Law & order

(get it in RSS or Atom)

SSCC 144 - iOS malware, fingerprint security, WhatsApp privacy, hacking the taxman [PODCAST]

sscc-144-thumb-250

How bad is the risk from iOS malware? What's the state of play in fingerprint security? Should you trust mobile apps? Is it wise to hack the taxman? What if Brian Krebs calls to warn you've been pwned?

Chet and Duck turn their wit and insight on the week's news...

Monday review - the hot 21 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Heartbleed bust, Fingerprint fakery, WhatsApp privacy SNAFU - 60 Sec Security [VIDEO]

fb-60ss-250

What happens if you hack your local tax office? Can you trust the Samsung Galaxy S5's fingerprint security? Did WhatsApp finally get security right in its app?

Find out the answers in one entertaining minute of video - it's 60 Second Security!

Clicking 'Like' can cancel your right to sue a company

Clicking 'Like' can cancel your right to sue a company

General Mills might be the first company to rig its legal terms to ensure that interacting with it in just about any way online - downloading or printing a coupon, visiting its website, or getting its email newsletter - means you can't sue it.

Heartbleed sees first arrest in wake of Canada Revenue Agency breach

Heartbleed sees first arrest in wake of Canada Revenue Agency hack

The arrest of Stephen Arthuro Solis-Reyes, who is alleged to have grabbed 900 Social Insurance Numbers from the Canadian tax authorities over a period of six hours, marks the first time that authorities have apprehended someone in relation to the "heartbleed" bug in OpenSSL.

Massive FBI facial recognition database raises privacy fears

Facial recognition. Image courtesy of Shutterstock.

The FBI is building a massive facial recognition database that could contain as many as 52 million images by 2015, including 4.3 million non-criminal images, according to information obtained by the EFF via a freedom of information request.

Cyber extortionists swipe cosmetic surgery records, try to blackmail Harley Medical Group

Cosmetic surgery. Image courtesy of Shutterstock.

Cyber crooks may have broken into Harley Medical Group, a cosmetic surgery firm with 21 clinics in the UK, to filch the intimate details of about 480,000 potential patients and then try to extort money from the company.

Notorious troll and hacker Weev has conviction overturned

Weev conviction overturned, CFAA left to wobble along

The courts have overturned Weev's conviction without having to deal with the sticky subject of the Computer Fraud and Abuse Act. They did it on grounds that surprised nobody: namely, venue.

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

Obama leaves loophole open for NSA to exploit zero-day vulnerabilities

No, the US White House didn't know about Heartbleed and didn't exploit the OpenSSL bug to snoop, it said, but it's reserving the prerogative to use zero-day exploits as a wedge to pry out intelligence if it serves national security interests.

Zeus malware - nine charged with conspiracy to steal millions of dollars

US charges 9 with stealing millions of dollars with Zeus malware

The US Department of Justice (DOJ) has charged nine individuals over their alleged involvement in a criminal organisation that stole millions of dollars from victims' bank accounts.

WhatsApp, Facebook get a privacy finger wagged at them by FTC

WhatApp, Facebook get a privacy finger wagged at them by FTC

The Commission suggests that, post-mega-acquisition (which has been OKed), WhatsApp should get users' permission before changing data collection.

$50 million Carder.su thief pleads guilty

$50 million Carder.su thief pleads guilty

Cameron Harrison of Georgia, US, was part of a large credit card fraud gang associated with the Carder.su website, believed to be responsible for around $50 million in losses around the globe.

In-flight WiFi providers go above and beyond to help feds spy on us

In-flight WiFi providers go above and beyond to help feds spy on us

Documents have come to light in which Gogo brags about how it not only complies with a federal law for compliance with law enforcement; it actually goes above and beyond requirements to give law enforcement extra special surveillance sauce, it says. And it's not the only one...

Proposed law seeks to make retailers financially responsible for data breaches

Money. Image courtesy of Shutterstock.

Fallout from the epic Target data breach continues, as state lawmakers seek to hold retailers liable for financial damages caused by breaches spawned by their businesses, rather than financial institutions who issue credit and payment cards.

"David vs Goliath & Godzilla" - Hollywood files lawsuit against Megaupload

Cinema. Image courtesy of Shutterstock.

The Kim Dotcom/Megaupload mega-saga continues, with six mammoth movie studios filing suit against what they say is the former file-sharing site's mega-monster-mind-numbingly-massive copyright infringement.

Facebook data scraped, people profiled as "jerks" and scammed by Jerk.com, FTC says

Jerk. Image courtesy of Shutterstock.

Jerk.com allegedly scraped content from people's Facebook listings, put it up on its site, invited the world to throw rotten fruit at by clicking on a "jerk" or "not a jerk" button, and then had the outrageously uber-jerky jerkiness to charge people $30 to be able to (supposedly but not really) dispute.

8 charged in AT&T ID theft fraud case, including outsourced contractor

8 charged in AT&T ID theft fraud case

"Authorized users" were added to customers' bank accounts, allowing the alleged fraudsters to request new cards in their names to make purchases and withdraw cash. As with other recent cases, the weak link was supposedly working for AT&T in an outsourced job function.

Apple patch out, Fake support bust, Liquor store leak - 60 Sec Security [VIDEO]

2014-04-05-justice-250

How long did Apple leave holes in Safari? What punishment can a convicted support call scammer expect? And what happens when a liquor store springs a leak?

Find out in 60 Second Security. the security news video that only takes a minute...

Her website was hacked away; here's how she got it back

Her website was hacked away; here's how she got it back

"Pfft! What's all the fuss about site hijacking? Just send a few emails and get it fixed!" Well, that's what Jordan Reid thought before her domain got held for ransom. She's since changed her tune, after her own site got whisked away and put on the auction block. Here's how she got it back.

James Clapper confirms that NSA conducted warrantless searches on Americans

James Clapper confirms that NSA conducted warrantless searches on Americans

In a letter to Congress released on Tuesday, the US government confirmed what we all knew (or at least suspected) – the National Security Agency has conducted warrantless searches on Americans' private telephone and email conversations.