Articles by John Hawes
There's been a sharp upturn in the numbers of phishing pages observed, with the majority of them hosted in China and targeting Chinese victims and sites, according to analysis of world phishing trends from the Anti-Phishing Working Group (APWG).
"Authorized users" were added to customers' bank accounts, allowing the alleged fraudsters to request new cards in their names to make purchases and withdraw cash. As with other recent cases, the weak link was supposedly working for AT&T in an outsourced job function.
Spec's, the fifth largest wine retailer in the US, has leaked 550,000 customers' card details, after some of its systems were compromised for close to 17 months.
In another case of a tech support cold calling scam, it seems Microsoft's free basic anti-malware was being installed for a fee ranging from £35 to £150. The owner of the support company insisted that his Indian call centre staff had carried out the scams against his wishes.
Today is World Backup Day! If your storage system fails, at work or at home, any valuable data could be lost for good. It's an essential task, but can be as simple or as complex as you choose. Here's our best practice for backing up your data.
Three men have been indicted in a New Jersey court, charged with participating in an identity theft conspiracy which could have cost its victims upwards of $15 million.
Pro-Russian Ukrainian hacktivist group, 'Cyber Berkut', claim to be behind the attacks on the main NATO public website. NATO insisted there was "no operational impact", but further cyber incidents are likely to emerge from the current political struggle between Russia and Ukraine.
Two-thirds of the UK's top 100 e-commerce sites are happy for their users to protect their account with feeble passwords such as "password" or "123456". This and other shocking password security practices in this study from Dashlane on UK ecommerce sites.
Universities seem to be evergreen targets for hackers, with two more breaches announced in the past week or so. This time it's the turn of North Dakota University System and Johns Hopkins University in Baltimore, Maryland.
In my day job as a tester of anti-malware solutions, I often get asked the same question: how do I plan to test against Advanced Persistent Threats, aka APTs? These threats are very different from your everyday malware, and testing protection against them turns out to be a very different kind of task.
An annual survey on computer security issues run by a UK university was published last week. Its stats on the prevalence of ransomware, and how many people give in to the crooks and pay the ransom, raised some eyebrows.
Kristy Ross, employee at rogue anti-virus pushers Innovative Marketing Inc., dragged her appeal against her whopping $163 million fine through the courts for years - and has lost. Do you think the fine fits the crime?
Three former Purdue University students are thought to have altered their grades by breaking into staff offices and attaching keyloggers to computers operated by class professors, possibly by replacing the keyboards with doctored versions.
US Attorney General Eric Holder has used his weekly video message to demanded Congress get busy developing a "strong national standard" for breach notifications in the wake of the Target and Neiman Markus leaks.
Cybercrime is all about the money. And, in the end, that money leads back to the financial sector. Banks, credit unions, insurers and everyone charged with looking after our money and covering us when something bad happens are starting to feel the pinch from the steady growth in cybercriminality.
If it felt like the last year saw more and bigger data breaches than usual, well, that's because it did.
When we look at some of the biggest security headlines of the past year - Target data breach, Cryptolocker ransomware, Snowden/NSA leaks - there's one big lesson we can all be taught: secure everywhere.
A group of teenagers at the Corona del Mar High School in Orange County, California, used a hardware keylogger to snoop on their teachers' login and password details. Why are school networks so vulnerable, and how can you prevent keylogging?
The Syrian Electronic Army has been at it again, with eBay and PayPal its latest victims. The compromise appears to have allowed doctoring of some local webpages, and no personal or financial data is thought to have been breached.