Clik here to view.
Android "Master Key" vulnerability - more malware exploits code verification...
Researchers at SophosLabs have come across samples of Android malware exploiting the so-called "Master Key" vulnerability. Paul Ducklin investigates and explains...
View ArticleClik here to view.
'Hack Facebook' works great - on YOU, not your intended victim
Hack not lest ye be hacked yourself, says researcher Josh Long. The "Facebook Hacking Site" actually leads hacker-wannabes into receiving premium SMS texts that jack up their phone bills and may also...
View ArticleClik here to view.
Secure webmail service Lavabit suspends operation, citing legal issues
If you're interested in webmail security, you've probably heard of Lavabit. It uses public key cryptography to keep your messages private even though they're stored "in the cloud." At least, it used...
View ArticleClik here to view.
Will insurance firms be the big winners in the struggle for cyber security?
A blog post by one of US President Obama's top cybersecurity advisers has sparked a debate on the importance of insurance in mitigating the threat posed by digital dangers to the world's businesses and...
View ArticleClik here to view.
NSA cutting 90% of sysadmin jobs to beef up security
Automation of tasks such as data transfer and system security is happening already, the NSA director says, though it's speeding up post-Snowden leaks. Is automating everything and thereby reducing...
View ArticleClik here to view.
Security flaw with a difference – the Xerox scanner that makes your house...
Friend and former colleague Graham Cluley just drew my attention to an astonishing security problem with Xerox scanners. I bet you it isn't the sort of problem you're thinking of, either...
View ArticleClik here to view.
Encrypted email service Silent Circle silences email in wake of Lavabit closure
The company pre-emptively shut down Silent Mail in anticipation of the US government getting its hands on the metadata inevitably associated with email. The move came directly after Lavabit—former...
View ArticleClik here to view.
Infecting iOS, OpenX backdoor, toilet hole, Android malware - 60 Sec Security...
Are Apple's iPhones really impervious to malware? What do you do if your software is pre-infected with a backdoor? What strength of password is appropriate for a toilet? And what about firmware updates...
View ArticleClik here to view.
Winners of the BH2013 #sophospuzzle – and how to solve it!
Here are all the winners in the recent BlackHat 2013 #sophospuzzle. And, of course, an explanation of how to solve it.
View ArticleClik here to view.
Android random number flaw implicated in Bitcoin thefts
Bitcoin is in the news again. Seems that a random number problem on the Android platform is letting crooks get away with cryptographic fraud to make off with other people's BTCs...
View ArticleClik here to view.
Monday review – the hot 24 stories of the week
It's Monday again, so here's a quick way to get yourself up to date with everything we've written in the last seven days.
View ArticleClik here to view.
Heads up for Patch Tuesday: 24 hours, 8 bulletins, 3 critical, everything...
It's that time of the month again, with Microsoft Patch Tuesday just 24 hours away. Paul Ducklin presents this month's eight bulletins in seven handy bullet points...
View ArticleClik here to view.
Two Canadian men charged in connection with suicide victim's alleged...
The two 18-year-olds were arrested on Thursday and have been charged with child abuse imagery crimes over the alleged cyber-bullying of Rehtaeh Parsons. Police are asking people not to reveal the...
View ArticleClik here to view.
London says media company's spying rubbish bins stink
The rubbish and recycling bins, from the company Renew, were set up to record people's smartphones, and thereby their movements and habits, as they walked by.
View ArticleClik here to view.
Patch Tuesday for August 2013 – 3 critical, 5 important
Patch Tuesday for August 2013 includes three critical fixes and five important ones. The focus for this month is certainly the Internet Explorer cumulative patch which fixes 11 vulnerabilities and all...
View ArticleClik here to view.
eBay troll and fraudster ‘Ebayisajoke’ staked out and unmasked
His stunts included cooking up stealth accounts, bidding up items and then refusing to pay, after which he leaves nasty reviews. For those sins, a Detroit man is being condemned by media (without a...
View ArticleClik here to view.
SSCC 114 – Bitcoins and randomness, OpenX and trust, Email and privacy [PODCAST]
News, opinion, advice and research! Chet and Duck bring you their unique and entertaining combination of all four in their regular quarter-hour podcast.
View ArticleClik here to view.
Baby-monitor hacker spies on and swears at sleeping 2-year-old
A hacker took over a baby monitor in a home in the US city of Houston, Texas, to spy on a 2-year-old girl, to broadcast obscenities at the child, to swivel the camera so as to watch her shocked parents...
View ArticleClik here to view.
Google says people can't expect privacy when sending to Gmail
In a motion to dismiss a lawsuit over its data-mining of email, Google says people shouldn't expect privacy when they send messages to a Gmail account, any more than people would were they to send a...
View ArticleClik here to view.
Fired flight attendant forced to give employer access to Facebook and bank...
A flight attendant was forced to allow her employer to examine her Facebook activity and bank account after she was fired over her activity while on sick leave.
View Article