Monthly Archives: June 2012

PayPal starts bounty program for security bugs

PayPal starts bounty program for security bugs

If you've found a security issue with PayPal, you could receive a monetary reward for informing the firm responsibly.

SSCC 93 - Flame, LinkedIn, FISA, Patch Tuesday, border snooping and the BlueHat prize

Sophos Security Chet Chat

Michael Argast joins Chet once again to discuss Flame, LinkedIn, warrantless wiretapping, Patch Tuesday, border patrol spying and Microsoft's BlueHat prize.

In memoriam - Alan Turing's 100th birthday

In memoriam - Alan Turing's 100th birthday

Alan Turing is probably best known to the public for his cryptanalytical derring-do at Bletchley Park, UK, during the Second World War.

But it is Turing's ever-present Halting Problem which teaches us the most about modern-day computer security. We salute his pioneering work.

US Senate proposes national data breach notification act

US Senate proposes national data breach notification act

A new bill has been brought before the US Senate that would unify data breach notification laws across the United States. Read on for what's protected and how it would work.

Encoding malicious PDFs as XDP files to bypass anti-virus? No need to panic

Encoding malicious PDFs as XDP files to bypass anti-virus? No need to panic

GovCertUK, the UK Government's Computer Emergency Response Team, had issued an alert warning that attackers could bypass gateway anti-virus software to infect organisations, by encoding malicious PDF files into the XDP format.

Apple patents clone-making technology to sabotage electronic profiling

Apple patents clone-making technology to sabotage electronic profiling

Apple has filed a patent for making clones of your online identity that will serve up misinformation to data collectors, thus polluting the data stream that feeds electronic profiling.

Convicted sex offenders must reveal their criminal status on Facebook, says Louisiana law

Convicted sex offenders must reveal their criminal status on Facebook, says new Louisiana law

Starting August 1, convicted child predators and sex offenders in Louisiana not only have to register with the local authorities, such as police and schools, they will also be required to post their criminal status on their Facebook page.

Sophos CEO targeted by email scammer

steve-thumb

Sometimes email scams can contain facts that make them surprisingly believable.

As Sophos CEO Steve Munford recently discovered. The question is - was he specifically targeted, or was it just coincidence?

Do the Mac App Store and Gatekeeper provide sufficient protection?

app-store-gatekeeper

Apple is pushing its users more and more to download apps from the Mac App Store. But what happens if the software on the Mac App Store is less secure than non-App Store versions?

What happens when you report abuse on Facebook?

What happens when you report abuse on Facebook?

If you encounter abusive content on Facebook, do you press the "Report abuse" button?

Facebook publishes an infographic, showing how it handles abuse reports from its 900 million users.

Practical IT: How your firm can better secure access to social networks

business-social-networking_thumb

Facebook’s potential to ruin (or make) your business is a common news topic. We've looked into the risks, and how businesses might provide a more secure way of accessing social networks.

LinkedIn slapped with $5 million class action suit over leaked passwords

LinkedIn slapped with $5 million class action suit over leaked passwords

LinkedIn has been served with a potential $5 million class-action lawsuit on behalf of all users that charges the company with failing to use "basic industry standard" security practices.

Data breaches aren't just about website insecurity and internet hacking...

Data breaches aren't just about website insecurity and internet hacking...

The Belfast Health and Social Care Trust in Northern Ireland, UK, has been stung with a £225,000 ($350,000) fine for a data breach.

In this case, though, the break-in was physical and the stolen data existed in printed form or on film...

European aeronautical supplier's website infected with "state-sponsored" zero-day exploit

European aeronautical supplier's website infected with "state-sponsored" zero-day exploit

In what has all the hallmarks of a state-sponsored attack, the website of a European aeronautical parts supplier had been hacked, and had a zero-day Microsoft security vulnerability planted upon it.

Twitter account hack epidemic - Don't fall for "CNBC" spam!

cnbc-twitter-thumb

Throughout the month of June, Twitter accounts have been getting hacked and have subsequently been sending spam that links to fake CNBC news articles. Be cautious about links in direct messages or tweets, even if they're sent from a friend's account!

Danger! Unpatched Microsoft security vulnerability being actively exploited

Danger! Unpatched Microsoft security vulnerability being actively exploited

Although security software can protect against this vulnerability, let's hope that Microsoft can release a proper patch against it - it's being actively exploited in the wild.

Want to disable Facebook facial recognition? Read this

Facebook and Apple to help draft facial recognition rules

Facebook's facial recognition feature comes with a privacy health warning.

Read this if you don't want Facebook to suggest your name to Facebook friends when they upload a photo of you.

Facebook to pay out $10 million to settle 'Sponsored story' lawsuit

Thumbs up, courtesy of Shutterstock

Facebook has agreed to pay out $10 million to settle a class action lawsuit brought by users unhappy over the use of their details in Sponsored Story ads.

LinkedIn spam leads to pump-and-dump stock scam

linkedin-spam-thumb

Spam emails claiming to come from LinkedIn appear to encourage investors to buy shares in a company, with the intention of making money by pumping-and-dumping the stock.