: 3.2.2, 3.1.5, 3.0.9 and 2.7.19. The release notes mentioned that “a number of security related issues were resolved,” but didn’t provide any additional details about their nature or impact.
To read this article in full or to leave a comment, please click here
Credit to Author: Michael Cooney| Date: Tue, 21 Mar 2017 08:50:00 -0700
A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.
+More on Cisco Security on Network World: Cisco security advisory dump finds 20 warnings, 2 critical+
The vulnerability — which could let an attacker cause a reload of an affected device or remotely execute code and take over a device — affects more than 300 models of Cisco Catalyst switches from the model 2350-48TD-S Switch to the Cisco SM-X Layer 2/3 EtherSwitch Service Module.
To read this article in full or to leave a comment, please click here
Credit to Author: Lily Hay Newman| Date: Tue, 21 Mar 2017 11:00:35 +0000
Google and Jigsaw are helping protect elections from DDoS attacks and more. The post A Cybersecurity Arsenal That’ll Help ‘Protect Your Election’ appeared first on WIRED.
Read More
Credit to Author: John Ribeiro| Date: Tue, 21 Mar 2017 05:02:00 -0700
The U.S. Department of Homeland Security has ordered that passengers on flights departing for the U.S from 10 airports in the Middle East and Africa will have to carry personal electronics larger than a smartphone as checked baggage, citing increased terror threats.
Giving the approximate size of a commonly available smartphone as a guideline for passengers, the DHS said that laptops, tablets, e-readers, cameras, portable DVD players, electronic game units larger than smartphones, and travel printers or scanners were the kind of personal electronics that would not be allowed in the cabin and would have to be carried as checked baggage.
Approved medical devices may be brought into the cabin after additional screening. The size of smartphones is well understood by most passengers who fly internationally, according to the DHS, which in any case asked passengers to check with their airline if they are unsure whether their smartphone is impacted.
To read this article in full or to leave a comment, please click here
Credit to Author: Garrett M. Graff| Date: Tue, 21 Mar 2017 10:00:31 +0000
A mysterious cybercriminal deployed an invincible botnet to steal a fortune from US banks. Then the FBI discovered what else he was after. The post Inside the Hunt for Russia’s Most Notorious Hacker appeared first on WIRED.
Read More
Credit to Author: Gregg Keizer| Date: Mon, 20 Mar 2017 17:26:00 -0700
Mozilla last week patched a Firefox vulnerability just a day after it was revealed during Pwn2Own, the first vendor to fix a flaw disclosed at the hacking contest.
“Congrats to #Mozilla for being the first vendor to patch vuln[erability] disclosed during #Pwn2Own,” tweeted the Zero Day Initiative (ZDI) Monday. ZDI, the bug brokerage run by Trend Micro, sponsored Pwn2Own.
Mozilla released Firefox 52.0.1 on Friday, March 17, with a patch for the integer overflow bug that Chaitin Security Research Lab leveraged in an exploit at Pwn2Own on Thursday, March 16. The Beijing-based group was awarded $30,000 by ZDI for the exploit, which combined the Firefox bug with one in the Windows kernel.
To read this article in full or to leave a comment, please click here