Other – Page 5 – Computer Security Articles

Dell Lost Control of Key Customer Support Domain for a Month in 2017

October 24, 2017 admin Abuse.ch, Carbon Black, Celedonio Albarran, Chris Baker, Dell, Dell Backup and Recovery Application, dell service tag scams, Dellbackupandrecoverycloudstorage.com, digital river, Dmitrii Vassilev, Dyn, Ellen Murphy, Equifax, Equity Residential, Fireclick, Other, parkingcrew, Rapid7, SoftThinks.com, Team Internet, Trans Union

Credit to Author: BrianKrebs| Date: Wed, 25 Oct 2017 03:22:34 +0000

A Web site set up by PC maker Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, KrebsOnSecurity has learned. There is a program installed on virtually all Dell computers called “Dell Backup and Recovery Application.” It’s designed to help customers restore their data and computers to their pristine, factory default state should a problem occur with the device. That backup and recovery program periodically checks a rather catchy domain name — DellBackupandRecoveryCloudStorage.com — which until recently was central to PC maker Dell’s customer data backup, recovery and cloud storage solutions. Sometime this summer, DellBackupandRecoveryCloudStorage.com was suddenly snatched away from a longtime Dell contractor for a month and exposed to some questionable content. More worryingly, there are signs the domain may have been pushing malware before Dell’s contractor regained control over it.

Independent Krebs

Reaper: Calm Before the IoT Security Storm?

October 23, 2017 admin Akamai, AVTECH, Checkpoint, D-Link, Depth Security, Doug Madory, Dyn, Foscam, GoAhead, google, IoTroop, Jake Reynolds, Linksys, Mirai, Netgear, Netlab 360, Other, OVH attack, Project Shield, Qbot, Reaper, vDos

Credit to Author: BrianKrebs| Date: Mon, 23 Oct 2017 19:42:42 +0000

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks. Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already. Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks.

Independent Krebs

What You Should Know About the ‘KRACK’ WiFi Security Weakness

October 16, 2017 admin CERT, HTTPS Everywhere, Key Reinstallation AttaCK, KRACK attack, MAC address filtering, Other, Wi-Fi Alliance, Wi-Fi Protected Access II, WPA vulnerability, WPA2 attack, WPA2 flaw

Credit to Author: BrianKrebs| Date: Mon, 16 Oct 2017 20:43:47 +0000

Researchers this week published information about a newfound, serious weakness in WPA2 — the security standard that protects all modern Wi-Fi networks. What follows is a short rundown on what exactly is at stake here, who’s most at-risk from this vulnerability, and what organizations and individuals can do about it.

Independent Krebs

Krebs Given ISSA’s ‘President’s Award’

October 16, 2017 admin 2017 President's Award for Public Service, black hat, def con, Eric Chien, Howard Schmidt, Information Systems Security Association, issa, Jeff Moss, Liam O'Murchu, Nicolas Falliere, Other, Richard A. Clarke, Symantec

Credit to Author: BrianKrebs| Date: Mon, 16 Oct 2017 12:35:57 +0000

KrebsOnSecurity was honored this month with the 2017 President’s Award for Public Service from the Information Systems Security Association, a nonprofit organization for cybersecurity professionals. The award recognizes an individual’s contribution to the information security profession in the area of public service.

Independent Krebs

Equifax Credit Assistance Site Served Spyware

October 16, 2017 admin Ars Technica, Dan Goodin, Equifax adware, Equifax breach, Flash Player, Other, Randy Abrams

Credit to Author: BrianKrebs| Date: Thu, 12 Oct 2017 21:03:46 +0000

Big-three consumer credit bureau Equifax says it has removed third-party code from its credit report assistance Web site that prompted visitors to download malicious software disguised as an update for Adobe’s Flash Player software.

Independent Krebs

Hyatt Hotels Suffers 2nd Card Breach in 2 Years

October 16, 2017 admin Carbanak, Hyatt Hotels breach, Other, Trustwave Spiderlabs

Credit to Author: BrianKrebs| Date: Thu, 12 Oct 2017 17:44:30 +0000

Hyatt Corp. is alerting customers about another credit card breach at some hotels, the second major incident with the hospitality chain in as many years.

Independent Krebs

Microsoft’s October Patch Batch Fixes 62 Flaws

October 16, 2017 admin adobe, Bishop Fox, Checkpoint, Flash Player, October 2017 patch tuesday, office, Other, reader, sans internet storm center, SEC Consult, windows, Windows 8, Windows Server 2012, Windows subsystem for Linux

Credit to Author: BrianKrebs| Date: Wed, 11 Oct 2017 14:18:40 +0000

Microsoft on Tuesday released software updates to fix at least 62 security vulnerabilities in Windows, Office and other software. Two of those flaws were detailed publicly before yesterday’s patches were released, and one of them is already being exploited in active attacks, so attackers already have a head start.

Independent Krebs

Equifax Hackers Stole Info on 693,665 UK Residents

October 10, 2017 admin Equifax breach, equifax UK breach, Other

Credit to Author: BrianKrebs| Date: Tue, 10 Oct 2017 22:00:01 +0000

Equifax Inc. said today an investigation into information stolen in the epic data breach the company disclosed on Sept. 7 revealed that intruders took a file containing 15.2 million UK records. The company says it is now working to inform nearly 700,000 U.K. consumers whose data was stolen in the attack.