Security – Page 732 – Computer Security Articles

Credit to Author: Grant Gross| Date: Fri, 24 Feb 2017 10:43:00 -0800

The new chairman of the U.S. Federal Communications Commission will seek a stay on privacy rules for broadband providers that the agency just passed in October.

FCC Chairman Ajit Pai will ask for either a full commission vote on the stay before parts of the rules take effect next Thursday or he will instruct FCC staff to delay part of the rules pending a commission vote, a spokesman said Friday.

The rules, passed when the FCC had a Democratic majority, require broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details, with third parties. Without the stay, the opt-in requirements were scheduled to take effect next week.

To read this article in full or to leave a comment, please click here

Security Wired

February 24, 2017 admin

Massive Bug May Have Leaked User Data From Millions of Sites. So … Change Your Passwords

Credit to Author: Lily Hay Newman| Date: Fri, 24 Feb 2017 17:53:28 +0000

One of the biggest internet infrastructure companies leaked sensitive data for up to five months. The post Massive Bug May Have Leaked User Data From Millions of Sites. So … Change Your Passwords appeared first on WIRED.

Security Wired

February 24, 2017 admin

Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online

Credit to Author: Kevin Mitnick| Date: Fri, 24 Feb 2017 17:00:29 +0000

Want to become invisible online? Start with your emails. The post Famed Hacker Kevin Mitnick Shows You How to Go Invisible Online appeared first on WIRED.

Security TrendMicro

February 24, 2017 admin

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 20, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 24 Feb 2017 18:45:55 +0000

I’ve been fascinated with the rise and fall of exploit kits, especially the ones that are really popular that disappear seemingly overnight. Angler was one that at one point, contributed 59.5% in the total exploit kit activity for 2015. But now it’s presumed dead as of June 2016 after the arrest of a hacker gang….

ComputerWorld Independent

February 24, 2017 admin

Cloudflare bug exposed passwords, other sensitive website data

Credit to Author: Lucian Constantin| Date: Fri, 24 Feb 2017 08:47:00 -0800

For months, a bug in Cloudflare’s content optimization systems exposed sensitive information sent by users to websites that use the company’s content delivery network. The data included passwords, session cookies, authentication tokens and even private messages.

Cloudflare acts as a reverse proxy for millions of websites, including those of major internet services and Fortune 500 companies, for which it provides security and content optimization services behind the scenes. As part of that process, the company’s systems modify HTML pages as they pass through its servers in order to rewrite HTTP links to HTTPS, hide certain content from bots, obfuscate email addresses, enable Accelerated Mobile Pages (AMP) and more.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

February 23, 2017 admin

The SHA1 hash function is now completely unsafe

Credit to Author: Lucian Constantin| Date: Thu, 23 Feb 2017 14:35:00 -0800

Security researchers have achieved the first real-world collision attack against the SHA-1 hash function, producing two different PDF files with the same SHA-1 signature. This shows that the algorithm’s use for security-sensitive functions should be discontinued as soon as possible.

SHA-1 (Secure Hash Algorithm 1) dates back to 1995 and has been known to be vulnerable to theoretical attacks since 2005. The U.S. National Institute of Standards and Technology has banned the use of SHA-1 by U.S. federal agencies since 2010, and digital certificate authorities have not been allowed to issue SHA-1-signed certificates since Jan. 1, 2016, although some exemptions have been made.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

February 23, 2017 admin

Ransomware 'customer support' chat reveals criminals' ruthlessness

Credit to Author: Gregg Keizer| Date: Thu, 23 Feb 2017 14:14:00 -0800

Ransomware criminals chatting up victims, offering to delay deadlines, showing how to obtain Bitcoin, dispensing the kind of customer support that consumers lust for from their cable and mobile plan providers, PC and software makers?

What’s not to love?

Finnish security vendor F-Secure yesterday released 34 pages of transcripts from the group chat used by the crafters of the Spora ransomware family. The back-and-forth not only put a spotlight on the gang’s customer support chops, but, said a company security advisor, illustrated the intertwining of Bitcoin and extortion malware.

To read this article in full or to leave a comment, please click here

Security TrendMicro

February 23, 2017 admin

Fake apps, fake games: An update on gaming malware

Credit to Author: Trend Micro| Date: Thu, 23 Feb 2017 21:27:32 +0000

Mobile gaming malware is a huge concern – and thus it’s important to take note of how these kinds of malicious programs can be guarded against.