Clik here to view.
Facebook plugs Timeline privacy hole
Facebook gets another blow from Europe v. Facebook, which discovered a flaw in the latest timeline redesign that allowed for unintended viewers to see all events a user has attended.
View ArticleClik here to view.
iOS 6.1.3 security flaw allows passcode lock bypass... again [VIDEO]
iOS 6.1.3 has only just been released by Apple, and already a security hole has been followed - allowing anyone to bypass the passcode lock on iPhones, and access private data on the device. Anyone...
View ArticleClik here to view.
BBC Weather's Twitter account is hijacked by Syrian Electronic Army
The official Twitter account used by the BBC's weather team has been hijacked by Syrian hackers. Fortunately, they don't seem to be using it to spread malicious links - but are instead trying to spread...
View ArticleClik here to view.
IT admin pleads guilty to hacking into and spying on New Jersey mayor's email
Patrick Ricciardi configured computer systems to collect all emails sent to the mayor and two high-ranking city employees. He did it, he said, to see if his job was secure. We can say with reasonable...
View ArticleClik here to view.
Apple introduces two-factor verification for Apple IDs
After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny. Good news! Apple has finally bitten the bullet...
View ArticleClik here to view.
Fake Zendesk security notice spammed out, directs traffic to Canadian drug...
Should you trust the security notice you have just been emailed, telling you to watch out for scam emails and to use hard-to-crack passwords? Perhaps not...
View ArticleClik here to view.
Anatomy of a bug: Battlefield: Play4Free hole allows dodgy updates to go...
A pair of Maltese vulnerability researchers have found a security hole in Battlefield: Play4Free from digital games giant EA. The vulnerability abuses the fact that different versions of Windows deal...
View ArticleClik here to view.
Apple password reset website - gaping hole found, fixed
Apple has had a good-bad-good-bad week of it in the computer security environment. Its announcement of two-step verification for some users was quickly followed by a report of a password recovery...
View ArticleClik here to view.
Monday review – the hot 21 stories of the week
It's weekly roundup time. Here's all the great stuff we've written in the past seven days.
View ArticleClik here to view.
17-year-old arrested for hacking into phones, stealing and distributing...
A US teenager is charged with distributing child pornography after allegedly hacking minors' cellphones through an SMS ad that installed malware, giving him access to the phones' content.
View ArticleClik here to view.
Anatomy of a “feature” – should JavaScript be allowed to change a web link...
A young web coding enthusiast from Manchester, UK, recently published a thought-provoking hackette intended to highlight the risks of relying only on "look before you click." Paul Ducklin wants to know...
View ArticleClik here to view.
Five Slovenians arrested for $2.5M email banking fraud
Slovenian police on Thursday raided 12 homes and arrested five Slovenian citizens in connection with sending malware-packed email to small and medium businesses' accounting departments.
View ArticleClik here to view.
Interview with Writer/Director of “Code 2600″ and BSides Austin organizers...
Chet inteviews the writer and director of hacker film "Code 2600" and Austin BSides organizers/consultants Michael Gough and Ian Robertson. We also introduce the new Kickstarter Hackers in Uganda.
View ArticleClik here to view.
Spanish Linux group runs to teacher, complains about Microsoft's Secure Boot
Spanish open source association Hispalinux, reports Reuters, has officially complained to the European Commission about the Windows 8 Secure Boot system. Paul Ducklin gets quizzical about what happens...
View ArticleClik here to view.
SSCC 105 - our two-weekly news podcast: HP printers, Google blocks ad...
Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet? Here's the latest Naked Security podcast, Sophos Security Chet Chat 105, discussing a range of recent and...
View ArticleClik here to view.
The 'What's Worse Security Championships'
With March Madness Basketball in full swing in America, we thought it might be fun to try and adapt the concept of sport championships to the land of IT security.
View ArticleClik here to view.
Spicing up phishing attacks
Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at...
View ArticleClik here to view.
Massive DDoS attack against anti-spam provider impacts millions of internet...
The largest recorded DDoS attack has been ongoing for over eight days now, causing slowdowns and errors throughout the internet. Is this a one time scenario or does this expose a greater weakness in...
View ArticleClik here to view.
Spring ushers in US tax scam season
To remind taxpayers to be on the lookout for scams ranging from identity theft to return-preparer fraud, the IRS posted its Dirty Dozen list of tax scams for 2013.
View ArticleClik here to view.
Rohypnol, rape and other disturbing content. Isn't it about time Facebook...
Facebook should be doing more to protect its billion users from abuse, argues Graham Cluley. Can any social network defend taking no proactive action against pages which promote date-rape drug Rohypnol...
View Article