Security

Thu
05
Jul
John Lister's picture

App Developers Could Be Reading Your Gmail

Google has confirmed that third parties may be able to read your Google email (Gmail) messages. The resulting controversy comes from a lack of clarity over its permission settings. The issue isn't about Google itself reading email messages. ... Previously, Google servers would scan email messages for keywords, then use targeted advertisements based on those keyboards whenever users logged into Gmail to read their emails. However, Google has dropped this policy last year and instead bases its ads on other information, such as Google web searches and YouTube viewing. The latest controversy relates ... (view more)

Thu
28
Jun
John Lister's picture

Swann Home Security Cam Sends Pics, Video to Wrong Users

A home security camera user was shocked to receive video from another user when she used a mobile app. The manufacturers say it's a one-off incident caused by human error. According to the BBC, Louisa Lewis has used her security camera since ... December. The set-up means that when the camera's motion sensor is triggered, it makes a recording and sends an alert to her mobile phone, complete with a clip. (Source: bbc.co.uk ) However, last week she began receiving clips from another family's camera instead. After a string of alerts, she contacted the manufacturers. They later stopped the clips ... (view more)

Wed
27
Jun
John Lister's picture

Lookalike Domain Names Yet Another Browser Scam

A security firm says efforts to make the Internet truly global could make scams easier. It also says a program for registering domain names in numerous languages can be abused for scam purposes. The issue involves the Internationalized Domain Name ... (IDN) system. This builds on the original Domain Name System (DNS) that helps 'translate' a web site name (such as www.infopackets.com ) into an IP address. These numbers then identify the location of the server, which then allows communication between the server and client machines (such as a web browser) to take place. The basic Domain Name System ... (view more)

Tue
26
Jun
John Lister's picture

Android Apps Now have Secure ID; Avoid Malicious Installs

Google is to mark Android apps to show they originated in the Google Play store. It's described as a security measure that could be particularly helpful in places with unreliable data connections. The change is to APK files, which stands for ... "Android PacKage"; these are files used to install an Android application on an Android device. Whenever you download an app from the Google Play store, it's always an APK file which is installed. However, the format is also the same if the app were to be downloaded from a third party website. Google is adding security metadata to all APKs ... (view more)

Tue
05
Jun
John Lister's picture

Browsers to Support Fingerprint Logins to Websites

Google's Chrome browser may soon support biometric logins to websites such as fingerprints. It follows on from Firefox becoming the first major browser to support biometric logins just a few weeks ago. Both browsers are supporting "WebAuthn," a web ... standard for authenticating logins without passwords. While it's a big step, it's only half the journey as the standard also has to be supported by the websites in question. (Source: digitaltrends.com ) The standard has been jointly developed by two key groups. The World Wide Web Consortium is the main body that develops standards for ... (view more)

Wed
23
May
John Lister's picture

Microsoft: New Processor Bug Could Leak Data

Both Microsoft and Google are warning of another bug in computer processors. It's similar to previous bugs known as 'Spectre' and 'Meltdown'. For now the new issue has the less dramatic codenames 'Speculative Store Bypass Variant 4' and ... 'CVE-2018-3639'. As with Spectre and Meltdown , it involves a processor function known as speculative execution that's meant to improve computation processes. Unlike some bugs, it's classed as a low risk to users but is significant because of the sheer number of computers that could be affected. The processor is the part of the computer that physically carries ... (view more)

Wed
11
Apr
John Lister's picture

New Ransomware Demand: Play Video Game, Not Cash

A newly unleashed ransomware attack doesn't force victims to pay money to regain access to files. Instead, it demands they play a video game. It's not clear yet what the point of the attack is, though it's most likely the work of a prankster who ... wants to test their skills at creating and distributing ransomware without doing any permanent harm. Ransomware is a form of malware that encrypts files on a computer and normally only unlocks them if the victim pays a fee. In most cases every file on the computer is encrypted, meaning that victims are locked out of their systems and unable to access ... (view more)

Thu
05
Apr
John Lister's picture

Chrome Browser PC Scans Come As Surprise

Google Chrome users have been surprised to discover that the Chrome browser scans their computers in search of malware. It doesn't appear to be a reason to panic, but arguably Google could have been more up front about it. The scans were spotted by ... Kelly Shortidge who works at a cyber security company. She noticed that the chrome.exe executable file (which is visible in Windows Task Manager) was scanning files in her Windows documents folder. On further investigation, she discovered Chrome has been doing this since around October, 2017. The scans are being done through Chrome Cleanup, a tool ... (view more)

Thu
29
Mar
John Lister's picture

Billion Dollar Cyber Crime Chief Finally Caught

A man has been arrested for allegedly stealing more than a billion dollars in cyber attacks. The tactics were so outlandish, they almost sounded like the words used by Richard Pryor's character in Superman III. The unnamed man was arrested in Spain ... after an investigation that involved officials from six countries on three continents plus private cyber security firms. The man is alleged to have led a gang that attacked more than 100 banks and other financial institutions around the world. The gang has been operating for at least three years using three forms of malware, known as Anunak, ... (view more)

Thu
22
Mar
John Lister's picture

US Blamed for Sophisticated Router Malware

Last week security researchers said a piece of malware named "Slingshot" was so sophisticated it was backed by a government. Now it appears that government was the United States and that the revelations may have compromised an anti-terror campaign. ... The original reports didn't name the country involved. That might not quell controversy, however the reports came from Kaspersky Labs, a security company based in Russia. Slingshot exploited a bug in a specific brand of routers. In simple terms, it was able to take advantage of the way the router updated its operating software on an ... (view more)

Pages

Subscribe to RSS - Security