Latest Articles

Google Drive security hole leaks users' files

Google Drive security hole leaks users' files

The flaw, which Google recently patched, was giving out original documents to unauthorized users via embedded links. It's yet another example of how storing documents "in the cloud" means "heaven knows with whom".

Google lawsuit highlights why every business needs to manage its online presence

Google lawsuit highlights why every business needs to manage its online presence

Virginia restaurant owner Rene Bertagna is suing Google, claiming that his business' listing was sabotaged by a competitor and that the web giant turned a blind eye.

Patch Tuesday wrap-up, July 2014 - Adobe fixes "Rosetta", plus a new risky file type on Windows...

pt-250

Patch Tuesday for July 2014 is just behind us in the case of Microsoft and Adobe, and just ahead of us in the case of Oracle.

Paul Ducklin tells you what you need to know...

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

The Russian man's father conjectures that, for all he knows, this may be a ploy for the US to get bait to exchange for Snowden.

Australian police using tower dumps to slurp mass phone data

Australian police using tower dumps to slurp mass phone data

Australian federal and state police have joined the ranks of mega-data slurpers - namely, the US, where 1 in 4 law enforcement agencies have reportedly used a "tower dump" - ordering phone providers to hand over personal information about thousands of mobile phone users, regardless of whether or not those people are under investigation.

Google's Android security chief: Don't bother with anti-virus. Is he serious?

android-antivirus-250

Google's chief security engineer for Android, Adrian Ludwig, claims that most users shouldn't bother with anti-virus and that security companies are overstating the problem of Android malware. Can he be serious? ...

How not to tell your customers how much you care about their security

phish-warning-250

We've written before about "what not to do" when sending emails to your customers.

Here's another example, with an explanation of why doing the right thing will be better for everyone - including your marketing team! - in the long run.

Police dog catches paedophiles by sniffing out their hidden hard drives

Police dog catches paedophiles by sniffing out their hidden hard drives

Police detection dogs are the latest tool in investigators' arsenal when it comes to finding gadgets that might contain illegal images of child abuse, sometimes hidden in metal tins four layers deep inside a filing cabinet.

Holiday snaps and nuclear intel: The NSA's data capture exposed

NSA catches only 10% of data legally, but is it a fair trade off?

That leaves large-scale privacy invasion on 90% of 160,000 analysed messages swept up illegally by the NSA. But credit where credit is due: the legal 10% of intercepts have significant intelligence value, including data about a secret overseas nuclear project and double-dealing by an ostensible ally.

Remember macro viruses? Infected Word and Excel files? They're back...

vba-wordexcel-250

In 1995, a macro virus called Concept changed the malware landscape completely for several years.

Infected Word and Excel files finally died out in the early 2000s, but as SophosLabs researcher Gabor Szappanos explains...they're back!

Student jailed for refusing to hand over password to police

Student jailed for refusing to hand over password to police

Christopher Wilson, who has his own business programming artificial intelligence systems, is suspected of hacking into police websites and using a voice-changing device to make hoax telephone calls warning of a cyber attack. When detectives asked Wilson to reveal his computer password to aid in their investigation he refused.

Monday review - the hot 22 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Patch Tuesday for July 2014 - 6 bulletins, 2 RCEs, 3 EoPs and get ready to reboot

pt-2014-07-250

Here's what to expect from Microsoft in the July 2014 edition of Patch Tuesday, scheduled to ship on Tuesday 08 July 2014...

Is Apple slack at security on iOS? 60 Sec Security [VIDEO]

60ss-video-250

What went wrong with PayPal's 2FA? Why did Microsoft do an email U-turn? Is Apple slack at security on iOS?

It'll only take a minute to find out...

SEA hacks Israeli Defence Force Twitter account, posts bogus nuclear warning

SEA hacks IDF Twitter account to post a bogus nuclear warning

The Syrian Electronic Army hacked the Israeli Defense Force's Twitter account and posted a bogus warning about an imminent nuclear attack. The hack comes less than a week after the SEA took aim at the IDF's official blog.

Russia's latest internet law proposal - anti-NSA, or pro-FSB?

Russian computer. Image courtesy of Shutterstock

Russia's parliament, the State Duma, has heard another internet freedom bill requiring foreign web firms to host any data on Russia citizens within Russia's borders. This would mean the likes of Google and Facebook would need to set up datacenters within Russia and redesign their operations so that individual user data would only be stored inside the country.

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

chet-chat-logo-featured-250

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Coinbase wallet app in SSL/TLS SNAFU

Bitcoin digital wallet

The popular Bitcoin wallet Coinbase has a security flaw in its Android apps which could allow an attacker to steal authentication codes and access users' accounts, according to a security researcher.

Coinbase is far from alone in leaving its wallet app users vulnerable, so what should you do to stay safe when using mobile banking apps?

Facebook's experiment on users - what would it take for you to finally quit? [POLL]

Facebook's experiment on users - what would it take for you to finally quit? [POLL]

Facebook is taking heat once again for perceived invasion of privacy, after it disclosed a research experiment conducted on users without their explicit consent.

What do you think? Have you finally had enough of Facebook's privacy invasions to say "enough is enough"? Take our poll...

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.