Security

Tue
14
Apr
John Lister's picture

Ransomware Hackers Hit Maine Police Central Server

Four police departments in Maine have paid $300 to cybercriminals after being hit by so-called " ransomware ". Officials say they weighed up their response and decided they had no real choice but to pay up. Ransomware is a form of malicious software ... which restricts access to certain parts of a computer it infects. Victims then see on-screen messages stating that a ransom must be paid to regain access . In most cases, cybersecurity experts warn against paying such ransoms for three reasons. Firstly, it may mean getting added to a "suckers list" that can be sold on to other ... (view more)

Thu
09
Apr
John Lister's picture

AT&T Fined $25M for Offshore Customer Data Leak

AT&T will pay a $25 million fine after regulators held it responsible for thieves taking personal details of 280,000 customers. The breaches were said to have occurred around November 2013 and April 2014, with the FCC beginning its investigation ... around May of 2014. It's the biggest ever such fine in the communications industry. The stolen information included the customers' names, part or all of their social security numbers, and some details about their account. On its own, the data wouldn't be enough for criminals to immediately steal money from customer's bank accounts, but could ... (view more)

Wed
08
Apr
John Lister's picture

Experiment Tracks Spread of 'Stolen Data' Online

A security research firm says more than a thousand people accessed a dummy database of personal details that it released as an experiment, though that number is much likely higher. It says the would-be criminals acted far faster than most security ... breaches take to fix. The experiment was the work of BitGlass, a company that offers security services for cloud computing firms. The firm wanted to test how quickly a 'leaked' set of personal data would spread around the world; to do so, BitGlass made an Excel file that contained 1,568 sets of names, phone numbers, addresses, credit card ... (view more)

Wed
18
Mar
John Lister's picture

New Yahoo Login System Uses No Password

Yahoo has introduced an option to log in without needing to remember a password. It requires a cellphone and may trade security for convenience. Under the new system, which is optional, users can choose not to use a standard passwords for future ... log-ins. Once activated, the system will mean a button appears on Yahoo's site when the user is ready to log in to the account. When the user clicks this button, Yahoo sends a one-time only, four character password to the user's cellphone. Once the user logs in, the password field becomes inactive. The process is then repeated the next time ... (view more)

Thu
12
Mar
John Lister's picture

Patch To Fix FREAK Bug is a Must-Install

Microsoft has joined Apple and Google in releasing browser security updates to patch a bug dubbed FREAK. The bug could make it easier for hackers to decrypt data that intercept from website users. The vulnerability of FREAK doesn't allow hackers to ... see data in plain sight. Instead, it allows them to remotely change what's meant to be a secure website connection into an unsecure one, meaning that previously encrypted data would then travel without any encryption. To be of any use, a hacker would need to combine the FREAK exploit with another vulnerability that let them intercept data, ... (view more)

Wed
25
Feb
John Lister's picture

Google to Block and Ban Sites With Risky Downloads

Google has added a new measure to protect users from visiting risky websites. It's now going to warn users about bogus downloads, even before they go to the website concerned. The changes will affect Google Search, users of the Chrome browser, and ... advertisements provided by Google to third-party websites. Safe Browsing Warnings Extended to Chrome Google's Chrome browser will now contain special warning messages built into the web browser. The warnings are part of Google's Safe Browsing Service , which is also available as a third party API (application program interface). Parts of the ... (view more)

Tue
24
Feb
John Lister's picture

Lenovo, Superfish Spyware Prompts Class Action Suit

PC manufacturer Lenovo may have to defend a class action lawsuit after it reportedly sold notebook computers that contained unwanted adware. The lawsuit follows the revelation that the adware had the potential to spy on users. The case involves a ... piece of software called Superfish. It was designed to look at images users were viewing online, identify items, find websites selling the item at a cheap price, and display an offer in a pop-up window. The software came pre-installed on some Lenovo notebook PCs and integrated with multiple browsers. Superfish came under several different categories ... (view more)

Thu
19
Feb
John Lister's picture

Windows 10 to Widely Support Fingerprint, Key Logins

Windows 10 will support a key standard for security measures designed as an alternative to the traditional password. It could make it easier to use methods such as fingerprint recognition or a "key-like" USB stick. Microsoft has confirmed the ... operating system will support the Fast Identity Online (Fido) standards. That's an industry-wide specification supported by tech firms such as BlackBerry and Google and financial firms such as PayPal, Discover and Visa. (Source: windows.com ) Fido isn't specific to any one device, but rather is a specification about the way computers ... (view more)

Wed
18
Feb
John Lister's picture

Microsoft Cloud Gets Data Privacy Promise

Microsoft has signed up to an international standard for protecting customer privacy with online data. Among other measures, Microsoft promises to tell customers when the government demands access to their data. The company has followed ISO standard ... number 27018, which are guidelines set forth by the International Organization for Standardization. It's an attempt to set internationally recognized rules and regulations for the way "personally identifiable information" is handled in cloud services, and where data is stored or processed online rather than on the user's own computer ... (view more)

Tue
17
Feb
John Lister's picture

Report: NSA Hacked Hard Drive Firmware for Spying

The US government has been accused of embedding spyware directly onto hard drives using secret manufacturer information. Russian security software manufacturer Kaspersky Lab made the claims, and stem from its efforts to find and eliminate malicious ... software. Kaspersky says officials appear to have only used the spyware to target specific, foreign-based individuals. Kaspersky says that the spyware is part of an operation controlled by the National Security Agency (NSA) , under the name Equation Group. It claims the NSA figured out how to put spying software in the firmware of hard drives made ... (view more)

Pages

Subscribe to RSS - Security