Data loss

(get it in RSS or Atom)

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

chet-chat-logo-featured-250

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.

Germany considers replacing email with typewriters to evade spying

Germany to replace email with typewriters to duck US spying?

The country's pondering manual typewriters, however, unlike Russia's reported embrace of electric typewriters last year. Russia should be well aware that you can plug a keylogger into those e-typewriters, given that it pulled that stunt on IBM Selectrics back in the 70s!

CNET website and 1 million passwords compromised by Russian hacker group

CNET hacked

CNET, the popular tech news and reviews website, was compromised over the weekend by Russian hackers called "W0rm," CNET's parent company confirmed yesterday.

Arrests made after keyloggers found on public PCs at US hotels

Keyloggers found on public PCs at US hotel business centres

Proof of the lack of hygiene in publicly accessible PCs came up yet again when the US Secret Service last week warned that cybercrooks are installing keyloggers on the PCs in hotel business centers to steal personal and business information from travelers.

iPhones are a security threat to the state, China claims

iPhone's a security threat to the state, China claims

China has cited Apple iPhone's ability to track and time-stamp users' whereabouts as reason to declare the mobile phone hazardous to state security.

UK to rush through "emergency" phone and internet data retention law

UK to rush through "emergency" phone and internet data retention law

The UK is rushing through Parliament what it calls an emergency law that will ensure it retains access to people's phone and internet records, in spite of the European Court of Justice having said in April that data retention violates human rights. It's not a rehash of the Snooper's Charter, politicians claim, but there's not a lot of time to eyeball it to make sure that's true.

Google Drive security hole leaks users' files

Google Drive security hole leaks users' files

The flaw, which Google recently patched, was giving out original documents to unauthorized users via embedded links. It's yet another example of how storing documents "in the cloud" means "heaven knows with whom".

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

The Russian man's father conjectures that, for all he knows, this may be a ploy for the US to get bait to exchange for Snowden.

Australian police using tower dumps to slurp mass phone data

Australian police using tower dumps to slurp mass phone data

Australian federal and state police have joined the ranks of mega-data slurpers - namely, the US, where 1 in 4 law enforcement agencies have reportedly used a "tower dump" - ordering phone providers to hand over personal information about thousands of mobile phone users, regardless of whether or not those people are under investigation.

Holiday snaps and nuclear intel: The NSA's data capture exposed

NSA catches only 10% of data legally, but is it a fair trade off?

That leaves large-scale privacy invasion on 90% of 160,000 analysed messages swept up illegally by the NSA. But credit where credit is due: the legal 10% of intercepts have significant intelligence value, including data about a secret overseas nuclear project and double-dealing by an ostensible ally.

Monday review - the hot 22 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Remote access breach via POS system sparks yet more consumer data leak fears

Remote access breach via POS system sparks yet more consumer data leak fears

A US supplier of point-of-sale (POS) equipment has informed its clients of a security breach in the remote access system it uses to log into clients' networks, meaning hackers could have used the system to steal payment data.

EFF sues NSA over hoarding of zero days

nsa-250

Wouldn't it be nice to know just how, exactly, the spy agency decides whether to silently exploit zero days for snooping purposes while leaving businesses and individuals in the dark with their bellies exposed? The EFF has filed a FOIA lawsuit to help find answers.

Supreme Court refuses to drag Google out of its Street View privacy wreckage

Supreme Court won't drag Google out of its Street View privacy wreckage

Google's planning to slurp up ever more data, from wearables, fitness apps and more. It sure would be nice for Google if the Street View fiasco would fade away and stop reminding people of how they snooped on data and then lied about it, but the Supreme Court isn't disposed to helping it out on this one.

Canadian spam, New York taxis and Brazilian passwords - 60 Sec Security [VIDEO]

60ss-video-250

Canada goes "opt in", NYC makes a hash, and Brazil forgets its punctuation.

It's 60 Second Security for 28 June 2014!

Is that Google Glass wearer stealing your iPad passcode?

Tablet. Image courtesy of Shutterstock.

What about the one with a smartwatch? Snoopers can catch your code from nearly 10 feet away with Google Glass or Samsung's smartwatch and from almost 150 away using a HD camcorder, thanks to researchers' custom-coded, shadow-tracking recognition algorithm.

37% of Canadian Justice Department fail phishing awareness test

37% of Canadian Justice Department fail phishing awareness test

An in-house awareness test run late last year at Department of Justice Canada has revealed that a good percentage of its employees are for the most part fairly easy to trick with phishing scams.

Cupid Media "breached Privacy act" after storing users' passwords in plain text

Heart. Image courtesy of Shutterstock.

The Australian Privacy Commissioner has ruled that Cupid Media Pty Ltd breached the Privacy Act following a data breach which saw over 40 million customer records exposed.

Carwash POS systems hacked, credit card data drained

Carwash POS systems hacked, credit card data drained

Police in the US state of Massachusetts have busted what they say is a gang of thieves who were buying stolen credit cards and using them to buy gift cards that were then sometimes exhausted of their balance, washed clean of data and reloaded with more stolen credit card data.