Thanks to Ars Technica and H-online.com, we now have intimate details of the Anonymous attack against security research company HBGary. There are no surprises in how the attacks where carried out, but we can draw many morals from the story, even if we've heard them time and time before.
Keir Thomas | 08 Mar | Read more
The Android world is still reeling from the DroidDream invasion of the Android Market. Google has flipped the kill switch to wipe out apps associated with DroidDream, but the work of investigating how this Android Trojan infiltrated Google, and how to prevent similar attacks in the future is just beginning.
Tony Bradley | 08 Mar | Read more
Attention! Dear Depositor -- the FDIC (Federal Deposit Insurance Corporation) is not sending you an e-mail with a mysterious ZIP file attachment. If you receive such a message claiming to be from the FDIC, don't be fooled. The e-mail is a phishing attack, and the attachment is actually malware.
Tony Bradley | 19 Feb | Read more
There have been a number of attacks recently against high-profile social networking accounts -- French President Sarkozy, teen pop star Selena Gomez, and even social network wunderkind and Facebook founder Mark Zuckerberg have all fallen prey. Web surfing and social networking are here to stay, so the trick is figuring out how to protect your computer and your personal information while you're online.
Tony Bradley | 01 Feb | Read more
Facebook straddles a precarious line when it comes to information security and data privacy. As a social networking site, its very existence is based on the premise of freely sharing information -- status updates, photos, likes, location check-ins -- with others. However, that sharing has to be tempered as well to ensure personal privacy is not violated. This week, Facebook simultaneously introduced a new ad model that could infringe on user privacy, while also improving security for the site itself.
Tony Bradley | 28 Jan | Read more
Facebook should overhaul its third-party developer program and require every app on the social network to go through an approval process, security firm Sophos says. The suggestion was part of Sophos' annual security threat report for 2011, published Wednesday. The report takes a look at threats from 2010, and offers advice on how to stay secure for the coming year. Sophos said in 2010 it analyzed 95,000 pieces of malware every day, almost double the amount the company tracked in 2009.
Your home address and phone number are now part of the information dump third-party developers can obtain through Facebook-powered Website logins and applications.
Most users are already aware of the risks presented by cookies, the small data files that browsers save on our computers to remember things like login details, or Website preferences.
Keir Thomas | 14 Jan | Read more
One of the easiest ways for attackers to lure victims is by planting malware on seemingly innocent-looking Web sites, or actually compromising legitimate Web sites. Google is doing its part to help users make informed decisions about the sites they visit, and avoid having their PCs infected with a new hacked site identification feature being added to Google search results.
Tony Bradley | 18 Dec | Read more
Unless you've been leading a Luddite existence -- off camping in the Rockies or something -- you are probably aware that Gawker was the victim of an attack which exposed passwords and led to a deluge of Twitter spam. The silver lining of this incident is that it gives us yet another opportunity to examine real-world passwords and hopefully learn a lesson or two...but don't hold your breath.
Tony Bradley | 16 Dec | Read more
It's a strange world. When Amazon Web Services booted Wikileaks off its servers last week, many people (including me) said it raised significant questions about the rush into cloud services.
Keir Thomas | 16 Dec | Read more
A vulnerability in the Android browser could permit an attacker to steal the user's local data, according to a report yesterday from security expert, Thomas Cannon.
Katherine Noyes | 25 Nov | Read more
Google has begun testing an intriguing plugin for Microsoft Office. Google Cloud Connect is a devastatingly simple concept: rather than save your files to your computer's hard disk, it allows you to save them to your online Google Docs space.
Keir Thomas | 24 Nov | Read more
With Black Friday quickly approaching, and retailers racing to outdo each other with earlier and earlier deals, it is safe to say that the holiday shopping season has begun. If you're shopping online, though, and paying with PayPal -- be warned. There is a phishing attack targeted just for you.
Tony Bradley | 17 Nov | Read more
Yesterday was sort of a busy day for Adobe security. Of course, that doesn't seem like such an uncommon occurrence these days. Adobe issued an update to address a security flaw in Flash, and followed up with a new security advisory about a vulnerability impacting Adobe Reader.
Tony Bradley | 06 Nov | Read more