Monday, November 25, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorld Independent 

For December, an exceptionally light Patch Tuesday

admin , , ,

Over the past year, we’ve seen Microsoft make radical improvements in its browser stability and significant positive changes to its Windows update communication and telemetry strategies.  And this month’s Patch Tuesday release brings with it an incredibly light set of updates — maybe the fewest number of updates I have ever seen.

There are no zero-days, which is a great finish to 2023, though Windows gets three critical updates and Visual Studio will require immediate attention due to several re-releases of past critical application patches.

The team at Readiness has created a helpful infographic to outline the risks associated with each update in this last release of 2023. One note of caution: we have seen several potential updates to older patches (October/November) potentially coming down the release pipeline from Microsoft. It might be worth checking in during the upcoming holiday break to see whether there are any out-of-band patches for the Windows ecosystem.

To read this article in full, please click here

Read more
Independent Krebs 

Ten Years Later, New Clues in the Target Breach

admin , , , , , , , , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 14 Dec 2023 17:51:39 +0000

On Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string “Rescator,” which also was the handle chosen by the cybercriminal who was selling all of the cards stolen from Target customers. Ten years later, KrebsOnSecurity has uncovered new clues about the real-life identity of Rescator.

Read more
ComputerWorld Independent 

Internet traffic soars in 2023, with generative AI a standout trend: Report

admin , ,

This year saw a 25% rise in global internet traffic, reflecting an increasing reliance on online services, according to a new report by cloud performance and security company Cloudflare.

In its annual Year in Review reports, Cloudflare offers an overview of online trends and security issues. This year, Cloudflare said, Google retained its position as the most popular internet site,  followed by Facebook, Apple, and TikTok. Facebook surpassed 2022’s leader, TikTok, in social media, with Instagram and Twitter/X also ranking highly.

The emerging category of generative AI services saw OpenAI in the lead, followed by Character AI, Quillbot, and Hugging Face.

To read this article in full, please click here

Read more
ComputerWorld Independent 

What is Stolen Device Protection for iPhone and how does it work?

admin , , , ,

Take that, iPhone thieves — Apple is about to make it even more difficult to use its smartphones when you have no right to do so. In the upcoming iOS 17.3, it is testing out a new security system called “Stolen Device Protection.”

Here’s a look at what this is, and what it does.

Stolen Device Protection explained

Apple’s beta notes explain: “Stolen Device Protection adds an additional layer of security in the unlikely case that someone has stolen your iPhone and also obtained your passcode.”

The company explains the features this way:

  • Accessing your saved passwords requires Face/Touch ID to be sure it’s you.
  • Changing sensitive settings like your Apple ID password is protected by a security delay.
  • No delay is required when iPhone is at familiar locations such as home and work.

The idea is that Stolen Device Protection introduces another obstacle that makes it difficult for thieves to gain access to your data, erase it, or delete the device to factory fresh status for resale.

To read this article in full, please click here

Read more
Independent Krebs 

Microsoft Patch Tuesday, December 2023 Edition

admin , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 12 Dec 2023 22:21:00 +0000

The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known “zero-day” threats targeting any of the vulnerabilities in December’s patch batch. Still, four of the updates pushed out today address “critical” vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users.

Read more
ComputerWorld Independent 

Attacks against personal data are up 300%, Apple warns

admin , , , ,

Read more
Independent Krebs 

ICANN Launches Service to Help With WHOIS Lookups

admin , , , , , ,

Credit to Author: BrianKrebs| Date: Wed, 06 Dec 2023 15:51:58 +0000

More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry has introduced a centralized online service designed to make it easier for researchers, law enforcement and others to request the information directly from registrars.

Read more