Monday, November 25, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Cybercrime & Hacking

ComputerWorld Independent 

IDG Contributor Network: 7 tips to turn threat data into true threat intelligence

admin ,

Credit to Author: Robert C. Covington| Date: Thu, 16 Feb 2017 10:42:00 -0800

Threat intelligence has now been a favorite of the information security industry now for some time. It is a powerful concept — let someone else deal with an attack or exposure, and use their experience to prevent the same problem in your organization. Since there are free sources for a tremendous amount of such data, it seems like a great deal.

The great deal is not always as good as it seems, however. Threat intelligence information is quite often wrong or misleading. As I mentioned in “These are the threats that keep me awake at night,” a Vermont electric utility, responding to intelligence information in a U.S. government joint forces statement, called in the FBI to investigate what turned out to be an employee’s innocent attempt to read their email on Yahoo.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Sophos CEO sounds the alarm on enterprise ransomware attacks

admin , ,

Credit to Author: Martyn Williams| Date: Wed, 15 Feb 2017 12:32:00 -0800

Ransomware is increasingly becoming a problem for companies, and the CEO of a leading computer security firm says he fears 2017 could see entire companies shut down until they pay up, or risk losing all their data.

Ransomware works by infiltrating a computer with malware and then encrypting all the files on the disk. The user is presented with a limited time offer: Lose all your data or send money with the promise your data will be unlocked. The fee typically varies from tens of dollars to hundreds of dollars and often has to be transmitted in Bitcoin.

The problem began on a fairly small scale, targeting individual users, but has been growing. Last year, a hospital in Los Angeles admitted to paying $17,000 to get its system unlocked, and a report in October said ransomware cases were on course to quadruple in 2016 over the previous year.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Hacker breached 63 universities and government agencies

admin , ,

Credit to Author: Darlene Storm| Date: Wed, 15 Feb 2017 09:33:00 -0800

A “Russian-speaking and notorious financially-motivated” hacker known as Rasputin has been at it again, hacking into universities and government agencies this time, before attempting to sell the stolen data on the dark web.

According to the security company Recorded Future, which has been tracking the cybercriminal’s breaches, Rasputin’s most recent victims include 63 “prominent universities and federal, state, and local U.S. government agencies.” The security firm has been following Rasputin’s activity since late 2016 when the hacker reportedly breached the U.S. Electoral Assistance Commission and then sold EAC access credentials.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Researchers trick 'CEO' email scammer into giving up identity

admin ,

Credit to Author: Michael Kan| Date: Wed, 15 Feb 2017 08:13:00 -0800

Businesses targeted in email scams don’t always have to play the victim. They can actually fight back.

Researchers at Dell SecureWorks have documented how they identified a suspected email scammer from Nigeria by essentially playing along with the scheme to fool the attacker into revealing his true whereabouts.

Anyone can use these tips, said Joe Stewart, director of malware research at SecureWorks. “We’re letting [the scammers] give us all the information about themselves,” he said.

The email scheme involved a fraudster impersonating a CEO in what’s called a business email spoofing attack. The goal is often to trick a victim into wiring funds to the scammer’s bank account.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

IBM Watson: Regular A.I. by day, cybercrime fighter by night

admin , , ,

Credit to Author: Rebecca Linke| Date: Tue, 14 Feb 2017 04:11:00 -0800

IBM Watson is an artificial intelligence of many talents. 

It can win Jeopardy!, help find treatment for cancer patients — and now it can find cyberthreats. That’s right, Watson is becoming a cybersecurity expert. So how has IBM helped Watson change hats?

In IT Blogwatch, this reminds us of something.

So what is going on? Alison DeNisco has some background:

IBM Watson has a new job: Cybersecurity specialist. At the RSA Conference…IBM announced the availability of Watson for Cyber Security, with the aim of assisting cybersecurity professionals with threat assessment and mitigation…The company said it is the industry’s first augmented intelligence technology with the ability to power cognitive security operations centers (SOCs).

But what need does Watson fill here? Ian Barker has those details:

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Why Twitter's new anti-harassment tools will fail

admin , , ,

Credit to Author: Mike Elgan| Date: Sat, 11 Feb 2017 04:01:00 -0800

Twitter is trying to curb harassment. Again.

Twitter VP of Engineering Ed Ho this week announced three changes that Twitter believes will end its reputation as a haven for trolls, haters, spammers, misogynists, racists and idiots.

Two years ago, Twitter’s then-CEO Dick Costolo was quoted in a leaked memo saying that “We suck at dealing with abuse and trolls on the platform and we’ve sucked at it for years.”

Read more
ComputerWorld Independent 

'Fileless malware' attacks, used on banks, have been around for years

admin , ,

Fileless malware attacks, which were recently discovered in the networks of at least 140 banks, telecoms and governments, account for about 15% of known attacks today and have been around for years in different forms.

“Fileless malware attacks are becoming much more common and circumvent most of the endpoint protection and detection tools deployed today,” Gartner security analyst Avivah Litan said.

A recent discovery of fileless malware was reported on Wednesday by researchers at Moscow-based Kaspersky Labs. The attackers have not been identified and “attribution [is] almost impossible,” according to Kaspersky.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

'Invisible' memory-based malware hit over 140 banks, telecoms and government agencies

admin , ,

Cybercriminals have hit more than 40 countries with hidden malware that steals passwords and financial data. The malware is not found on hard drives as it hides in the memory of compromised computers, making it almost “invisible” as criminals exfiltrate system administrators’ credentials and other sensitive data. When a targeted machine is rebooted, nearly all traces of the malware disappear.

Over 140 enterprise networks – banks, government organizations and telecommunication companies – from 40 countries have been hit, according to Kaspersky Lab. The cybercriminals are using methods and sophisticated malware previously used by nation-state attackers.

To read this article in full or to leave a comment, please click here

Read more