Saturday, November 23, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Malware & Vulnerabilities

ComputerWorld Independent 

How to make PC security alerts better? Make them twirl, jiggle

admin , ,

Have you ever ignored a security alert on your PC? You’re not the only one.

The warnings are designed to save us from malware infections and hacking risks, but often we’ll neglect them. It could be because we’re too busy or we’ve seen them too many times, and we’ve become conditioned to dismiss them — even the most serious ones, according to Anthony Vance, a professor at Brigham Young University.

Vance has been studying the problem and he’s found that introducing certain small but noticeable changes can make the alerts more useful — and harder to ignore.  

“Our security UI (user interface) needs to be designed to be compatible with the way our brains work,” he said at the USENIX Enigma 2017 conference on Tuesday. “Not against it.”

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Police lost 8 years of evidence in ransomware attack

admin , ,

Police in Cockrell Hill, a community in southwest Dallas, admitted to losing digital evidence from as far back as 2009 after the department’s server was compromised with ransomware.

Cockrell Hill Police Department Chief Stephen Barlag said, “As a result, all bodycam video, some photos, some in-car video, and some police department surveillance video were lost.”

Immediately, the police blamed Russian hackers, but Barlag later told WFAA that experts told him it “more likely originated in Ukraine.” The official press release, however, states, “It is unknown for certain where the virus originated from.”

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Ransomware disrupts Washington DC's CCTV system

admin , ,

Around 70 percent of the cameras hooked up to the police’s closed-circuit TV (CCTV) system in Washington were reportedly unable to record footage for several days before President Donald Trump’s inauguration due to a ransomware attack.

The attack affected 123 of the 187 network video recorders that form the city’s CCTV system, The Washington Post reported Saturday. Each of these devices is used to store video footage captured by up to four cameras installed in public spaces.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Five arrested for hacking into ATMs and stealing $3.2 million

admin , ,

Law enforcement authorities from Europe and Asia have arrested five members of an international cybercriminal group that specialized in hacking into automated teller machine (ATMs).

The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency said Friday.

Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.

To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

Gmail will block JavaScript attachments, a common source of malware

admin ,

Starting Feb. 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.

Users will no longer be able to attach .JS files to emails in Gmail, regardless of whether they attach them directly or they include them in archives like .gz, .bz2, .zip or .tgz. For those rare cases when such files need to be shared via email, users can upload them to a storage service like Google Drive and then share the link.

The .JS file extension will be added an existing list of other banned file attachments that includes: .ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF and .WSH. Most of these file types have long been abused by cybercriminals to send malware via email.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

The essential guide to anti-malware tools

admin , , ,

It’s a sad fact of life in IT nowadays that some form of preparation for dealing with malware is part and parcel of what systems and network administrators must do. This goes above and beyond normal due diligence in warding off malware. It includes a proper appreciation of the work and risks involved in handling malware infections, and acquiring a toolkit of repair and cleanup tools to complement protective measures involved in exercising due diligence. It should also include at least two forms of insurance – one literal, the other metaphorical – that can help avert or cover an organization against costs and liabilities that malware could otherwise force the organization to incur.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more