RSS Reader for Computer Security Articles
New research codifies a framework for the type of tools survivors need to protect their digital security and privacy from an abusive intimate partner. The post Tech Can Do More to Help Survivors of Abuse. Here’s Where to Start appeared first on WIRED.
Read More
While President Donald Trump decided not to sign an executive order on cybersecurity (pdf), which would have required a review of the nation’s cyber vulnerabilities to be done in a mere 60 days, he told reporters, “I will hold my cabinet secretaries and agency heads accountable, totally accountable for the cybersecurity of their organization.”
8 months later, vulnerable Pentagon servers still not patched
To read this article in full or to leave a comment, please click here
Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.
Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.
A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.
In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications — for example, arbitrary code execution.
To read this article in full or to leave a comment, please click here
Spora is a recent addition to the ransomware family that Quick Heal Lab has come across. It is a file encryptor ransomware that encrypts a user’s files with strong encryption algorithm and demands a ransom. Spora is launched with a good infection routine, the capability to work offline, well-designed and…
The post Beware of Spora – a professionally designed ransomware appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.
Read More
A new generation of ransomware is wreaking havoc, whether you’re directly infected or not. The post Ransomware Turns to Big Targets—With Even Bigger Fallout appeared first on WIRED.
Read MoreHow to avoid marketing tricks and make an informed choice when purchasing an antivirus solution.
Read More
Have you ever ignored a security alert on your PC? You’re not the only one.
The warnings are designed to save us from malware infections and hacking risks, but often we’ll neglect them. It could be because we’re too busy or we’ve seen them too many times, and we’ve become conditioned to dismiss them — even the most serious ones, according to Anthony Vance, a professor at Brigham Young University.
Vance has been studying the problem and he’s found that introducing certain small but noticeable changes can make the alerts more useful — and harder to ignore.
“Our security UI (user interface) needs to be designed to be compatible with the way our brains work,” he said at the USENIX Enigma 2017 conference on Tuesday. “Not against it.”
To read this article in full or to leave a comment, please click here
U.S. President Donald Trump called on government agencies to better protect their networks, but he delayed signing an executive order to kick-start a government-wide review of cybersecurity policy.
A draft copy of the order, leaked earlier, would give the Department of Defense and the Department of Homeland Security 60 days to submit a list of recommendations to protect U.S. government and private networks.
Trump had been scheduled to sign the executive order Tuesday but canceled shortly before it was due to happen.
To read this article in full or to leave a comment, please click here