Articles by Lisa Vaas
Many Amazon S3 cloud storage users are exposing sensitive company secrets, claims report
A security researcher tested a slew of (probably inappropriately misconfigured) storage buckets and found about one in six were open to the public, exposing content we think companies would probably have preferred remain private.
Lisa Vaas explores what has happened.
Spring ushers in US tax scam season
To remind taxpayers to be on the lookout for scams ranging from identity theft to return-preparer fraud, the IRS posted its Dirty Dozen list of tax scams for 2013.
Five Slovenians arrested for $2.5M email banking fraud
Slovenian police on Thursday raided 12 homes and arrested five Slovenian citizens in connection with sending malware-packed email to small and medium businesses' accounting departments.
17-year-old arrested for hacking into phones, stealing and distributing explicit images of children
A US teenager is charged with distributing child pornography after allegedly hacking minors' cellphones through an SMS ad that installed malware, giving him access to the phones' content.
IT admin pleads guilty to hacking into and spying on New Jersey mayor's email
Patrick Ricciardi configured computer systems to collect all emails sent to the mayor and two high-ranking city employees.
He did it, he said, to see if his job was secure. We can say with reasonable certainty now that it is not.
Facebook plugs Timeline privacy hole
Facebook gets another blow from Europe v. Facebook, which discovered a flaw in the latest timeline redesign that allowed for unintended viewers to see all events a user has attended.
AT&T hacker "Weev" sentenced to 41 months in prison, after obtaining the email addresses of 100,000+ iPad users
Andrew Auernheimer has been sentenced for the federal crimes of obtaining the personal data of over 100,000 iPad owners from AT&T's publicly accessible website.
Besides his prison sentence, he's facing 3 years of probation and, together with another convicted hacker, paying restitution of $73,000.
Reuters journalist who allegedly conspired with Anonymous hackers is suspended
A Reuters journalist has been indicted by a US federal grand jury for allegedly handing over the login credentials of his former employer, Los Angeles Times parent company Tribune Co., to Anonymous hackers.
Hackers launch DDoS attack on security blogger's site, send SWAT team to his home
Brian Krebs was the victim of a caller ID spoof that resulted in armed police surrounding his house. He's pretty sure about the criminal element responsible and has linked the perpetrator(s) to a denial-of-service attack against Ars Technica following its report of Krebs's ordeal.
NIST, US government's vulnerability database, brought down by ironic malware
The US's national vulnerability database has been offline for days thanks to multi-server infection inflicted by hacker(s) who really know how to hurt a infosec guy or gal.
Google: Yep, our cars steamrolled your privacy
A $7 million fine imposed by 38 US states will settle an investigation into Google's grab of private data - including emails, text messages, browsing histories and passwords - from unsecured wireless networks as its cars patrolled neighborhoods, snapping photos around the world.
Skype in hot water over failure to let French police eavesdrop
French telecom regulators have suggested that Skype could face charges for failing to register as a telecom and do all the things that French telecoms are supposed to do - for example, let French police eavesdrop on calls...
Google Glass: the ultimate creepy stalker toy?
Google's internet-enabled head gear, due to be released this year, promises to be a privacy nightmare, what with the capability to surreptitiously record photos, video and audio of the wearer's surroundings.
Microsoft to patch security vulnerabilities on Tuesday - including some rated as "critical"
Patch Tuesday is bringing seven security fixes, with Microsoft deeming four of them "drop-everything-and-fix-this-now" critical in Windows, IE, Silverlight, Office and Microsoft Server.
$5 million class action lawsuit over LinkedIn data breach dismissed
No real damage was done, a judge ruled, and besides, paying for premium membership isn't a guarantee that you'll get premium security.
Ouch! So much for promises made in privacy policies.
Browser choice - How a "technical error" cost Microsoft over $700 million
"OK, Microsoft... no more Mr. Nice Guy," the European Commission said to the company that just can't seem to figure out how to give PC users a browser choice.
How to protect yourself from debit-card fraud
How's this for a phone call you don't want on a Sunday night: Visa's fraud unit, calling to ask whether you're aware that $1,371 has been wired from your bank account via Western Union.
Unfortunately, it's far from a rare occurrence...
White House agrees cellphone unlocking should be allowed, but jailbreakers left in limbo
The White House agrees with the 114,000+ US citizens who signed a petition to make cell phone unlocking legal.
What they didn't address: the legality of jailbreaking and rooting.
Samsung Galaxy security vulnerability unlocks homescreen
If you're nimble enough, you can get past the Galaxy Note 2's lock screen. And PIN. And password. And face unlock.
US ISPs launch pirate wrist-slapping campaign
With the new "six strikes" piracy alert system, Comcast plans to hijack offenders' browsers, Cablevision will suspend subscribers for 24 hours after a fifth offense, and plenty of ISPs are looking at throttling infringers' connections down to a crawl.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
