Researcher to Release Free Attack Obfuscation Tool

Cybercrime gang FIN7, aka Carbanak, spotted hiding behind another Windows function, according to research to be presented at Black Hat Asia next month.

5 ways blockchain is the new business collaboration tool

While blockchain may have cut its teeth on the cryptocurrency Bitcoin, the distributed electronic ledger technology is quickly making inroads across a variety of industries.

That's mainly because of its innate security and its potential for improving systems  operations all while reducing costs and creating new revenue streams.

David Schatsky, a managing director at consultancy Deloitte LLP, believes blockchain's diversity speaks to its versatility in addressing business needs, but "the impact that blockchain will have on businesses in various industries is not yet fully understood."

To read this article in full, please click here

Facebook Aims to Make Security More Social

Facebook's massive user base creates an opportunity to educate billions on security.

SWIFT Network Used in $2 Million Heist at Indian Bank

The theft at India's City Union Bank comes on the heels of news that attackers stole $6 million from a Russian bank via SWIFT network last year.

Time for a wake-up call…

This pilot fish supervises the IT help desk, so he's on the scene when one of his support techs takes a call that's very ordinary -- mostly.

"It was some normal problem like 'install this printer' or 'the computer forgot my password, please reset it,'" says fish.

"But at the end of the call, when they were discussing various things, the user happened to mention, very proudly, that she always turns off her computer at the end of the day every Friday, so it can get its updates over the weekend.

"The tech didn't have the heart to break the bad news to her. He just told her that was a good idea and to have a nice day."

Sharky has a better idea: Send me your true tale of IT life at sharky@computerworld.com. You'll score a sharp Shark shirt if I use it. Comment on today's tale at Sharky's Google+ community, and read thousands of great old tales in the Sharkives.

To read this article in full, please click here

Time for a wake-up call…

This pilot fish supervises the IT help desk, so he's on the scene when one of his support techs takes a call that's very ordinary -- mostly.

"It was some normal problem like 'install this printer' or 'the computer forgot my password, please reset it,'" says fish.

"But at the end of the call, when they were discussing various things, the user happened to mention, very proudly, that she always turns off her computer at the end of the day every Friday, so it can get its updates over the weekend.

"The tech didn't have the heart to break the bad news to her. He just told her that was a good idea and to have a nice day."

Sharky has a better idea: Send me your true tale of IT life at sharky@computerworld.com. You'll score a sharp Shark shirt if I use it. Comment on today's tale at Sharky's Google+ community, and read thousands of great old tales in the Sharkives.

To read this article in full, please click here

Ransomware: Do you pay the ransom? | Salted Hash Ep 19

Robert Gibbons, CTO at Datta, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

13 Russians Indicted for Massive Operation to Sway US Election

Russian nationals reportedly used stolen American identities and infrastructure to influence the 2016 election outcome.

Microsoft is distributing security patches through insecure HTTP links

The Microsoft Update Catalog uses insecure HTTP links – not HTTPS links – on the download buttons, so patches you download from the Update Catalog are subject to all of the security problems that dog HTTP links, including man-in-the-middle attacks.

Security researcher Stefan Kanthak, writing on Seclist’s Bugtraq mailing list, elaborates:

Even if you browse the "Microsoft Update Catalog" via the HTTPS link,  ALL download links published there use HTTP, not HTTPS!

That's trustworthy computing ... the Microsoft way!

Despite numerous mails sent to <secure () microsoft com> in the last years, and numerous replies "we'll forward this to the product groups," nothing happens at all.

To read this article in full, please click here

Siemens Leads Launch of Global Cybersecurity Initiative

The new 'Charter of Trust' aims to make security a key element of the digital economy, critical infrastructure.