Law & order

(get it in RSS or Atom)

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

chet-chat-logo-featured-250

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.

"Gameover" malware revival - is it really up from the canvas?

newgoz-ko-250

Is the recent re-appearance of the Gameover malware a flash in the pan, or part of a concerted effort at reviving the threat?

What do we need to do to knock it out altogether?

Arrests made after keyloggers found on public PCs at US hotels

Keyloggers found on public PCs at US hotel business centres

Proof of the lack of hygiene in publicly accessible PCs came up yet again when the US Secret Service last week warned that cybercrooks are installing keyloggers on the PCs in hotel business centers to steal personal and business information from travelers.

"Gameover" malware returns from the dead...

In early June 2014, a internationally co-ordinated law enforcement effort against the criminals behind the infamous Gameover malware pretty much wiped out their botnet altogether.

Bad news - it looks as though Gameover is back...

Microsoft and No-IP reach settlement over malware takedown

Microsoft and No-IP reach settlement over malware takedown

Microsoft has reached a settlement with domain provider No-IP less than two weeks after it grabbed 23 internet domain names, knocking out 1.8 million customer sites and over 5 million hostnames.

Tor Project is NOT getting sued for enabling revenge porn site PinkMeth

Tor Project is NOT getting sued for enabling revenge porn site PinkMeth

A Texas revenge-porn victim is suing the operators of revenge-porn site PinkMeth.com and was (until her lawyer figured out just what, exactly, the anonymising service Tor actually is) suing The Tor Project for helping PinkMeth to operate anonymously.

UK to rush through "emergency" phone and internet data retention law

UK to rush through "emergency" phone and internet data retention law

The UK is rushing through Parliament what it calls an emergency law that will ensure it retains access to people's phone and internet records, in spite of the European Court of Justice having said in April that data retention violates human rights. It's not a rehash of the Snooper's Charter, politicians claim, but there's not a lot of time to eyeball it to make sure that's true.

SSCC 155 - cybercrime bust, cloud laws, phishing and malware back from extinction [PODCAST]

chet-chat-logo-featured-250

In this episode, Sophos experts John Shier and Paul Ducklin tackle the week's interesting security stories.

John and Duck get stuck into: a high-profile cybercrime arrest; how mainstream brands help phishers; and why macro malware is making a comeback.

DARPA dissects Twitter, Facebook, Reddit to extract propaganda how-to's

DARPA

The internet found out last week that Facebook's been dissecting us. Now, it looks like DARPA's been at it too, with research on users of Facebook, Twitter, Reddit, Pinterest, Kickstarter and Digg.

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

US arrests Russian MP's son for PoS hacking; Russia calls it kidnapping

The Russian man's father conjectures that, for all he knows, this may be a ploy for the US to get bait to exchange for Snowden.

Australian police using tower dumps to slurp mass phone data

Australian police using tower dumps to slurp mass phone data

Australian federal and state police have joined the ranks of mega-data slurpers - namely, the US, where 1 in 4 law enforcement agencies have reportedly used a "tower dump" - ordering phone providers to hand over personal information about thousands of mobile phone users, regardless of whether or not those people are under investigation.

Police dog catches paedophiles by sniffing out their hidden hard drives

Police dog catches paedophiles by sniffing out their hidden hard drives

Police detection dogs are the latest tool in investigators' arsenal when it comes to finding gadgets that might contain illegal images of child abuse, sometimes hidden in metal tins four layers deep inside a filing cabinet.

Holiday snaps and nuclear intel: The NSA's data capture exposed

NSA catches only 10% of data legally, but is it a fair trade off?

That leaves large-scale privacy invasion on 90% of 160,000 analysed messages swept up illegally by the NSA. But credit where credit is due: the legal 10% of intercepts have significant intelligence value, including data about a secret overseas nuclear project and double-dealing by an ostensible ally.

Student jailed for refusing to hand over password to police

Student jailed for refusing to hand over password to police

Christopher Wilson, who has his own business programming artificial intelligence systems, is suspected of hacking into police websites and using a voice-changing device to make hoax telephone calls warning of a cyber attack. When detectives asked Wilson to reveal his computer password to aid in their investigation he refused.

Monday review - the hot 22 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Russia's latest internet law proposal - anti-NSA, or pro-FSB?

Russian computer. Image courtesy of Shutterstock

Russia's parliament, the State Duma, has heard another internet freedom bill requiring foreign web firms to host any data on Russia citizens within Russia's borders. This would mean the likes of Google and Facebook would need to set up datacenters within Russia and redesign their operations so that individual user data would only be stored inside the country.

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

chet-chat-logo-featured-250

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Microsoft takes down No-IP DNS domains in cybercrime fight - right or wrong? [POLL]

noip-250

Vote in our poll!

Was Microsoft's takeover of 23 of another company's domain names a justifiable step in dealing with cybercrime, or a disruptive step too far?

EFF sues NSA over hoarding of zero days

nsa-250

Wouldn't it be nice to know just how, exactly, the spy agency decides whether to silently exploit zero days for snooping purposes while leaving businesses and individuals in the dark with their bellies exposed? The EFF has filed a FOIA lawsuit to help find answers.

Did Facebook's emotion experiment break the law? ICO probes

Did Facebook's emotion experiment break the law? ICO probes

Did Facebook's emotional manipulation study break data protection laws? The UK's Information Commissioner's Office is to investigate the experiment, which caused outrage after it manipulated the feeds of close to 700,000 users to determine how they reacted to positive or negative news.