Clik here to view.
Many Amazon S3 cloud storage users are exposing sensitive company secrets,...
A security researcher tested a slew of (probably inappropriately misconfigured) storage buckets and found about one in six were open to the public, exposing content we think companies would probably...
View ArticleClik here to view.
"We apologise for the previous apology" - NZ gov dept in email CC:...
A government department in New Zealand has had to apologise twice after mixing up CC: and BCC: when apologising for mixing up CC: and BCC:. It's a really easy mistake to make, so take a moment to...
View ArticleClik here to view.
Monday review - the hot 13 stories of the week
Catch up with everything we've written in the last seven days with this handy weekly roundup
View ArticleClik here to view.
Anatomy of a bug - misplaced parenthesis threatens NetBSD's random numbers
NetBSD recently patched a programming bug in its kernel that affected the sanctity of the operating system's random numbers. One lousy parenthesis misplaced by just two characters...
View ArticleClik here to view.
"Rude password - login denied": the AT&T April Fool that wasn't
Why, and more importantly, *how*, would you go about weeding out rude passwords? Surely an April Fool? Paul Ducklin takes a look...
View ArticleClik here to view.
Mobile device security in the US military comes under fire
A recent report by the US Inspector General revealed staggering flaws in the US military's management of mobile devices, and a severe lack of basic IT security protection in place for such devices.
View ArticleClik here to view.
Firefox 20 arrives - new version, some security improvements, no known vices
Firefox 20.0 was released today. The buglist page enumerates 3054 official changes, with eleven patched vulnerabilities, three at "Critical" level. Paul Ducklin takes a quick look...
View ArticleClik here to view.
TDoS attacks target US emergency call centers
The FBI and DHS are seeing dozens of attacks on ambulance and hospital communication lines as extortionists demand $5,000 for supposedly unpaid payday loans.
View ArticleClik here to view.
How to stop your friends' Facebook apps from accessing *your* private...
Many internet users are wary of sharing their personal information willy-nilly with the world, but did you know that sometimes it's your Facebook friends who might be unwittingly passing your private...
View ArticleClik here to view.
The biggest Mac malware attack of all time - blogger names suspected mastermind
Award-winning security blogger Brian Krebs has shared details of his investigation into who might have been behind Flashback - which hit more than 600,000 Mac computers in early 2012
View ArticleClik here to view.
New robocall-killer technologies, designed to filter out unwanted automated...
The US FTC ran a Robocall Challenge to shake out some new approaches to identifying (and hanging up on) those dinner-interrupting, scam-blabbing annoyances that are auto-dialed robocalls.
View ArticleClik here to view.
Has your Hewlett-Packard ScanJet printer just tried to infect your PC with...
Beware! Cybercriminals have attempted to infect computers worldwide, disguising their attack as an email claiming to come from a scanner in your office.
View ArticleClik here to view.
Google announces brand new web browser core, so does Mozilla
When you wait ages for a bus, and then three come along at once, it's not a coincidence: it's a side-effect of queuing and traffic lights. But what about when three browser vendors make announcements...
View ArticleClik here to view.
Scribd, "world's largest online library," admits to network intrusion,...
San Francisco-based document sharing site Scribd has admitted to a network intrusion. Details are scant, but fortunately a notification published by the company suggests that no more than 1% of users...
View ArticleClik here to view.
A QQ-loving US soldier in Iraq is offering $120 to every reader of Naked...
Apparently Sgt Jack Lenz is looking for a "loyal and trusting person". Well, that's *us* - right?
View ArticleClik here to view.
Ransomware scares victims with child sex abuse images
A ransomware attack takes a sinister twist - displaying images of the purported sexual abuse of children in an attempt to scare computer users into paying up.
View ArticleClik here to view.
Powerful new personal data disclosure bill proposed by California lawmaker
The Right to Know Act of 2013 would force companies to tell Californians what personal data they have on consumers and how it's trafficked.
View ArticleClik here to view.
Is security really dead? Perhaps it's your lack of depth
There is a lot of talk in the security industry about how much everything sucks. While no individual solution is a silver bullet for solving your security woes, but we shouldn't forget that an...
View ArticleClik here to view.
WordPress.com boosts security for bloggers with two-factor authentication
With WordPress.com powering more than 60 million websites worldwide, anything to improve the safety and security of its users is to be welcomed. Paul Ducklin tries out the new WordPress 2FA service on...
View ArticleClik here to view.
Microsoft to issue 9 security updates on Tuesday, critical for all IE...
Microsoft has issued its usual advance notification for the coming week's Patch Tuesday. If you use Windows you're probably affected, and you'll probably need to reboot all your PCs and most of your...
View Article