Articles by John Hawes

About John Hawes

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.

Police push for phone screen locking by default

Locked phone. Image courtesy of Shutterstock

The UK's Met Police has been putting pressure on mobile device makers to enable screen locks on all new mobile devices, to encourage better security and reduce theft.

1.2 billion logins scooped up by CyberVor hacking crew - what you need to do


Hackers have amassed a vast collection of stolen data, including 1.2 billion unique username/password pairs, by compromising over 420,000 websites using SQL injection techniques. This data haul may yet turn out to be a 'Heartbleed' moment for website owners who assume their sites are too small to be of interest to hackers.

Oxford and Cambridge in the race to eliminate passwords

Oxford and Cambridge in a race to eliminate passwords

Cambridge University is working on a technology-oriented approach where multiple small devices create an "electronic aura". Meanwhile a company spun out of Oxford University is developing biomechanical methods based on the way people move, behave and interact with their devices.

Google tips off cops after spotting child abuse images in email

Google tips off cops after spotting child abuse images in email

A 41-year-old resident of Houston, Texas has been arrested after Google tipped off police that they had spotted child abuse images in his emails.

Canada joins US in openly accusing China of state-sponsored hacking

China. Image courtesy of Shutterstock

The Canadian government has accused China of being behind a "cyber intrusion" at the National Research Council of Canada (NRC), the country's main science and technology research body. Few details of the intrusion have emerged so far, and given the Read more…

500,000-per-day SMS spammer gets just £4,000 fine

500,000-per-day SMS spammer gets just £4,000 fine

An Indian call-centre operator has been fined by a London court for breaching Data Protection laws, but despite his operation bombarding UK cell phones with spams, his punishment amounts to little more than a slap on the wrist.

Shopping site reports 3-year-old data breach

Australian shopping site reports 3-year-old data breach

Australian shopping website CatchOfTheDay has warned customers of a data breach dating back to 7 May 2011, urging anyone who has kept the same password at the site since that date to change it.

Russia's latest internet law proposal - anti-NSA, or pro-FSB?

Russian computer. Image courtesy of Shutterstock

Russia's parliament, the State Duma, has heard another internet freedom bill requiring foreign web firms to host any data on Russia citizens within Russia's borders. This would mean the likes of Google and Facebook would need to set up datacenters within Russia and redesign their operations so that individual user data would only be stored inside the country.

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.

Payment card survey - where does your country sit on the fraud list?

Payment card fraud survey - where does your country sit on the list?

6,159 people were questioned by ACI Worldwide in 20 countries around the world, on a range of topics including incidents of fraud, risky behaviours which may put people at greater fraud risk, the issuing of replacement payment cards in response to data breaches, and satisfaction with banks' security processes and handling of fraud incidents.

Europe improving anti-cybercrime cooperation, but what about US and China?

Europe improving anti-cybercrime cooperation, but US-China links turning sour

Cybercrime is a global danger, so it's vital that agencies in different jurisdictions work together to investigate and prosecute crimes being committed across borders. Any step away from full cooperation is a step in the wrong direction.

Serial hacker Cameron Lacroix gets four year jail term after taking plea bargain

Man behind bars. Image courtesy of Shutterstock.

A serial hacker with a long history of computer offences has pleaded guilty to computer intrusion and access device fraud charges, accepting a sentence of four years in jail in return for his plea.

37% of Canadian Justice Department fail phishing awareness test

37% of Canadian Justice Department fail phishing awareness test

An in-house awareness test run late last year at Department of Justice Canada has revealed that a good percentage of its employees are for the most part fairly easy to trick with phishing scams.

Our online advertising model fails have put us all in danger

Pig. Image courtesy of Shutterstock.

Why hand over hard-earned cash for something when we can get the same thing for free? It seems like a no-brainer, but our unwillingness to pay for things directly has led the internet into a dark and dangerous corner where a dependence on advertising is putting our privacy and security on the line.

11 arrested as Europol busts Bulgarian carding gang


A joint operation between French and Bulgarian law enforcement, backed by Europol's European Cybercrime Centre, has brought down a carding gang operating out of Bulgaria and targeting victims in France and other European countries.

Chinese government shuns Windows 8 - security, economy or politics?

Chinese government shuns Windows 8 - security, economy or politics?

China is banning the use of Windows 8 in government departments, with an announcement from the country's Central Government Procurement Center nicely timed to add to the sizzling diplomatic row between China and the US.

Cops get serious about cybercrime, and not before time


The world's police forces are, it seems, starting to appreciate the scale and significance of the cybercrime problem.

Let's hope the process of international co-operation continues to pick up the steam we've been seeing in the last few weeks.

Can we trust anyone with our personal info?


Two very different criminal cases have just concluded on opposite sides of the Atlantic, showing how vulnerable our personal information is.

John Hawes explains why it's not just the Target-type megabreaches that are cause for concern...

Anti-piracy group warns about malware-riddled sites - fair, or scaremongering?


According to a study carried out by Incopro and published the Industry Trust, all but 1 of 30 sites investigated served malware, potentially unwanted software or some form of credit card fraud. But the report has been described by some as "biased", "misleading" and "scaremongering through carefully chosen statistics".

The internet of everything - bringing more risk to more places


The Internet of Things (IoT) is a ubiquitous buzz-phrase these days. The idea is that just about everything we make or use could be connected, allowing anything to be remotely controlled or monitored.

What could possibly go wrong?