Other – Page 4 – Computer Security Articles

Adobe, Microsoft Patch Critical Cracks

November 14, 2017 admin adobe, chrome, CVE-2017-13080, Edge, Flash Player, Gill Langston, Internet Explorer, Ivanti, KRACK, microsoft, Microsoft Patch Tuesday November 2017, Other, Qualys, windows

Credit to Author: BrianKrebs| Date: Tue, 14 Nov 2017 23:12:32 +0000

It’s Nov. 14 — the second Tuesday of the month (a.k.a. “Patch Tuesday) — and Adobe and Microsoft have issued gobs of security updates for their software. Microsoft’s 11 patch bundles fix more than four-dozen security holes in various Windows versions and Office products — including at least four serious flaws that were publicly disclosed prior to today. Meanwhile, Adobe’s got security updates available for a slew of titles, including Flash Player, Photoshop, Reader and Shockwave.

Independent Krebs

How to Opt Out of Equifax Revealing Your Salary History

November 13, 2017 admin Amazon, AT&T, Equifax, Equifax breach, Facebook, Fast Company, Joel Winston, Marisa Salcines, microsoft, Oracle, Other, TALX, The Work Number, Twitter, Wal-Mart

Credit to Author: BrianKrebs| Date: Mon, 13 Nov 2017 16:55:19 +0000

A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax division has been one of the company’s best investments. In this post, I’ll show you how to opt out of yet another Equifax service that makes money at the expense of your privacy.

Independent Krebs

Hack of Attack-for-Hire Service vDOS Snares New Mexico Man

November 10, 2017 admin Anonymous, FBI, John Kelsey Gammell, Other, vDos

Credit to Author: BrianKrebs| Date: Fri, 10 Nov 2017 17:00:12 +0000

A New Mexico man is facing federal hacking charges for allegedly using the now defunct attack-for-hire service vDOS to launch damaging digital assaults aimed at knocking his former employer’s Web site offline. Prosecutors were able to bring the case in part because vDOS got massively hacked last year, and its customer database of payments and targets leaked to this author and to the FBI.

Independent Krebs

DDoS-for-Hire Service Launches Mobile App

November 9, 2017 admin 901-219-3644, Alex Czech, Alex Slovak, ddos, justin poland, Other, Ragebooter

Credit to Author: BrianKrebs| Date: Fri, 10 Nov 2017 01:55:52 +0000

In May 2013 KrebsOnSecurity wrote about Ragebooter, a service that paying customers can use to launch powerful distributed denial-of-service (DDoS) attacks capable of knocking individuals and Web sites offline. The owner of Ragebooter subsequently was convicted in 2016 of possessing child pornography, but his business somehow lived on while he was in prison. Now just weeks after Poland made probation, a mobile version of the attack-for-hire service has gone up for sale on the Google Play store.

Independent Krebs

Simple Banking Security Tip: Verbal Passwords

November 6, 2017 admin Aite Group, Andy Greenberg, avivah litan, gartner, Julie Conroy, KBA, Other, verbal password, voice biometrics, wired

Credit to Author: BrianKrebs| Date: Mon, 06 Nov 2017 16:53:03 +0000

There was a time when I was content to let my bank authenticate me over the phone by asking for some personal identifiers (SSN/DOB) that are broadly for sale in the cybercrime underground. At some point, however, I decided this wasn’t acceptable for institutions that held significant chunks of our money, and I began taking our business away from those that wouldn’t let me add a simple verbal passphrase that needed to be uttered before any account details could be discussed over the phone.

Independent Krebs

2nd Breach at Verticalscope Impacts Millions

November 3, 2017 admin alex holden, Hold Security, Holdsecurity.com, LeakedSource, LuiDB, Other, Toyotanation, verticalscope breach, Verticalscope.com breach, Web Shell

Credit to Author: BrianKrebs| Date: Fri, 03 Nov 2017 22:00:26 +0000

For the second time in as many years, hackers have compromised Verticalscope.com, a Canadian company that manages hundreds of popular Web discussion forums totaling more than 45 million user accounts. Evidence of the breach was discovered just before someone began using that illicit access as a commercial for a new paid search service that indexes consumer information exposed in corporate data breaches.

Independent Krebs

Equifax Reopens Salary Lookup Service

November 2, 2017 admin Equifax, Equifax breach, National Mortgage News, Other, Spokeo, TALX, The Work Number, Zillow

Credit to Author: BrianKrebs| Date: Thu, 02 Nov 2017 14:04:20 +0000

Equifax has re-opened a Web site that lets anyone look up the salary history of a large portion of the American workforce using little more than a person’s Social Security number and their date of birth. The big-three credit bureau took the site down just hours after I wrote about it on Oct. 8, and began restoring the site eight days later saying it had added unspecified “security enhancements.”

Independent Krebs

Fear the Reaper, or Reaper Madness?

October 27, 2017 admin Arbor Networks, ASERT, booter, Check Point, Maya Horowitz, Mirai, Netlab 360, Other, Reaper IoT malware, Reaper Madness, stresser

Credit to Author: BrianKrebs| Date: Fri, 27 Oct 2017 20:39:21 +0000

Last week we looked at reports from China and Israel about a new “Internet of Things” malware strain called “Reaper” that researchers said infected more than a million organizations by targeting newfound security weaknesses in countless Internet routers, security cameras and digital video recorders (DVRs). Now some botnet experts are calling on people to stop the “Reaper Madness,” saying the actual number of IoT devices infected with Reaper right now is much smaller. Arbor Networks said it believes the current actual size of the Reaper botnet fluctuates between 10,000 and 20,000 bots total. Arbor notes that this can change any time.