Monday, May 11, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Security

ComputerWorldIndependent
admin

Why email is safer in Office 365 than on your Exchange server

Credit to Author: Mary Branscombe| Date: Thu, 09 Mar 2017 04:11:00 -0800

Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read More
ComputerWorldIndependent
admin

WikiLeaks looks at helping tech vendors disarm CIA hacking tools

Credit to Author: Michael Kan| Date: Thu, 09 Mar 2017 03:57:00 -0800

WikiLeaks has attracted plenty of haters over its controversial disclosures. But the site may be in a unique position to help tech vendors better secure their products.

That’s because WikiLeaks has published secret hacking tools allegedly taken from the CIA, which appear to target smartphones, smart TVs and PCs.

Companies including Apple and Cisco have been looking through the stolen documents to address any vulnerabilities the CIA may have exploited. However, WikiLeaks might be able to speed up and expand the whole process.

To read this article in full or to leave a comment, please click here

Read More
SecurityTrendMicro
admin

The Culture of Cybercrime in West Africa

Credit to Author: Ed Cabrera (Chief Cybersecurity Officer)| Date: Thu, 09 Mar 2017 11:00:52 +0000

As part of our ongoing research into the cybercriminal underground markets of the world, Trend Micro researchers today released a report detailing Cybercrime in West Africa. This report leverages our ongoing partnership with INTERPOL to provide survey data and a deeper understanding of the regions cybercriminal ecosystem. While tactics play a role in the success…

Read More
ComputerWorldIndependent
admin

Security holes in Confide messaging app exposed user details

Credit to Author: Michael Kan| Date: Wed, 08 Mar 2017 12:51:00 -0800

Confide, a messaging app reportedly used by U.S. White House staff, apparently had several security holes that made it easier to hack.

Security consultancy IOActive found the vulnerabilities in Confide, which promotes itself as an app that offers “military-grade” end-to-end encryption.

But despite its marketing, the app contained glaring problems with securing user account information, IOActive said in a Wednesday post.

The consultancy noticed it could access records for 7,000 Confide users by exploiting vulnerabilities in the app’s account management system. Part of the problem resided with Confide’s API, which could be used to reveal data on user’s phone numbers and email addresses.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Leaked docs suggest NSA and CIA behind Equation cyberespionage group

Credit to Author: Lucian Constantin| Date: Wed, 08 Mar 2017 12:40:00 -0800

Purported CIA documents leaked Tuesday appear to confirm that the U.S. National Security Agency and one of the CIA’s own divisions were responsible for the malware tools and operations attributed to a group that security researchers have dubbed the Equation.

The Equation’s cyberespionage activities were documented in February 2015 by researchers from antivirus vendor Kaspersky Lab. It is widely considered to be the most advanced cyberespionage group in the world, based on the sophistication of its tools and the length of its operations, some possibly dating as far back as 1996.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

CIA hacking tools targeting Windows

Credit to Author: Darlene Storm| Date: Wed, 08 Mar 2017 08:22:00 -0800

By releasing information about CIA hacking tools, WikiLeaks has given a new meaning to March Madness.

The CIA’s project Fine Dining is intriguing, since it outlines DLL hijacks for Sandisk Secure, Skype, Notepad++, Sophos, Kaspersky, McAfee, Chrome, Opera, Thunderbird, LibreOffice, and some games such as 2048, which the CIA writer “got a good lol out of.” Yet I was curious about what the CIA does to targeted machines running Windows since so many people use the OS.

Nearly everything dealing with the CIA hacking arsenal and Windows is labeled as “secret.” Nicholas Weaver, a computer scientist at the University of California at Berkeley, told NPR that the Vault 7 release is not all that big of a deal, not too surprising the agency hacks. Yet if “Year Zero” was obtained by a non-government hacker compromising the CIA’s system, then that would be a big deal.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

IDG Contributor Network: Why the Samsung TV spying hack is way overblown

Credit to Author: John Brandon| Date: Wed, 08 Mar 2017 07:25:00 -0800

Major media has some egg on their face over this one.

Drawn to the attention-grabbing idea of your Samsung TV being compromised by the CIA, and knowing a lot of people have a Samsung TV, the headlines went something like this.

WikiLeaks says CIA hacked Samsung smart TVs

Why your smart TV is the perfect way to spy on you

None of these reports bothered to explain any of the details.

As noted in Wired and in this Forbes report, the CIA cannot spy on you over wireless. To update a Samsung TV, they’d need to use a USB key to install a firmware update. Also, the televisions are older models from 2013. To record any conversations or video, the CIA would then have to copy files back onto the USB drive.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

If the CIA can sidestep encryption, what makes you think cyberthieves can’t?

Credit to Author: Evan Schuman| Date: Wed, 08 Mar 2017 06:48:00 -0800

Having just spent much of the day browsing through Wikileaks’ latest batch of documents from the intelligence community — in which government agents discussed ways to circumvent mobile encryption and to listen in on conversations near smart devices including smart TVs — it’s clear that government agents have long had the ability to grab mobile content before it’s encrypted.

Some of the tactics have names that are quite explicit about their function, such as a TV mode called “TV Fake-Off.” These docs provide a fascinating look into the government teams that are emulating cyberthieves, trying to improve on their techniques rather than thwart them.

To read this article in full or to leave a comment, please click here

Read More