Security threats

(get it in RSS or Atom)

Android app market pirates busted by FBI

pirate-250

Six Americans charged with large-scale piracy of Android apps.

But what about their "customers"?

Is there really an increased risk of malware from unlawfully acquired apps?

Hacker claims breach of Wall Street Journal and Vice

Malicious hacker claims breach of Wall Street Journal, Vice

W0rm's been quite busy and has already pulled this on CNET, and likewise is again offering to sell user data and server credentials for one Bitcoin.

eBay's StubHub ransacked for over $1 million, international crime ring arrested

StubHub logo

US police have indicted six people across four countries on charges of defrauding eBay's StubHub for over $1 million in pilfered tickets for things like Jay-Z and Justin Timberlake concerts. eBay says its servers weren't broken into; rather, password reuse and account holders' PCs being riddled with malware are to blame.

SSCC 157 - Routers, Browsers, Zombies and Sysadmins [PODCAST]

chet-chat-logo-featured-250

Here it is...this week's Chet Chat security podcast.

In this episode: fixing routers, trusting browsers, killing zombies and showing TLC to sysadmins.

Firefox 31 has arrived - 11 bulletins, 3 critical, 0 visual surprises

fftb-250

Firefox 31 is out.

So is its updated conservative older brother, the Extended Support Release, now at 24.7.

And Firefox's email-oriented cousin Thunderbird gets updated, too.

Car hackers build anti-car-hacking gadget

Cars. Image courtesy of Shutterstock.

Besides yet more white-knuckled car-jacking stunts, security researchers Charlie Miller and Chris Valasek also plan to unveil at next month's Black Hat conference a prototype device meant to foil the type of hacks they've been throwing at cars.

"Rickmote" box Rickrolls Chromecast, forcibly earworms hapless victims

Image courtesy of Dan Petro, Bishop Fox IT

Never gonna give you up, Never gonna let you down, Never gonna run around and desert you.

500,000-per-day SMS spammer gets just £4,000 fine

500,000-per-day SMS spammer gets just £4,000 fine

An Indian call-centre operator has been fined by a London court for breaching Data Protection laws, but despite his operation bombarding UK cell phones with spams, his punishment amounts to little more than a slap on the wrist.

Dirty Dozen Spampionship – which country is spewing the most spam?

The World Cup may be done and dusted, but the Spampionship continues!

Where did you come in our spam-sending league tables?

Your Gmail account is fair game for cops or feds, says US judge

US judge: your Gmail account is fair game for cops or feds

A New York court on Thursday opened up our entire Gmail accounts to feds or cops with warrants, in spite of two recent decisions that went against similar requests.

New search engine Indexeus unmasks malicious hackers

New search engine Indexeus unmasks malicious hackers

Indexeus is a database of stolen names and passwords, many doxed from the hackers who've themselves doxed others' data. Is it poetic justice, exploitation of a lucrative market, a prototype of an educational tool, or all of the above?

SoHo routers to get hacker-style scrutiny in return for "awesome" prizes

soho-250

Buy a $50 SoHo router, plug it in, press a couple of buttons.

Bingo! A connected household! What could possibly go wrong?

If history is any guide, quite a lot...

Shopping site reports 3-year-old data breach

Australian shopping site reports 3-year-old data breach

Australian shopping website CatchOfTheDay has warned customers of a data breach dating back to 7 May 2011, urging anyone who has kept the same password at the site since that date to change it.

Jailed Apple phishing duo also imported pickpockets and cloned credit cards

Constanta Agrigoroaie and Radu Savoae. Images courtesy of Metropolitan Police.

How's this for irony? A pair of fraudsters phished bank account details out of over 150 Apple users by sending them hairy-scary messages about their accounts having been compromised.

It's all about trust! 60 Sec Security [VIDEO]

60ss-video-250

Watch 60 Second Security for 19 July 2014 - it's all about trust!

Notorious Shylock banking malware taken out by law enforcement

fire-globe-250

Law enforcement action led by the National Crime Agency (NCA) in the UK has knocked out the infrastructure of a banking malware known as Shylock, because of excerpts from Shakespeare's Merchant of Venice hidden in its code.

Here's how to check to make sure you weren't among the more than 30,000 PCs that were infected.

Cisco warns of big remote management hole in tiny routers

cisco-250

Even little routers can have giant holes, as Cisco warns in a just-published security advisory.

Oracle's "Patch Tuesday" brings 113 patches across 13 product families

0-250

Oracle's July 2014 security patches are out, and there's a ton of them.

Literally and figuratively...

'Hidden from Google' site remembers the pages Google's forced to forget

'Hidden from Google" site remembers the pages Google's forced to forget

The newly launched site is archiving the pages Google was forced to de-index in the name of opening up to the internet as a whole the discussion regarding what should or should not be "forgotten."

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

chet-chat-logo-featured-250

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.