compromise

(get it in RSS or Atom)

Bitly breached, gives (shortened) details to customers on blog

bitly-250

Popular URL shortener Bitly is the latest cloud service to say, "Er, looks like crooks have been wandering around in our network."

Paul Ducklin tries to make sense of Bitly's breach notification blog...

Whistleblower-friendly site Cryptome booted briefly offline for hosting "malicious content"

cryptome-250

US whistleblower-friendly site Cryptome recently suffered a short outage, after it was booted offline by its ISP and then let back.

Paul Ducklin looks for security lessons in the story...

FreeBSD shutters some servers after SSH key breach

FreeBSD shutters some servers after SSH key breach

FreeBSD has announced a smallish system compromise.

The FreeBSD administrators took a bunch of servers offline to investigate, and published a blow-by-blow account of what they know about the breach so far.

"Almost every Android device is compromised" turns out to be only almost true

"Almost every Android device is compromised" turns out to be only almost true

A security expert recently made an astonishing claim at a North American security event: one in three Android apps is malware-infected, and almost all devices are compromised.

Sounds like terrible news for Android users - but is it true?

Twitter account hack epidemic - Don't fall for "CNBC" spam!

cnbc-twitter-thumb

Throughout the month of June, Twitter accounts have been getting hacked and have subsequently been sending spam that links to fake CNBC news articles. Be cautious about links in direct messages or tweets, even if they're sent from a friend's account!

What do I do if my Twitter account is hacked?

TwitterDead250

Many Naked Security readers ask for assistance when their accounts are hacked, or when their friends, family and colleagues need assistance. This article explains the steps needed to safely reacquire control of your Twitter account.

Welcome back, Linux kernel!

Welcome back, Linux kernel!

Just under a month ago, the official distribution site for the Linux kernel was taken offline following an embarrasing malware incident.

The good news is that kernel.org is back online. It's not all roses, though.

BitTorrent serves malware directly from website - no need for P2P!

Bittorrent serves malware directly from website - no need for P2P!

Oops!

Even if you are one of the several many entirely law-abiding users of BitTorrent, the mothership company Bittorrent, Inc. may recently have put you in harm's way.

Apple fakery, DNS hack, DigiNotar, Linux, Wikileaks - 60 Sec Security

60ss-20110913-250

Lots of readers said they'd like to see our 'news-with-a-conscience' videos more than once a month.

So here you go. 60 Second Security, once every two weeks.

LulzSec, Anonymous and other hacks - should I change my password?

LulzSec, Anonymous and other hacks - should I change my password?

With all the data breaches in the news lately, it's hard to know whether you've been affected. Lots of people are asking, "Should I change my password?"

Helpful Sydney infosec guy Daniel Grzelak can help you answer that question.

Data loss at Play.com

play.com logo

Large online retailer Play.com has emailed its customers yesterday admitting to a security breach in its marketing communications. Names and emails may have been compromised. Play.com claims the breach happened outside its walls, so presumably they use a third party marketing consultancy to manage part or all of its marketing activities.

Hack in the Box attack - presenter threatened with arrows

Hack in the Box attack - presenter threatened with arrows

Marco Slaviero, a presenter at Hack in the Box 2010 in Kuala Lumpur, Malaysia, had a narrow escape yesterday after a number of outsized presentation arrows ganged up and threatened to attack him during his talk. Powerpoint was initially suspected.

Stuxnet begone! Can we worry about EFTPOS now, please?

Image (2) circuit-board.jpg for post 36136

Stuxnet, the malware story which refuses to die, has dominated recent security media coverage. Firstly, Stuxnet targets the Programmable Logic Controllers (PLCs) used in plants and factories. Secondly, Stuxnet's prevalence was apparently greatest in Iran, giving hyperbolistas plenty to dine out on.