Clik here to view.
Thieves pounce on one of a sheriff's office's last, unencrypted laptops
The sheriff's office in King's County, Seattle, was in the process of adding encryption software this past spring and as of March had done so on 60% of all computers. The laptop that got stolen from a...
View ArticleClik here to view.
Facebook leaks are a lot leakier than Facebook is letting on
Remember last week, when Naked Security et al. told you that Facebook leaked email addresses and phone numbers for 6 million users, but that it was really kind of a modest leak, given that it's a...
View ArticleClik here to view.
Facebook pays $20K for easily exploitable flaw that could have led to account...
UK researcher Jack Whitten found that a few easy back-and-forths with Facebook SMS updates on his mobile phone could let him reset passwords on others' accounts. Facebook gives him $20k for finding it....
View ArticleClik here to view.
Google adds (some) malware and phishing info to Transparency Report
Google has expanded its Transparency Report data to include stats from their 'Safe Browsing' system, which keeps tabs on where malware and phishing sites are hosted. The data is a little short on...
View ArticleClik here to view.
Canadian cop claims he didn't know cyber-stalking was illegal
A Canadian police officer who pleaded guilty to planting spyware on his wife's BlackBerry, suspecting that she was having an affair, gets a slap on the wrist after claiming that he didn't know that...
View ArticleClik here to view.
Facebook leak, Canadian spam, Opera breach - 60 Sec Security [VIDEO]
It's Saturday, and that means *60 Second Security*, where we aim to touch on some of the more thought-provoking security topics of the past week in just one minute of video. Why not give this week's...
View ArticleClik here to view.
Anatomy of a browser trick - you've heard of "clickjacking", now meet...
An Italian security researcher has rediscovered a trick known as "user interface redressing" and used it to detail some potentially risky behaviour in IE 8. Paul Ducklin takes a look to see just how...
View ArticleClik here to view.
Ruby + OpenSSL && sprintf() == 2009-style Man-in-the-Middle?
If you have web-facing code written in Ruby, and you support SSL (which you do, right?), be sure to patch as soon as you can, to avoid falling victim to what seems very much like a four-year-old flaw...
View ArticleClik here to view.
Monday review - the hot 22 stories of the week
Did you miss anything in the past week? Here's a recap of the hot 22 stories of the past seven days, so you can catch up quickly!
View ArticleClik here to view.
FDA shutters 1,677 illegal online pharmacies
The commissioner says they're finding drugs that sometimes have either 0% or too much of the active ingredient that people need for disease treatment. On top of the drugs being illegitimate, consumers...
View ArticleClik here to view.
US Army blocks access to The Guardian's coverage of NSA surveillance
In an effort of continued damage control, the US Army has been blocking access to the The Guardian's ongoing coverage of NSA data surveillance and is taking note of current employees who potentially...
View ArticleClik here to view.
Retired, top-ranking US military officer is now Stuxnet leak suspect
Former US Gen James Cartwright, once a trusted member of the president's national security team and the reputed brains behind operation Olympic Games, has been told he's under investigation for leaking...
View ArticleClik here to view.
Romney blackmail scam - 'Dr Evil' extortion suspect charged
A Tennessee man is accused of being the guy behind the extortion attempt, which boiled down to "Give me 1 meeeeellion dollars for Romney's tax returns - and oh, yea, please pay in Bitcoins."
View ArticleClik here to view.
The four seasons of Glazunov: digging further into Sibhost and Flimkit
Following on from the recent analysis of the Glazunov exploit kit, Fraser Howard takes a detailed look at two other closely related kits. He finds several similarities which suggest that the same...
View ArticleClik here to view.
Ubisoft customers told "change your passwords *now*"
Ubisoft is urging customers to change their passwords following a breach that exposed user names, email addresses and encrypted passwords.
View ArticleClik here to view.
US rule broadens to protect children's online privacy, leaves developers with...
The updated rule is confusing developers who can't tell when a mobile gadget passes from parent to offspring. Let's hope they get it all ironed out soon. Increased control for parents sounds like a...
View ArticleClik here to view.
ACLU: Cops should have a tougher time sucking up 7 months of mobile phone data
The ACLU joined other legal activist groups to file a brief in what they call a potentially pivotal case in determining whether the government needs a warrant to track our mobile phones.
View ArticleClik here to view.
AT&T hacker and internet troll 'Weev' appeals 41-month prison sentence
The EFF has filed an appeal seeking to free the hacker and self-described internet troll, who exploited a hole in AT&T's publicly facing website to siphon the personal data of more than 100,000...
View ArticleClik here to view.
Anatomy of a buffer overflow - learning from Apple's latest security update
Apple has released its latest Security Update for OS X. Update 2013-003 fixes a trifecta of buffer overflow vulnerabilities in QuickTime. Paul Ducklin sees what we can learn from the bugs...
View ArticleClik here to view.
Can Facebook updates predict suicide?
Researchers have developed a new study that will analyze volunteers' social media profiles, mobile phone content, and risk factors in an attempt to determine if text mining can help to flag self-harm.
View Article