computersecuritynews

The latest story from Arstechnica: http://arstechnica.com/tech-policy/2015/08/ftc-can-sue-companies-with-poor-information-security-appeals-court-says/ Builds on the previous post: http://oversitesentry.com/courts-uphold-ftc-regulation-punishment-to-negligent-company/ Higher regulation –> higher lawsuit fees –>  More costs to a breach. Wyndham had ineffective Cybersecurity and FTC ruled was negligent in its IT practices.  But Wyndham thought it could sue the FTC since Wyndham thought FTC was pushing it’s boundaries as far as … Read more

To anyone that pays attention Chinese hackers steal IP (Intellectual Property Theft) http://www.infosecurity-magazine.com/news/chinas-ip-theft-tech-transfer/ We can argue – is it $5trillion? or 3? My point is it does not matter, the Chinese steal what they can they are not picky. There are certain high value targets of course, but if you allow a hacker in your … Read more

The “Spy patches” from Microsoft should be uninstalled from your environment. One reason is the constant network bandwidth to Microsoft servers they generate. Second, they are not a “security” patch, in general any patch that includes more functionality is bad for security.   Winaero Blog post first noticed them in Win7 and Win8  by Sergey … Read more

New Cisco attacks on the IOS operating system (a Cisco operating system). http://tools.cisco.com/security/center/viewAlert.x?alertId=40411 There are actually no product vulnerabilities, but just plain old administrative access problems. What happens if someone gets your admin account on the router? The hacker will not change routes so you fix it, the hacker will upload a hacker special malware … Read more

FireEye and Kaspersky had zero-day  vulnerability bugs in their software. http://www.zdnet.com/article/fireeye-kaspersky-hit-with-zero-day-flaw-claims/ It is not news that software has flaws, and that some flaws are vulnerabilities that can be exploited by hackers.  What is news is that FireEye is a cybersecurity company: With firewall devices among their product lines. http://www.theregister.co.uk/2015/09/08/fireeye_0day/  Says that the security researcher put … Read more