A California man who dug up sensitive information belonging to U.S. service members on peer-to-peer networks, and then used it to order iPods, cameras, and even washing machines from an online store, was sentenced to 75 months in federal prison Thursday.
Robert McMillan | 16 Sep | Read more
Symantec Vision 2011 Sydney in pictures
Neerav Bhatt | 13 Sep | Read more
A group of security researchers based in Egypt have created a tool that will make <a href="http://www.csoonline.com/article/651490/social-engineering-attacks-highlights-from-2010">social engineering</a> easier because it automates the collection of hidden <a href="http://www.csoonline.com/article/print/%1Dhttp://www.csoonline.com/article/497076/5-facebook-twitter-scams-to-avoid">Facebook</a> profile data that is otherwise only accessible to friends in a user's network.
Joan Goodchild | 14 Sep | Read more
When you're in charge of a company's security, you have to actively seek out its weaknesses and then determine how to shore them up. That's what I've been up to lately, as an an offshoot of my <a href="http://www.computerworld.com/s/article/358142/Keeping_the_DMZ_Safe">efforts to harden the DMZ</a>.
Mathias Thurman | 13 Sep | Read more
Researchers analysing the impact of domain typo-squatting on Fortune 500 companies found that 151 lost sensitive information by senders using mis-spelt email addresses.
Two researchers have shown how a modded version of the <a href="http://news.techworld.com/security/3245908/new-firefox-add-on-hacks-in-to-facebook-and-twitter-sessions/">Firesheep Wi-Fi sniffing tool</a> can be used to access most of a victim's Google Web History, a record of everything an individual has searched for.
John E Dunn | 11 Sep | Read more
Google is directly contacting users in Iran, who may have been compromised by a rogue SSL certificate, to recommend measures to secure their accounts.
John Ribeiro | 09 Sep | Read more
Following the high-profile hack of DigiNotar, the makers of the Firefox browser are asking issuers of digital certificates to take a hard look at their internal security and to report back in a week.
Robert McMillan | 09 Sep | Read more
Iranian internet users whose security may have been compromised by the forged Google.com digital certificate could number in the hundreds of thousands. An interim report (PDF) commissioned by DigiNotar, the certification authority (CA) at the centre of the hacking incident, also reveals lax security at the Dutch firm.
Stilgherrian | 06 Sep | Read more
On 28 August Iranian citizens were subjected to a far reaching cyber snooping operation made possible by an attack on Dutch certificate authority DigiNotar.
Since the outbreak of civil unrest in the Middle East, we have seen an increased focus on the role played by social networking and mobility. When these two technologies are combined, the ability of a ‘flash mob’ to rally behind a single idea, or to a single location, has greatly increased.
Rob Forsyth | 05 Sep | Read more
Technology is a wonderful thing but while the majority of people will use it for proper and honest purposes, there will always be a small percentage who will use it for unethical reasons. And this is an important point to make – people use the technology for illegal or immoral purposes; the technology itself is not the issue.
Neil Gaughan | 05 Sep | Read more
The impact of the breach of Dutch Secure Sockets Layer (SSL) certificate authority (CA) DigiNotar has widened as Dutch authorities confirm its own certificate program was compromised in the attack, likely meaning a massive clean up job for its websites.
It is hard not to be the center of controversy when you're a site like WikiLeaks that <a href="http://www.pcworld.com/businesscenter/article/239196/wikileaks_cable_apple_slow_to_counter_chinese_fakes.html">specializes in exposing information</a> that was never intended for the general public. The whistleblowing, freedom of the press advocate is in hot water again as it is the victim itself of a breach that exposed US State Department communications that had been leaked to it.
Tony Bradley | 03 Sep | Read more
A faction of the infamous hacktivist collective Anonymous appears to be branching off from the group's social responsibility mission and getting into the celebrity snooping business.
John P. Mello Jr. | 03 Sep | Read more
Besides the fraudulent security certificates Dutch authority DigiNotar issued for Google.com, more were made for Yahoo.com, Mozilla.org, torproject.org, wordpress.org and an Iranian blogging platform, Baladin, according to a Dutch report.
About a month ago I received an email from Blizzard Entertainment stating that a new World of Warcraft account had been started using my personal Gmail address. Someone with the user name of "Zhang" was hoping to do a little night elf adventuring using my data. I got on the phone with Blizzard right away, and they canceled the account faster than you can say Ogrimmar.
Angela West | 31 Aug | Read more
After being dumped as a trusted SSL certificate authority by <a href="http://www.networkworld.com/subnets/microsoft/">Microsoft</a> and Google browsers, Dutch CA <a href="http://www.networkworld.com/news/2011/083011-google-says-gmail-attack-focused-250231.html">DigiNotar</a> has suspended its sale of certificates.
Tim Greene | 31 Aug | Read more
Google said late Sunday that an attack mounted against its Gmail service targeted users primarily located in Iran, although the company has taken steps to block further interception attempts.
Jeremy Kirk | 30 Aug | Read more
Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.
Gregg Keizer | 30 Aug | Read more