Target is upgrading the security of its store-branded payment cards and making other network improvements as it seeks to restore confidence after one of the largest-ever data breaches last year.
Computerworld Malware and Vulnerabilities News
Siemens released a security update to address the Heartbleed vulnerability in SIMATIC WinCC Open Architecture, a supervisory control and data acquisition (SCADA) system that's used in a large number of industries to operate processes, machines and production flows.
Computerworld Malware and Vulnerabilities News
The Apache Software Foundation rushed last week to update the popular Apache Struts framework after a previous security patch for a high-risk vulnerability proved to be incomplete.
Computerworld Malware and Vulnerabilities News
Adobe Systems released emergency security updates for Flash Player in order to fix a vulnerability that has been exploited in attacks against users since earlier this month.
Computerworld Malware and Vulnerabilities News
The U.S. government’s top cyber-security agency is telling Internet Explorer users they should consider running a different browser until Microsoft fixes a critical vulnerability.
Computerworld Malware and Vulnerabilities News
Security experts have expressed doubts about a hacker claim that there’s a new vulnerability in the patched version of OpenSSL, the widely used cryptographic library repaired in early April.
Computerworld Malware and Vulnerabilities News
Microsoft on Saturday told customers that cyber-criminals are exploiting an unpatched and critical vulnerability in Internet Explorer (IE) using “drive-by” attacks.
Computerworld Malware and Vulnerabilities News
For most people, XP patches will be unobtainable through legitimate channels. Sounds like a market to me.
Computerworld Malware and Vulnerabilities News
We can do things now to make things a little easier should we face another widespread security defect in code like OpenSSL.
Computerworld Malware and Vulnerabilities News
Computerworld offers a Tip of the Hat to Jon Brodkin of Ars Technica for an incisive look at how only a potential disaster could convince top tech execs to finally help fund the OpenSSL and other open-source projects.
Computerworld Malware and Vulnerabilities News
Apple exposed iOS users to security threats by taking three weeks longer to patch the same vulnerabilities in the mobile OS that it previously fixed in Safari on OS X, a former Apple security engineer said.
Computerworld Malware and Vulnerabilities News
An Android Trojan app that sends SMS messages to premium-rate numbers has expanded globally over the past year, racking up bills for users in over 60 countries including the U.S., malware researchers from Kaspersky Lab said.
Computerworld Malware and Vulnerabilities News
Some Android apps thought to be vulnerable to the Heartbleed bug were spared because of a common coding error in the way they implemented their own native OpenSSL library.
Computerworld Malware and Vulnerabilities News
Apple today issued a security-only update for OS X, patching 25 vulnerabilities in Mavericks, its newest operating system, and 7 bugs in older editions.
Computerworld Malware and Vulnerabilities News
A malware campaign of yet-to-be-determined origin is infecting jailbroken iPhones and iPads to steal Apple account credentials from SSL encrypted traffic.
Computerworld Malware and Vulnerabilities News
When Internet and phone service are impaired at a development center, the problem is traced to VM images installed in a classroom.
Computerworld Malware and Vulnerabilities News
The Securities and Exchange Commission plans to review the cyber defenses of 50 Wall Street broker-dealers and investment advisers to determine whether they are prepared for potential cyber threats.
Computerworld Malware and Vulnerabilities News
The world’s top 1,000 websites have been patched to protect their servers against the “Heartbleed” exploit, but up to 2% of the top million were still vulnerable as of last week.
Computerworld Malware and Vulnerabilities News
Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.
Computerworld Malware and Vulnerabilities News
About 2.6 million payment cards at Michaels Stores and another 400,000 at subsidiary Aaron Brothers may have been affected in a card skimming attack that compromised its point-of-sale systems, the retailer said Thursday.
Computerworld Malware and Vulnerabilities News
Worried about how the Heartbleed vulnerability may affect your personal accounts? A new tool may be of help.
Computerworld Malware and Vulnerabilities News
Microsoft on Wednesday extended the Windows 8.1 Update migration deadline for businesses by three months, but again told consumers they had less than four weeks to make the move before the company shuts off their patch faucet.
Computerworld Malware and Vulnerabilities News
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.
Computerworld Malware and Vulnerabilities News
Canadian police have arrested a 19-year-old man for allegedly using the Heartbleed bug to steal data about taxpayers.
Computerworld Malware and Vulnerabilities News
Oracle has issued a comprehensive list of its software that may or may not be affected by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.
Computerworld Malware and Vulnerabilities News
In the race to protect themselves from the Heartbleed vulnerability, enterprises could be opening themselves up to new attacks if they aren’t careful.
Computerworld Malware and Vulnerabilities News
Google has issued a patch for an attack that could lead an Android user to a phishing site, according to security vendor FireEye.
Computerworld Malware and Vulnerabilities News
VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.
Computerworld Malware and Vulnerabilities News
If our checks and balances are so fragile that a typo can obliterate all meaningful security, we have some fundamental things to fix.
Computerworld Malware and Vulnerabilities News
Enterprise IT vendors are rushing to protect users from the Heartbleed bug, which has been found in some servers and networking gear and could allow attackers to steal critical data — including passwords and encryption keys — from the memories of exposed systems.
Computerworld Malware and Vulnerabilities News
Box has patched the Heartbleed security hole on its servers and has advised its customers to change their passwords.
Computerworld Malware and Vulnerabilities News
Four researchers working separately have demonstrated a server’s private encryption key can be obtained using the Heartbleed bug, an attack thought possible but unconfirmed.
Computerworld Malware and Vulnerabilities News
The U.S. Department of Justice has brought charges against nine alleged members of a criminal organization that distributed the Zeus Trojan used to steal millions of dollars from bank accounts nationwide.
Computerworld Malware and Vulnerabilities News
Android and IOS mobile applications are just as vulnerable to the Heartbleed bug as websites are, security vendor Trend Micro warned.
Computerworld Malware and Vulnerabilities News
Computerworld offers a Tip of the Hat to The Register‘s Chris Williams for his insights on how a lack of oversight of open source technologies contributed to to the creation — and the two-year spread — of the Heartbleed bug.
Computerworld Malware and Vulnerabilities News
The U.S. National Security Agency, which has a cybersecurity mission in addition to surveillance, has disputed a report that it knew about the Heartbleed security vulnerability for at least two years before other researchers disclosed the flaw this month.
Computerworld Malware and Vulnerabilities News
The IRS acknowledged this week that it missed the April 8 cut-off for Windows XP support, and will be paying Microsoft millions for an extra year of security patches.
Computerworld Malware and Vulnerabilities News
You had to see this one coming.
Computerworld Malware and Vulnerabilities News
The Heartbleed bug has affected about two-thirds of the world’s websites, meaning virtually everyone should be taking steps to protect themselves now.
Computerworld Malware and Vulnerabilities News
Tens of thousands of new digital certificates have been issued by Comodo in the wake of the "Heartbleed" security flaw, which has put Internet users' data at risk.
Computerworld Malware and Vulnerabilities News
Website and server administrators will have to spend considerable time, effort and money to mitigate all the security risks associated with Heartbleed, one of the most severe vulnerabilities to endanger encrypted SSL communications in recent years.
Computerworld Malware and Vulnerabilities News
Jose Vildoza's 62-year-old father was using his old Windows computer when a warning in broken English flashed on the screen: your files have been encrypted.
Computerworld Malware and Vulnerabilities News
Microsoft suspended serving Windows 8.1 Update to businesses that rely on WSUS (Windows Server Update Services), saying that a bug would prevent devices from recognizing future updates.
Computerworld Malware and Vulnerabilities News
Computerworld offers a Tip of the Hat to Shane Dingman of the Toronto Globe and Mail for an easy-to-understand look at the Heartbleed security bug — what happened, what key websites are among the hundreds of thousands affected, and whether users can do anything at this point.
Computerworld Malware and Vulnerabilities News
Adobe Systems released security updates for Flash Player and AIR in order to address four critical vulnerabilities that could lead to arbitrary code execution and information disclosure.
Computerworld Malware and Vulnerabilities News
Since news of the OpenSSL bug started to spread on Monday, administrators and vendors have made a mad scramble to patch the Heartbleed bug, named for the flawed implementation of the heartbeat option in the cryptographic library.
Computerworld Malware and Vulnerabilities News
Attackers exploited a vulnerability in a popular video-sharing site to hijack users' browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security firm Incapsula.
Computerworld Malware and Vulnerabilities News
Home routers and other consumer embedded devices are plagued by basic vulnerabilities and can't be easily secured by non-technical users, which means they'll likely continue to be targeted in what has already become an increasing trend of mass attacks.
Computerworld Malware and Vulnerabilities News
Security researchers released technical details and proof-of-concept code for 30 security issues affecting Oracle's Java Cloud Service, some of which could allow attackers to compromise business-critical Java applications deployed on it.
Computerworld Malware and Vulnerabilities News
Apple on Tuesday patched the security vulnerability in Safari that was successfully exploited at last month’s Pwn2Own hacking contest, where a team cracked the browser to win $ 65,000.
Computerworld Malware and Vulnerabilities News
