Android SMS malware firm fined £50,000 and ordered to refund victims
Updated: 2012-08-31 14:54:33
A Moscow-based firm has been ordered to refund victims who lost money as a result of Android malware.
Phishing without a webpage - researcher reveals how a link *itself* can be malicious
Updated: 2012-08-31 12:03:32Can you phish without a phishing page? Research by a student at the University of Oslo in Norway finds that, with the help of a trusty URI, ‘Yes, you can.’Dr. Johannes Ullrich and the Principle of Least Priviledge
Updated: 2012-08-31 00:41:49In an article posted this afternoon at Forbes, Dr. Ullrich compares network professionals who disable unneeded features with slumlords. He starts comparing a Bible for Section 8 landlords with network security. For those who don’t know, Section 8 housing is housing for the poor that is government subsidized. So, I guess he is also comparing users to [...]Guild Wars 2 accounts shuttered due to gold-seller hacking and idiocy
Updated: 2012-08-30 21:55:14There are two causes of the account lock-outs: first, ArenaNet is trying to run a civilized environment without Holocaust jokes, gay-bashing and the like, and second, gold sellers have hacked accounts to grab the goodies.Oracle releases out of cycle fixes for Java
Updated: 2012-08-30 21:08:42
Oracle has released an emergency update fixing four vulnerabilities affecting both Java 6 and Java 7 users.Get your Java While Its Hot
Updated: 2012-08-30 19:09:47Oracle released Java JRE 1.7 update 7 and 1.6 update 35 today patching critical security holes. Most security professionals recommended disabling Java or removing it while waiting for this update. So if you’ve ignored that advice, you need to upgrade as soon as possible.How to turn off Java on your browser - and why you should do it now
Updated: 2012-08-30 14:12:25Do you still have Java turned on in your web browser? If your answer is "Yes" or "I'm not sure" then it's time to take action.Zero-day Java flaw exploited in targeted tax email malware attack
Updated: 2012-08-30 11:49:23Cybercriminals take advantage of the critical zero-day flaw vulnerability in Java, sending out malicious emails which pretend to come from an accountancy firm announcing a rise in the tax rate.Facebook troll outed as policeman
Updated: 2012-08-30 11:47:52A UK woman has endured months of poisonous messages, email hacking, online impersonation, and her daughter's image getting pasted onto a photo of a lap dancer, all over her words of support for an X Factor contestant.Cancer Care Group leaves unencrypted server backups in car, loses data on 55,000 patients and staff
Updated: 2012-08-30 07:46:31
Indiana-based Cancer Care Group has lost server backups with data on 55,000 patients and staff from a parked car.
We have to ask, "Why would anyone, ever, leave an unencrypted laptop unattended in a car?"Java flaws already included in Blackhole exploit kit, Oracle was informed of vulnerabilities in April
Updated: 2012-08-30 05:05:56
The latest Java flaw is already being exploited by criminals. Oracle was notified of the problem in April, but no fix is available. Learn how to disable Java or remove it from your computer to protect yourself.Times reporter arrested over NightJack blogger email hack
Updated: 2012-08-29 17:17:23Scotland Yard has arrested a former journalist with The Times in connection with an alleged hack of an anonymous blogger's email account in 2009.Kingsoft Office for Android International!
Updated: 2012-08-28 15:34:1628th, Aug, 2012 from KSOffice Team Kingsoft Office (International) for Android integrated the muti-language package and it supports for 14 kinds of languages, including English, Deutsch(Germany), Français(France), Italiano(Italia), Español(México), Español(España), Pусский, Português(Portugal), Português(Brasil), Svenska, 한국의, 简体中文, 繁體(HK) and 繁體(TW). Also, from now, it is Free with full-features for the mobile equipment, allowing you to view and [...]Yet another Flash Update
Updated: 2012-08-22 05:26:32Fresh from a Flash security update released on patch Tuesday, yesterday Adobe released another security update for Flash. The security bulletin is here. “These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.”correcthorsebatterystaple
Updated: 2012-08-14 05:52:31via Sophos (and they found it via reddit) If you try to change set your password to “correcthorsebatterystaple” at dropbox, you’ll be advised that you shouldn’t take password advice quite so literally. See the Sophos link for screenshots. XKCD had a cartoon about passphrase generation. I recall at the time predictions that people would [...]Death to RSA keys under 1024 bits
Updated: 2012-08-13 19:57:31
Tomorrow Microsoft will release update 2661254 to block keys that are less than 1024 bits. Microsoft has mentioned this since June and I covered it in one of the podcasts. Bit strength of less than 1024 is considered insecure because it is feasible to derive the private key quickly enough to be worthwhile. Current best practice [...]Podcast 6 Staying Safe Online
Updated: 2012-08-12 22:37:06In this week’s episode of the podcast, we discuss the hack of tech reporter Mat Honan and how to avoid that happening to you.Disclaimers
Updated: 2012-08-07 18:11:17I’m doing an eval with a cloud based web security product. This disclaimer in the click-through agreement caught my eye. [vender] cannot and does not guaranty the privacy, security, integrity or authenticity of any information transmitted over or stored in any system connected to or accessible via the Internet, or otherwise, or that any security [...]An Early Employee Looks Back at Facebook
Updated: 2012-08-05 19:24:33Katherine Losse was employee 51 at Facebook. She rose from a position as an early customer service rep to become ghostwriter on Zuckerberg’s blog. Disenchanted with amount of information gathered on users, and also the influence Facebook has on personal communication, Losse left Facebook and wrote a book, “The Boy Kings: A Journey Into the Heart of the [...]