Security

Google says it has found half a dozen major security flaws in Apple's iPhone messaging system. A new iOS update fixes five of the problems, but Google says one remains unpatched. The flaws were discovered by Google's Project Zero, a department that ... takes its name from the idea of "zero day" bugs . That's where would-be hackers become aware of a security issue before the relevant software developers are able to patch the bug. The zero day bugs are then exploited which often results in elevated privileged access levels given to a rogue program. The problems are with iMessage, the instant ... (view more)

Financial records of almost every adult in Bulgaria have been stolen in a cyber attack. It's led to the unlikely situation of the country's leader reportedly exaggerating the attacker's skills. One man has been arrested following the attack, which ... looks to have involved unauthorized access to a database with records for every working adult in the country. That's almost five million people. There's some debate over exactly what was involved in the breach. Press reports suggest it not only included personal information such as date of birth and address, but also tax ... (view more)

A security firm says hackers have hijacked 180,000 routers in Brazil alone so far this year. They target people who haven't changed the default login for the router's control system. According to Avast, there have been more than 4.6 million attempts ... to modify router settings remotely. Although the attacks were targeted at people using particular Internet service providers in Brazil, there's no reason the same tactics couldn't work elsewhere. The goal of the attacks is to change the DNS settings on a router. In simple terms, that's like the address book that a router uses to turn a website ... (view more)

Microsoft has warned users about a complicated but cunning malware attack that might not be caught by all security tools. The "Astaroth" malware doesn't actually exist as a file in its own right. The main risk to users from Astaroth is that it ... includes a keylogger. This means it can access everything victims type, including passwords and other sensitive data. That's one of the reasons sites such as online banks often ask users to type specific characters (such as third and eighth) rather than an entire password. Malware Hides Within Windows What makes Astaroth so hard to detect is ... (view more)

An airline faces a fine of more than $200 million after its customers were hit by a hacking scandal. Around 500,000 worldwide customers of British Airways were affected by the breach. British Airways reported the breach in September last year. It ... doesn't appear that the hackers were able to get into BA's system and take any customer data that way. Instead, traffic to the site was hijacked. The attack is believed to have begun last June and involved the hackers exploiting security flaws in the design of BA's site. They were able to intercept traffic to the site and redirect visitors to a bogus ... (view more)

Officials in Lake City, Florida have voted to pay half a million dollars to hackers to regain access to computer files. It's the second such payment by a local government in the state in as many weeks. Lake City's government computer system was hit ... by a ransomware attack in which hackers remotely encrypt files and then demand payment to unlock them. They asked for 42 units of the digital cryptocurrency Bitcoin, worth roughly $500,000. That payment method makes it much harder to trace the recipients. The good news in this case is that public safety networks are unaffected and that all ... (view more)

A report suggests that thousands of apps on the Google Play store are in fact counterfeits made to look like the legitimate app, but instead pose a major security risk to users. The study says such apps ask for dangerous levels of access to the ... phone or are packed with advertising. The study is a joint effort of the University of Sydney and Australia's national science research agency CSIRO. It took two years to carry out and involved trawling through 1.2 million apps to look for potential counterfeits. Rather than have humans check each app uploaded to Google Play (which would be entirely ... (view more)

Mozilla has issued an emergency patch for the Firefox browser that is a must-install. It fixes a security gap that hackers are actively exploiting on compromised websites that serve up malicious code. How to Patch Firefox For most users, restarting ... Firefox should be enough to trigger the update. Users can also click the menu icon near the top right of the browser (the three vertical bars), then scroll all the way down near the bottom and click the "(?) Help" sub menu, then click the "About Firefox" option, which will trigger the update. Once the update has been downloaded, Firefox ... (view more)

Samsung has warned owners of its Smart TV ranges to run virus checks. It then quickly deleted the warning after a negative response online. The company posted on Twitter with a 19 second video showing how to access a sub-menu that would start a ... virus scan. The post read: "Scanning your computer for malware viruses is important to keep it running smoothly. This also is true for your QLED TV if it's connected to WiFi! Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks. Here's how." The video showed that users needed to go through no fewer than 11 ... (view more)

Developers have been shocked to discover their apps for the Windows Store are carrying scam advertising. They are blaming Microsoft for not properly vetting the ads it inserts into the apps. The apps in question are for Windows 10 and are part of ... the "modern Windows experience" which lets users get software from an the official Microsoft Store similar to Google Play (for Android) and Apple's App Store (for iOS devices). The only difference is that Windows also allows users to download and install programs directly from software developers. App makers who use the Windows Store have ... (view more)