Security

Thu
25
May
John Lister's picture

Eye and Voice Logins Compromised

Two biometric security measures have come into question after reporters and researchers claimed to have overcome them. A phone's iris recognition and a bank's voice log-in both appear to be less than perfectly secure. The Samsung Galaxy S8 - ... arguably the most high-profile and hyped phone currently running the Android system - includes an option to unlock the phone by simply looking at the camera. In a similar way to fingerprint recognition, it works on the idea that the patterns in the eye's iris are unique. Samsung described these patterns as "virtually impossible to ... (view more)

Wed
24
May
John Lister's picture

WannaCry Ransom Worm Creators Blamed for Two Previous Attacks

Security researchers say its highly likely hackers linked to North Korea were responsible for the recent widespread WannaCry ransomware attack . The same group, dubbed Lazarus, was previously blamed for two other high profile online attacks. ... According to security firm Symantec, the WannaCry attacks bore five distinct hallmarks of previous attacks thought to be the work of the Lazarus group. This includes shared code such as that used to spread the malware from machine to machine. Other common factors include the same IP address being used to issue commands to infected machines, and similar ... (view more)

Tue
16
May
John Lister's picture

WannaCry Ransomware Worm: What You Need to Know

Beginning Friday, May 12, 2017, reports surfaced of a new Internet worm capable of infecting Windows machines instantaneously. The worm has been dubbed "WCRY" or "WannaCry" because of its malicious intent to install ransomware on the target machine. ... The Internet worm was made possible because of a leaked NSA (national security agency) document which essentially explained how to carry out the exploit. In this case, the malicious software locks computers such that their files are encrypted and cannot be accessed unless the victim pays a ransom (and the culprits then stand by ... (view more)

Wed
10
May
John Lister's picture

Microsoft Patches Major Security Bug

Microsoft has suffered a hugely embarrassing security flaw that takes advantage of a bug in Windows' built-in security software. But, security experts have praised its extremely rapid response. The bug, spotted by Google's Tavis Ormandy, was in ... Microsoft's own malware protection tools (including Windows Defender), which is built directly into Windows. Such tools have been so successful that for many users, third-party security tools are no longer necessary. The problem was specifically with a tool known as MsMpEng, (short for Microsoft Malware Protection Engine) that is enabled by ... (view more)

Tue
09
May
John Lister's picture

Phishing Scammers Try New Twist

An estimated one million people around the world received a recent phishing email, though it only posed a risk for around an hour before Google stepped in to stop the scam in its tracks. Victims of the scam may have inadvertently given attackers ... control of their email accounts. The attack involved a bogus email claiming that a contact tried to share a document with the recipient using Google Docs. While only a small proportion of people use Google Docs, the attackers appear to have been playing the numbers game. Attackers Accessed Emails and Contacts Unlike most phishing scams, the attackers ... (view more)

Tue
18
Apr
John Lister's picture

NSA Used Windows Bugs as Spy Tools

Microsoft says it's patched most of the recently revealed security flaws said to have been used by the National Security Agency (NSA) for spying. But the incident is a reminder not to rely on unsupported editions of Windows such as Windows XP and ... Vista. Windows Vista officially reached its end of extended support April 11, 2017 . A group calling itself "Shadow Brokers" is trying to auction what it says is a set of tools that the NSA were using for surveillance by taking advantage of security failings in widely used software. While that's a bold claim - particularly as it means ... (view more)

Wed
12
Apr
John Lister's picture

Researchers: Phone Tilt Could Reveal PIN

Motion sensors in smartphones could give away your lock code to hackers according to new research. But practical limitations mean related attacks might have to be specifically targeted. Researchers at Newcastle University explored the idea that ... tools such as accelerometers, gyroscopes, compasses and GPS chips in phones could reveal more detail than users realize. The tools are used for a variety of functions such as location tracking, fitness tracking and gesture control such as a user turning a phone face down to instantly switch it to "do not disturb" mode. Their theory was that ... (view more)

Thu
16
Mar
John Lister's picture

Twitter, Facebook Users: Review Account Settings

A major "hack" of prominent Twitter accounts has raised awareness of a big security loophole. The problem isn't with Twitter itself, but rather third party tools. This morning several thousand accounts belonging to public figures and major ... organizations and businesses posted identical messages. The tweets included a swastika symbol and references to Nazi views in Germany and the Netherlands and are thought to relate to an ongoing political spat between the Netherlands and Turkey. (Source: bostonglobe.com ) There's never a good time for accounts to be hijacked in such a way, ... (view more)

Tue
14
Mar
John Lister's picture

Malware Preinstalled on Many Android Phones

Android phones from a variety of companies have reached business employees with malware already installed according to researchers. How and why it got there is not yet confirmed. The report comes from Checkpoint, a security company. It says it was ... examining devices used by staff at two businesses: one a "large telecommunications company" and the other a "multinational technology company." (Source: checkpoint.com ) While it's not unusual to find malware on employee phones during some checks -- that's partly the purpose of hiring services such as Checkpoint. ... (view more)

Wed
01
Mar
John Lister's picture

'Smart' Toy Database Exposes Child Voice Recordings

Voice messages from parents to children through a 'smart' cuddly toy could be compromised. The security risk is a combination of a flaw by the designers and poor security practices by users. The issue involves CloudPets, a range of $40 toys designed ... to help working parents stay in touch with their kids. The parent can leave a voice message via a phone app at any time and it will then be sent over the Internet and Bluetooth and played back through a speaker in the toy. The child can then press the toy's paw to record and send a reply. The problem is that while delivering messages ... (view more)

Pages

Subscribe to RSS - Security