RSS Reader for Computer Security Articles
Credit to Author: Lily Hay Newman| Date: Sun, 19 Mar 2017 11:00:21 +0000
Phishing is a bigger threat than ever, here are some things you can do to defend yourself. The post Phishing Scams Even Fool Tech Nerds—Here’s How to Avoid Them appeared first on WIRED.
Read MoreCredit to Author: Dia Kayyali| Date: Sun, 19 Mar 2017 11:00:18 +0000
Opinion: Livestreaming can document human rights abuses, but it can carry security risks. The post Hey Activists: You Need to Think Twice Before Livestreaming Protests appeared first on WIRED.
Read More
Credit to Author: Lucian Constantin| Date: Fri, 17 Mar 2017 15:14:00 -0700
Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.
US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don’t mirror the security attributes of the original connections between clients and servers.
HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn’t contain threats or malware. It’s performed by intercepting a client’s connection to an HTTPS server, establishing the connection on the client’s behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.
To read this article in full or to leave a comment, please click here
Credit to Author: Emily Dreyfuss| Date: Sat, 18 Mar 2017 11:00:08 +0000
Just another week in crazy town. The post Security News This Week: A Funny Thing Happens When the US Accuses the UK of Spying appeared first on WIRED.
Read More
Credit to Author: Matt Hamblen| Date: Fri, 17 Mar 2017 13:33:00 -0700
Another sizeable payment card data breach has been discovered at a U.S. restaurant chain.
In the latest example, several high-end eateries run by Select Restaurants in Cleveland were the victims of fraudulent cards used by customers at its restaurants, according to a report posted Thursday on KrebsOnSecurity, a reliable site written by reporter Brian Krebs. Krebs said he learned about the case from anti-fraud teams at multiple financial institutions investigating “a great deal of fraud on cards used at a handful of high-end restaurants around the country.”
To read this article in full or to leave a comment, please click here
Credit to Author: Lucian Constantin| Date: Fri, 17 Mar 2017 11:56:00 -0700
Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.
An investigation started by security researchers from Morphisec into a recent email phishing attack against high-profile enterprises pointed to a group that uses techniques documented by several security companies in seemingly unconnected reports over the past two months.
“During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much-discussed attack campaigns,” Michael Gorelik, Morphisec’s vice president of research and development, said in a blog post. “Based on our findings, a single group of threat actors is responsible for many of the most sophisticated attacks on financial institutions, government organizations, and enterprises over the past few months.”
To read this article in full or to leave a comment, please click here
Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 17 Mar 2017 12:00:04 +0000
There was never any doubt what my topic would be for this week’s blog. March Madness, right? Normally I’d be talking about the NCAA Basketball tournament, but not this time. Our March Madness is called Pwn2Own. We celebrated the 10th anniversary of Pwn2Own in Vancouver this week with the biggest contest ever with 11 teams…
Credit to Author: Lily Hay Newman| Date: Fri, 17 Mar 2017 11:00:21 +0000
Social networks are publicly recognizing a responsibility to restrict third-party data surveillance, but it’s a challenging role. The post Facebook’s Big ‘First Step’ to Crack Down on Surveillance appeared first on WIRED.
Read More