Clik here to view.
37% of Canadian Justice Department fail phishing awareness test
An in-house awareness test run late last year at Department of Justice Canada has revealed that a good percentage of its employees are for the most part fairly easy to trick with phishing scams.
View ArticleClik here to view.
SSCC 153: TrueCrypt, Towelroot, Cryptowall, and spam in Canada [PODCAST]
Chester Wisniewski and Paul Ducklin present this week's edition of the regular Sophos security podcast, the "Chet Chat." In this episode: the TrueCrypt saga continues; the Towelroot software for...
View ArticleClik here to view.
Is that Google Glass wearer stealing your iPad passcode?
What about the one with a smartwatch? Snoopers can catch your code from nearly 10 feet away with Google Glass or Samsung's smartwatch and from almost 150 away using a HD camcorder, thanks to...
View ArticleClik here to view.
"Towelroot" app makes it easy to root Galaxy S5 and other locked Androids...
Galaxy S5 users will be cheering. System administrators are probably groaning. Paul Ducklin looks at an Android-era variant of Hamlet's dilemma: "To root or not to root, that is the question."
View ArticleClik here to view.
Serial hacker Cameron Lacroix gets four year jail term after taking plea bargain
A serial hacker with a long history of computer offences has pleaded guilty to computer intrusion and access device fraud charges, accepting a sentence of four years in jail in return for his plea.
View ArticleClik here to view.
TimThumb plugin for WordPress - zero-day remote code execution hole...
WordPress sites with the TimThumb image thumbnailing plugin could be taken over by attackers. Paul Ducklin looks at what went wrong and explains how to fix the hole...
View ArticleClik here to view.
Revenge porn hits two high profile boyfriends where it hurts
Former NSA analyst and vocal NSA supporter John Schindler had his pink parts exposed by a lover in an extramarital affair, and a state representative's chief of staff was outed by a porn star...
View ArticleClik here to view.
Flaw in PayPal’s two-factor authentication, but keep calm and carry on!
Security researchers in the USA have just disclosed a flaw in PayPal's 2FA system. Paul Ducklin looks at the mistakes that PayPal made, and what's been done to sort them out...
View ArticleClik here to view.
Europe improving anti-cybercrime cooperation, but what about US and China?
Cybercrime is a global danger, so it's vital that agencies in different jurisdictions work together to investigate and prosecute crimes being committed across borders. Any step away from full...
View ArticleClik here to view.
Canadian spam, New York taxis and Brazilian passwords - 60 Sec Security [VIDEO]
Canada goes "opt in", NYC makes a hash, and Brazil forgets its punctuation. It's 60 Second Security for 28 June 2014!
View ArticleClik here to view.
Anatomy of an Android SMS virus - watch out for text messages, even from your...
Paul Ducklin looks into "Andr/SlfMite-A", an Android SMS virus. The malware sends itself to your top 20 contacts and foists an third party app for an alternative Android software market onto your...
View ArticleClik here to view.
Hacker who plotted to send heroin to Brian Krebs arrested in Italy
I don't envy the scriptwriters who are busy at work on the Krebs movie. The news just keeps coming! The latest: Sergei Vovnenko, known as Fly, was arrested under suspicion of trafficking in stolen...
View ArticleClik here to view.
Monday review - the hot 22 stories of the week
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
View ArticleClik here to view.
Facebook’s facing a losing battle to protect users’ privacy
Last year, prosecutors in Manhattan held Facebook up by the ankles and shook out personal data on 381 users. A judge last week said that it's up to the targeted users to complain about privacy...
View ArticleClik here to view.
Payment card survey – where does your country sit on the fraud list?
6,159 people were questioned by ACI Worldwide in 20 countries around the world, on a range of topics including incidents of fraud, risky behaviours which may put people at greater fraud risk, the...
View ArticleClik here to view.
From the Labs: PlugX – the next generation
In this new paper from SophosLabs, Principal Researcher Gabor Szappanos takes a look into a new variation of the PlugX malware.
View ArticleClik here to view.
4 password mistakes small companies make and how to avoid them
When it comes to IT security very small businesses and micro-enterprises are in a tight spot. We've compiled a list of four common password mistakes - if you can avoid them then you'll have put your...
View ArticleClik here to view.
Apple ships updates, including Snow Leopard (ONLY KIDDING!)
Apple just published its latest round of updates for iOS, Apple TV, Safari and OS X, including dozens of security fixes. OS X Snow Leopard users...we're afraid you missed out once again.
View ArticleClik here to view.
Google looks to make OpenPGP easier for Gmail users
In early June Google announced a new project designed to create a Chrome plugin to allow end-to-end encryption of web-based emails using OpenPGP. We take a look at its current state and explain how it...
View ArticleClik here to view.
Microsoft stops Patch Tuesday emails, blames Canada, then does U-turn
The decree mentions "changing governmental policies concerning the issuance of automated electronic messaging" - a head-scratcher that Microsoft spokespeople subsequently clarified by pointing to a new...
View Article