Monthly Archives: July 2013

ZeroAccess malware revisited - new version yet more devious

za-weird-250

Guess what? The authors of the infamous ZeroAccess malware have pushed out another update, and this time they're using some interesting techniques to stay alive longer.

James Wyke of SophosLabs explains...

$80 million yacht hijacked by students spoofing GPS signals

$80 million yacht hijacked by students spoofing GPS signals

Students from the University of Texas/Cockrell School of Engineering successfully managed to spoof a ship's GPS signals, sending counterfeit signals that slowly, subtly overpowered the authentic GPS signals until the ship ultimately came under their control

Bradley Manning: guilty of espionage but not aiding the enemy. But was justice served? [POLL]

Bradley Manning

Bradley Manning was found guilty on multiple charges of espionage, theft, computer fraud, violating a lawful general regulation and one charge of wanton publication of intelligence on the internet but not of aiding the enemy. He's now facing a lifetime behind bars. Let us know what you think about it in our poll.

Making progress with the BH2013 #sophospuzzle - some early questions answered

puzz-250

I'll try not to give away too much at this stage, but for those of you trying the #sophospuzzle, here are some answers to questions that have been asked more than once each already.

Including, "Why did you choose that programming language?"

Personal data on 72,000 staff taken in University of Delaware hack

Personal data on 72,000 staff taken in University of Delaware hack

The University of Delaware has joined the long line of recent data breach victims, with a compromised university system yielding personal information on 72,000 past and present employees.

UD authorities have notified those affected by mail, and email where possible. Investigators have been called in to pin down the scale of the breach, identify any additional risks and ensure those affected are properly informed.

UK report: Banks let e-criminals pinch gobs of money underneath the law's nose

UK report: Banks let e-criminals pinch gobs of money underneath the law's nose

A new government report blames a "black hole" wherein banks don't report fraud to investigators and/or investigators just don't bother to pursue the crooks. Instead, banks just reimburse customers.

We may be talking chump change, but high volume means it all adds up to a tidy profit for e-criminals.

Who likes porn sites better than Facebook or Twitter?

adults-only

Recent numbers from a web measurement company that tracks our online clicks show that fingers prefer dreamily wandering to porn sites over hanging out on social networks.

$300 million 'superhackers' are not so super after all

$300 million superhackers are not so super after all

Two of the five men that were part of "the largest ever hacking and data breach scheme in the United States", were caught thanks to some pretty obvious carelessness, posting their holiday snaps online and letting their mobile phones broadcast their location to the cops on their trail.

White House mulls waving cash at businesses to get them to beef up cybersecurity

White House mulls waving cash at businesses to get them to beef up cybersecurity

Specifically, the US government is reportedly thinking about tax breaks, insurance perks and limited lawsuit protection for organizations that opt in to standards that are now getting hammered out.

Win cool prizes in the BlackHat 2013 #sophospuzzle!

bh2013-sophospuzz-250

Delegates at BlackHat can enter in person to win a 3D printer from Cubify.

Naked Security readers can enter by email to win a remote controlled tank.

What are you waiting for?

PRISM: 50% of Americans approve of NSA's internet spying program

Prism

Half of Americans approve of their government's collection of telephone and internet data as part of anti-terrorism efforts even though they believe PRISM goes further than they have been told.

LinkedIn closes OAuth hole that could have let people tinker with your CV

LinkedIn closes OAuth hole that could have let people tinker with your CV

Heaven forbid a malware author erases your years of slaving as a sysadmin.

Monday review - the hot 20 stories of the week

Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Should the "Reboot! Shut up and reboot!" theory be applied to programs?

reboot-or-not-250

Tech-savvy website Ars Technica recently invited comments on an interesting thought about programming.

"Should programs randomly fall on their swords?"

Data Breach Week, SIMs cracked, carders busted - 60 Sec Security [VIDEO]

2013-07-27-simcrack-250

How safe is the SIM in your mobile phone? Could it be remotely infected with malware?

Possibly - watch this week's 60 Second Security video and find out more!

Sysadmin day? *SYSADMIN DAY*? Angry techie takes against Naked Security...

dearnaksec-250

No sooner had we launched our "Worst things to ask a sysadmin" poll than we received an anonymous email from a disgruntled sysadmin called Simon Oliver Meone.

He questioned the relevance of the questions in the poll...

Stanford University hacked, becomes latest data breach victim

Stanford University becomes latest data breach victim

Yet more passwords need changing, as America's prestigious Stanford University joins the long line of recent data breach victims. Although specific details remain scarce, an announcement from the university authorities urges all users, which may include staff and alumni as well as students, to ensure their details are checked and updated ASAP.

Ransomware tricks child sex abuse image addict into turning self in to cops

Ransomware tricks child sex abuse image addict into turning self in to cops

A US child abuse image collector turned himself in to police earlier this month, after ransomware hit his PC and showed messages warning him that the FBI were on to his nasty activities.

Five Gonzalez sidekicks charged with massive 160 million credit card number theft

Five Gonzalez sidekicks charged with massive 160 million credit card number theft

A US Attorney has announced charges against five men in connection with one of the biggest global data theft campaigns ever seen. Accused of working alongside Albert Gonzalez, currently serving 20 years in jail for his role in several waves of data breaches, the gang's activities may have cost their targets hundreds of millions of dollars.

Help a sysadmin: Common ground for security professionals and system administrators

Help a sysadmin: Common ground for security professionals and system administrators

A natural conflict often arises between System Administrators and the Security team. So how can you make a sysadmin happy today?

Despite the conflicting priorities, look a little deeper and you'll find plenty of shared goals.