Monthly Archives: May 2013

Facebook kicks out rape jokes and gender hate speech

Facebook kicks out rape jokes and gender hate speech

Facebook is reviewing its attitude to pages which contain violent or hateful speech - it's giving them a fly-kick right to the curb.

Android malware in pictures - a blow-by-blow account of mobile scareware

Fake anti-virus is mostly for Windows, with OS X a long way back in second place. But other operating systems aren't exempt from the depredations of cybercriminals.

Paul Ducklin shows you round some recently-discovered Android scareware...

Sorry? Is a US report recommending ransomware to target copyright thieves?

Sorry? Is a US report recommending ransomware to target copyright thieves?

Should suspected copyright abusers really have their computers attacked with malware in a bid to retrieve stolen data?

Harvard dean who authorized secret search of faculty email to step down

Harvard dean who authorized secret search of faculty email to step down

The Harvard University dean who approved a secret search of faculty email to track down a media leak about student cheating will step down on July 1, the dean announced on Tuesday.

Digital currency Liberty Reserve shut down by US governement

shutterstock_MoneyLaundry250

This week US authorities shut down Liberty Reserve, an online currency favored by cybercriminals. Will enforcement actions have any real impact on the underground economy?

PayPal refuses to pay bug-finding teen

PayPal refuses to pay bug-finding teen

A 17-year-old German student says he found a bug on PayPal's site but the company won't fork over the reward money. PayPal said someone had already found the bug but they also cited an age guideline that isn't actually included in its bug bounty program guidelines.

Australian government announces its National Cloud Computing Strategy

The Australian government has officially published its National Cloud Computing Strategy.

Sophos was involved in the committee that created this document...so we'd like to know what *you* think of it now it's out!

Face recognition API for Google Glass to be released this week

Face recognition API for Google Glass to be released this week

An API that will enable developers to program facial recognition into Google Glass apps is due to be released this week by Lambda Labs, a San Francisco startup. A co- founder says that the company will offer opt-out for face recognition, but is that enough to safeguard privacy?

Certificate pinning - first for websites, now for software?

certchain-250

You may have heard of certificate pinning. Microsoft is looking at applying the technology to signed software.

Have a listen as Patrick Gray, host of the renowned Risky Business security podcast, discusses the issue with Naked Security's Paul Ducklin.

Phishers try flattery with Facebook Page owners

Phishers try phlattery with Facebook fan page owners

Facebook phishers are targeting Page owners with a bogus message supposedly sent from Facebook Security. They've had such a trying time with stolen Pages, the posers say, that they simply must delete them all. Except yours! Yours has High Quality Content - initial capitalization and all!

Winners of the AusCERT 2013 #sophospuzzle (and how to solve it)

booth-photo-250

Here's how to solve the #sophospuzzle that was featured at Sophos's conference booth at AusCERT 2013.

And here are the five lucky winners of our prize draw...

Social media privacy explained - In plain English

shutterstock_onlineprivacy250

Researchers at Canada's University of Victoria have published a website, CATSMI, that provides information on more than 20 social networks privacy policies and what they mean to you.

Anatomy of a change - Google announces it will double its SSL key sizes

3-bits-for-8-250

Google just announced that its secure web pages will be ditching 1024-bit RSA keys in favour of 2048 bits.

We look at the lessons to be learned from whats, the whys and the wherefores of this change...

Monday review - the hot 21 stories of the week

Monday review

Catch up with everything we've written in the last seven days - it's weekly roundup time.

Patching your business, Yahoo breach, Google Glass, DDoS-for-hire - 60 Sec Security [VIDEO]

2013-05-25-glass-250

Our 60 Second Security videos are back!

We're aiming for a weekly roundup that's quick, fun and useful.

But there is a serious side: security anecdotes to use in your own "elevator advocacy."

Cybercrooks siphon $800,000 from US fuel distribution firm

Cybercrooks siphon $800,000 from US fuel distribution firm

Thieves drained $800,000 from a fuel distribution company in the US state of North Carolina earlier this month - a loss that the company attributes to its bank's having recently upgraded security systems. Unfortunately, its insurance policy won't come close to covering its losses.

Vermont slaps patent troll with first-ever suit of its kind

Vermont slaps patent troll with first-ever suit of its kind

Vermont's State Governor has signed the United States' first-ever anti-patent trolling law.

Which could be bad news for the patent troll who sent thousands of letters demanding payment from small businesses who - get this - used scanners.

Only 36% of small firms apply security patches. No wonder cybercrooks are stealing their cash

Foot and mompop shops

Small businesses are under constant attack from malware, scams and online fraud. They are simply woefully under-prepared to keep their assets safe. Despite reorganisation and redirected priorities, the police can still do little to help. Here are some general tips from the FSB to help firms better protect themselves.

Sophos RED scoops "Protector Award" at this year's AusCERT conference

We're proud to say that at this evening's 2013 Information Security awards at the AusCERT conference in Australia, Sophos scooped the "Protector Award" with its Sophos RED product.

Paul Ducklin says, "Well done" to the techies behind the technology...

Cyber security in US power system suffering from reactive, self-policed rules

Cyber security in US power system suffering from reactive, self-policed rules

John Hawes argued that what's needed is carefully considered defensive strategies combined with fast responses to new, unforeseen vulnerabilities.

Sadly when government and big business intersect, pragmatism and speedy reactions are rarely in evidence.