Security – Page 728 – Computer Security Articles

Credit to Author: Michael Kan| Date: Thu, 02 Mar 2017 03:42:00 -0800

If your company has experienced a data breach, it’s probably a good idea to thoroughly investigate it promptly.

Unfortunately, Yahoo didn’t, according to a new internal investigation. The internet pioneer, which reported a massive data breach involving 500 million user accounts in September, knew an intrusion had occurred back in 2014, but allegedly botched its response.

The findings were made in a Yahoo securities exchange filing on Wednesday that offered more details about the 2014 breach, which the company has blamed on a state-sponsored hacker.

To read this article in full or to leave a comment, please click here

Security TrendMicro

March 1, 2017 admin

Don’t have a New Year’s Resolution? Invest in cyber security

Credit to Author: Trend Micro| Date: Wed, 01 Mar 2017 23:03:02 +0000

This year, keep your company protected from cyber criminals. Your company likely always sets goals, whether they’re weekly, monthly or yearly. If you haven’t established New Year’s resolutions for your business, there’s still plenty of time to do so.

ComputerWorld Independent

March 1, 2017 admin

Old Windows malware may have infected 132 Android apps

Credit to Author: Michael Kan| Date: Wed, 01 Mar 2017 13:59:00 -0800

More than 130 Android apps on the Google Play store have been found to contain malicious coding, possibly because the developers were using infected computers, according to security researchers.

The 132 apps were found generating hidden iframes, or an HTML document embedded inside a webpage, linking to two domains that have hosted malware, according to security firm Palo Alto Networks.

Google has already removed the apps from its Play store. But what’s interesting is the developers behind the apps probably aren’t to blame for including the malicious code, Palo Alto Networks said in a Wednesday blog post.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 1, 2017 admin

U.S. surveillance law may see no new protections for foreign targets

Credit to Author: Grant Gross| Date: Wed, 01 Mar 2017 12:05:00 -0800

Any reform of a controversial U.S. law allowing the National Security Agency to spy on people overseas will likely focus on its impact on U.S. residents, without curbing its use elsewhere.

Section 702 of the Foreign Intelligence Surveillance Act (FISA) expires on Dec. 31, and some digital rights groups are calling on Congress to overhaul the law to protect the privacy of residents of both the U.S. and other countries. Congress will almost certainly extend the provision in some form.

But a congressional hearing on Wednesday focused largely on the NSA’s “inadvertent” collection of U.S. residents’ data, with little time given to the privacy concerns of people overseas.

To read this article in full or to leave a comment, please click here

Security TrendMicro

March 1, 2017 admin

The rise of IoT zombies: What’s the danger of botnets?

Credit to Author: Trend Micro| Date: Wed, 01 Mar 2017 18:40:08 +0000

What happens when the internet-enabled objects that were supposed to make our lives easier and “smarter” instead are being turned against us?

ComputerWorld Independent

March 1, 2017 admin

Robots are just as plagued by security vulnerabilities as IoT devices

Credit to Author: Lucian Constantin| Date: Wed, 01 Mar 2017 08:29:00 -0800

An analysis of robots used in homes, businesses and industrial installations has revealed many of the same basic weaknesses that are common in IoT devices, raising questions about security implications for human safety.

The robotics industry has already seen significant growth in recent years and will only further accelerate. Robots are expected to serve in many roles, from assisting people in homes, stores and medical facilities, to manufacturing in factories and even handling security and law enforcement tasks.

“When you think of robots as computers with arms, legs or wheels, they become kinetic IoT devices that, if hacked, can pose new serious threats we have never encountered before,” researchers from cybersecurity consultancy firm IOActive said in a new report.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

March 1, 2017 admin

Dridex: First banking Trojan with AtomBombing to better evade detection

Credit to Author: Darlene Storm| Date: Wed, 01 Mar 2017 07:38:00 -0800

The Dridex Trojan, one of the most destructive banking Trojans, has been upgraded with a new injection method so the malware is even better at evading detection.

The newest version of Dridex, v4, is now the first banking Trojan to take advantage of AtomBombing, according to report by IBM X-Force. Unlike some of the more common code injection techniques, AtomBombing is meant to evade security solutions. Once one organized cybercrime gang successfully pulls off a slick trick, other cyber thugs are expected to adopt the method.

“In this release,” the researchers wrote, “we noted that special attention was given to dodging antivirus (AV) products and hindering research by adopting a series of enhanced anti-research and anti-AV capabilities.”

To read this article in full or to leave a comment, please click here

Security Wired

March 1, 2017 admin

The Army Gets Back in the Ship-Killing Business

Credit to Author: Jeremy Hsu| Date: Wed, 01 Mar 2017 12:00:01 +0000

An Army missile converted into an anti-ship weapon could prove a powerful deterrent against China’s naval power. The post The Army Gets Back in the Ship-Killing Business appeared first on WIRED.