Thursday, November 28, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

Independent Krebs 

New Ransom Payment Schemes Target Executives, Telemedicine

admin , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 08 Dec 2022 18:25:04 +0000

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.

Read more
ComputerWorld Independent 

Apple finally adds encryption to iCloud backups

admin , , , , ,

Apple today introduced several new security features focused on fending off threats to user data in the cloud, including end-to-end encryption for backups for iCloud users.

Along with end-to-end encryption for iCloud, Apple’s cloud storage and computing platform, the company announced iMessage Contact Key Verification, allowing users to verify they are communicating only with whom they intend.

apple advanced security advanced data protection inline.jpg.large Apple

Apple also announced hardware Security Keys for Apple ID, giving users the choice to require two-factor authentication to sign into their Apple ID account. (Hardware security keys use devices, such as USB thumb drives or near-field communication (NFC) dongles, to enable access to a service or application.)

To read this article in full, please click here

Read more
ComputerWorld Independent 

A compliance fight in Germany could hurt Microsoft customers

admin , ,

Credit to Author: eschuman@thecontentfirm.com| Date: Wed, 07 Dec 2022 04:32:00 -0800

If there are two things that should never mix, it’s cybersecurity/privacy compliance and corporate politics. And yet, that’s at the heart of a compliance fight between Microsoft and German authorities that might wind up punishing the company’s customers. 

The German Datenschutzkonferenz — the regulatory body entrusted to handle Germany’s flavor of the European Union’s General Data Protection Regulation (GDPR) — has publicly declared that “no data protection-compliant use of Microsoft Office 365 was possible.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

What you need to know about the UK’s Online Safety Bill

admin , , ,

Three years and four prime ministers after the UK government first published its Online Harms white paper—the basis for the current Online Safety Bill—the Conservative Party’s ambitious attempt at internet regulation has found its way back to Parliament after multiple amendments.

If the bill becomes law, it will apply to any service or site that has users in the UK, or targets the UK as a market, even if it is not based in the country. Failure to comply with the proposed rules will place organizations at risk of fines of up to 10% of global annual turnover or £18 million (US$22 million), whichever is higher.

A somewhat bloated and confused version of its former self, the bill, which was dropped from the legislative agenda when Boris Johnson was ousted in July, has now passed its final report stage, meaning the House of Commons now has one last chance to debate its contents and vote on whether to approve it.

To read this article in full, please click here

Read more
ComputerWorld Independent 

UK set to mandate right to request flexible work from first day on the job

admin , ,

The UK government is backing proposed legislation that would give workers the right to request flexible working arrangements from day one of their employment.

In the aftermath of the COVID-19 pandemic, which saw millions of workers start working from home as lockdown orders were enforced, most employees continued to have flexibility over how and when they work, with many organizations now practicing a hybrid work model.

To read this article in full, please click here

Read more
Independent Krebs 

Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google

admin , , , , , , , ,

Credit to Author: BrianKrebs| Date: Mon, 05 Dec 2022 19:44:50 +0000

In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for tortious interference in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees.

Read more
ComputerWorld Independent 

Biometrics are even less accurate than we thought

admin , , , ,

Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 05 Dec 2022 09:43:00 -0800

Biometrics is supposed to be one of the underpinnings of a modern authentication system. But many biometric implementations (whether that be fingerprint scanes or face recognition) can be wildly inaccurate, and the only universally positive thing to say about them is they’re better than nothing.

Also — and this may prove critical — the fact that biometrics are falsely seen as being very accurate may be sufficient to dissuade some fraud attempts. 

There are a variety of practical reasons biometrics don’t work well in the real world, and a recent post by a cybersecurity specialist at KnowBe4, a security awareness training vendor, adds a new layer of complexity to the biometrics issue.

To read this article in full, please click here

Read more