data leakage

(get it in RSS or Atom)

Heartbleed sees first arrest in wake of Canada Revenue Agency breach

Heartbleed sees first arrest in wake of Canada Revenue Agency hack

The arrest of Stephen Arthuro Solis-Reyes, who is alleged to have grabbed 900 Social Insurance Numbers from the Canadian tax authorities over a period of six hours, marks the first time that authorities have apprehended someone in relation to the "heartbleed" bug in OpenSSL.

Heartbleed, Google Play and XP - 60 Sec Security [VIDEO]

2014-04-12-thumb-250

How hard is Heartbleed recovery? How hard does Google Play try to keep the garbage out? And how hard are you trying to get over XP?

60 Second Security has the answers in a short, fun security video.

"Heartbleed heartache" - should you REALLY change all your passwords right away?

hb-250

There is one important reason why you might not want to rush out and change all your passwords on all your services right this minute, and it's a sort-of Catch-22.

Paul Ducklin explains...

8 charged in AT&T ID theft fraud case, including outsourced contractor

8 charged in AT&T ID theft fraud case

"Authorized users" were added to customers' bank accounts, allowing the alleged fraudsters to request new cards in their names to make purchases and withdraw cash. As with other recent cases, the weak link was supposedly working for AT&T in an outsourced job function.

Word zero-day, Snapchat blasted, MS-DOS released - 60 Sec Security [VIDEO]

2014-03-29-hiding-250

What should you do about the latest Word zero-day? What does Mr Rockefeller think of SnapChat? And is that MS-DOS I see before me?

Watch 60 Sec Security for 29 March 2014, and find out!

Patch Tuesday - no critical updates for XP...then Microsoft adds two XP fixes after all

pt-feb-2014-250

Here's a quick run-down of what you'll face in the February 2014 Patch Tuesday update from Microsoft, which comes out tomorrow.

SSCC 132 - More breaches, treacherous gas pumps, poor passwords and Data Privacy Day [PODCAST]

sscc-132-thumb-250

This week's Chet Chat starts out with credit card breaches, covers the issue of whether you really need good passwords everywhere, and ends with an upbeat and encouraging conclusion...

Listen and learn more!

Leaks in logfiles, malware on Macs and Korean credit compromise - 60 Sec Security [VIDEO]

2014-01-25-mac-malware-250

Leaky logic leaves logins loose in logfiles; mendacious mails menace Macs with Mavericks malware, and criminal contractor compromises Korean credit company!

60 Sec Security - 25 Jan 2014...

Starbucks admits "your security is incredibly important", updates password-spilling app

starlim-250

Starbucks got into and out of privacy trouble in over the past week.

The brouhaha started when a US security researcher publicly reported a rather serious data leakage problem in the Starbucks iOS mobile app...

Attack dismissed as "theoretical" by Snapchat used to plunder 4.6 million phone numbers

sc-250

Controversial photosharing site Snapchat is back in the news again, opening the New Year as the victim of a data breach.

Hackers have turned an attack dubbed "theoretical" by Snapchat into a reality, stealing 4.6 million phone numbers along the way.

OpenSSL bug, DDoS bust, Snapchat SNAFU and a free Threatsaurus - 60 Sec Security [VIDEO]

2013-12-28-roget-250

Can a bug ever be good? What's the prison sentence for DDoS criminality? How well does Snapchat protect your data? What's a Threatsaurus, and why do you want one?

Watch and find out!

SSCC 127 - Target, Microsoft, Apple, Gmail...and some amazing acoustics [PODCAST]

sscc-127-thumb-250

Chet and Duck help you to learn from recent security news, both good and bad.

In this episode: the massive Target breach; Microsoft's and Apple's attitude to updates; and how to respond to Google's recent changes to image rendering for Gmail users.

CarderPlanet bust, Target credit card breach, online safety for kids - 60 Sec Security [VIDEO]

2013-12-21-eavesdroppers-250

What prison sentence for the man who pioneered online carding? How many credit cards did Target lose? Does your encryption software "speak" to passers-by? How to keep your kids safe online over the holidays?

Find out in 60 seconds!

JP Morgan Chase owns up to data breach: 465,000 customers at risk

JP Morgan Chase is the latest financial institution to own up to a data breach.

The details are still scanty, but it looks as though it happened back in July, wasn't noticed until September and was only owned up to in December...

LG decides its TVs *don't* steal personal information - "viewing info" isn't personal

tv-250

The story of LG's "data stealing" TVs continues to twist and turn, with LG now on its third version of what happened, and why.

LG is sorry for the confusion caused by reports of problems, but not for the problems themselves - in fact, it doesn't seem to think they're a problem at all...

LG TVs grab data, GitHub attacked, vBulletin breached - 60 Sec Security [VIDEO]

2013-11-23-sneaky-tv-250

How honest is your TV? Why do crooks like source code hacks? Should you brag when you publish a breach notification?

Find out now in 60 Second Security.

Apple releases iOS 7.0.3 - fixes yet more lockscreen holes, including a call-anybody bug

Apple just closed up yet more lockscreen holes in iOS 7.

Reading the release notes will give you a sense of déjà vu - one of the bugs is pretty much the same hole that was patched in iOS 7.0.2...

September Patch Tuesday is out - one update lost en route, 13 patches left, 8 RCE, 4 critical

patch-500

One of Microsoft's 14 promised patches for September failed to materialise.

There's still plenty left over, though: IE gets a jumbo fix, as usual; SharePoint, FrontPage, Excel, Access, Outook and more get vital updates, too.

LastPass, hackable lights, Bradley Manning and Wackyleaks - 60 Sec Security [VIDEO]

2013-08-24-wackyleaks-250

What happened to LastPass that it needed a patch? How do Philips wireless lights handle security? What will become of Bradley Manning? And what has Wikileaks been up to lately?

Take a look at 60 Second Security and find out!