Items tagged with security

Ever since AMD launched its Ryzen processors for the desktop, many security conscious users have pleaded with the company to open source its PSP - no, not the portable console, but rather its "Platform Security Processor". This chip is found on most AMD platforms from 2013 on, and behaves much like Intel's Management Engine does: it offers simple low-level access to the computer. Both AMD and Intel share the same message about these unique chips; they are there to keep us protected. Because the OS can't see what the PSP or IME is doing, though, the user will likewise be oblivious to the chip's... Read more...
When you spill a glass of milk or drop your car keys, you might say, "Oops!" But when you inadvertently leak personal information of millions of customers, well, other choice phrases might come to mind. That is the situation Verizon finds itself in—the nation's largest wireless carrier confirmed that certain information belonging to 6 million customers has leaked online.Cybersecurity firm UpGuard discovered the security issue, which traced back to a improperly configured security setting on a cloud server. The situation is being deemed as "human error," which probably will not make affected customers... Read more...
World Wrestling Entertainment (WWE) has received a black eye for an embarrassing data leak that could have (and should have) been avoided. It was not, however, and as a result personally identifiable information and other private details belonging to over 3 million WWE fans was sitting online unprotected and visible without a password to anyone who knew where to look.Image Source: Wikimedia Commons (John O'Neill (jjron)) The lax security was discovered Bob Dyachenko from security Kromtech. In order to view all of that information, all a person had to do was direct their web browser to the appropriate... Read more...
Many technology companies have in place bug bounty programs that reward security researchers who submit discovered vulnerabilities in the products and services they offer. It is a win-win proposition in which technology companies are alerted to potentially crippling security holes, and hackers are compensated for their efforts. Apple is among the companies with a bug bounty program, though some researchers are choosing to hold onto discovered vulnerabilities, or worse yet, sell them on the underground market. Apple's is relatively new to the bug bounty scene. Ivan Krstic, head of Apple's security... Read more...
Over the past few years, one of the most prevalent types of malware has been ransomware - an infection that automatically locks down your sensitive data, and then makes you buy it back with your hard-earned cash. In May, one of the hardest-hitting ransomware strikes occurred, via the appropriately named WannaCry. Now, that's "old" news; today, the major threat is Petya, another piece of ransomware. Or is it? That's the big question. As we covered a couple of times this week, Petya is designated as ransomware that seems to be mostly striking computers in Europe. If infected, the user is told to... Read more...
AMD has been on a tear lately. After all of the hype and anticipation, AMD's Zen architecture has proven to be the real deal, and not just on the desktop. Last week saw the launch of AMD's EPYC 7000 series processors for data center servers, and now the chip designer is formally introducing its Ryzen PRO lineup. In case it its not clear at this point, Zen is a multi-headed threat that is intent on competing with Intel in virtually every market segment. In this case, AMD's Rzyen PRO desktop chips are tweaked versions of the company's consumer-based Ryzen processors, with the PRO parts taking aim... Read more...
There are no days off in Redmond, at least not for Microsoft. Hot on the heels of dealing with the WannaCry ransomware outbreak, Microsoft has now addressed reports of a new ransomware making the rounds, one that shares similar code with Petya, a nasty piece of ransomware in and of itself. What makes this new strain so dangerous is that it is capable of spreading across networks like a worm. This new ransomware is more sophisticated than the original Petya outbreak. According to Microsoft, the initial strain seems to originate from a Ukrainian company that builds a pierce of accounting software... Read more...
Recent ransomware scares such as the WannaCry outbreak have collectively put a spotlight on PC security. It has even prompted Microsoft to release patches for unsupported operating systems, including Windows XP and Windows Vista. However, it is Windows 10 that receives the lion's share of Microsoft's security efforts, and we will see that on display when the Fall Creators Update arrives in a few months. Among other things, the Fall Creators Update will represent a "hardening" of the Windows platform. Security has always been a major focal point with Windows 10, but in a blog post outlining some... Read more...
It seemed for a moment that the WannaCry ransomware that wreaked havoc at hospitals across Europe had been neutralized, but apparently it is still causing disruptions. The latest report comes from Honda Motor Co., which said on Wednesday that it had to shut down one of its factories in Japan after discovering that WannaCry had wormed its way onto the company's computer network.Honda temporarily ceased production at its Sayama plant located northwest of Tokyo. That particular factory produces several Honda automobile models, including the Accord sedan, Odyssey minivan, and Step Wagon compact vehicle.... Read more...
Computer security has always been somewhat of a hot topic, though it has intensified in recent weeks in the wake of the global WannaCry ransomware outbreak. In response, Microsoft has issued a series of updates to Windows, including legacy versions no longer supported such as Windows XP and Windows Vista. Microsoft also used the heightened focus on PC security as an opportunity to explain its stance on antivirus software and how Windows 10 handles third-party AV programs. You might recall that Kaspersky, one of the more popular third-party security outfits, took Microsoft to task over the way Windows... Read more...
WikiLeaks has published secret documents belonging to the United States government that reveal the Central Intelligence Agency (CIA) has been building and maintaining cyber tools designed to compromise wireless routers. These tools are the work of the CIA's hacking unit called Engineering Development Group. Among them is a specialized firmware referred to as Cherry Blossom. "The wireless device itself is compromized by implanting a customized Cherry Blossom firmware on it; some devices allow upgrading their firmware over a wireless link, so no physical access to the device is necessary for a successful... Read more...
The notion that Mac systems are immune to malware is just plain wrong. Sure, Macs might be less susceptible to malware than Windows-based PCs, but they are certainly not exempt from security threats. Proving otherwise, two different security outfits have put out warnings about separate threats targeting Mac users. One of them pertains to ransomware, where a user's documents and files are encrypted and held hostage until a ransom is paid, and the other is a spyware application that sniffs out sensitive information.Image Source: Apple Starting with the former, security outfit Fortinet said its labs... Read more...
Microsoft is not wavering on its decision to stop supporting Windows XP as a whole, though apparently it will on occasion release security updates for the legacy operating system, presumably for the greater good. We saw this just last month when Microsoft patched Windows XP to protect users against the WannaCry ransomware outbreak. Now it has released another security update for Windows XP, this time due to the "heightened risk of exploitation" by copycats. In a sense, WannaCry can be considered a wake-up call for the security industry at large. As it pertains to Microsoft, the Redmond giant fears... Read more...
Most wireless routers are equipped with a series of LEDs to indicate things like network connectivity and activity, though if a router has been compromised with malware, those blinking lights could reveal more than the owner bargained for. Using specially crafted malware, an attacker could instruct those LEDs to transmit data in a binary format.Image Source: TP-Link The attack was outlined in a paper by a team of researches from the Cyber Security Research Center at the Ben-Gurion University of the Negev in Israel. It is the same team of security researchers that previously wrote about data exfiltration... Read more...
1 2 3 4 5 Next ... Last