IT

(get it in RSS or Atom)

Beware dodgy computer repair work - your data is at risk along with your wallet

Beware dodgy computer repair work - your data is at risk along with your wallet

Passing off old as new is dishonest in any industry - but it's more dangerous in some than in others.

Hard disks may not wear out like chainsaw blades or cam belts - it's not what they may have lost in their life so far, but in what they have gained: other people's data.

Manchester police pay off £150,000 fine for unencrypted USB key

Manchester police pay off £150,000 fine for unencrypted USB key

The UK Information Commissioner's Office in the UK recently fined the Greater Manchester Police £150,000 for a data breach.

The problem boiled down to an unencrypted USB key stolen from an officers's home.

Monday review: the hot 24 stories of the week

Monday review: the hot 24 stories of the week

Here you go.

All the stories we wrote in the past seven days, in case you missed anything (or just want to read them again).

Oracle updates Java, supports OS X, claims full and timely updates for Apple users

mac-java-250

Back in April, Apple came under fire for delaying an update to Java until the Flashplayer malware got loose.

Let's hope that's a thing of the past, with Oracle publishing Java for OS X directly, and promising patches for OS X at the same time that they come out on Windows.

Patch Tuesday - what to know and what to do for Microsoft and Adobe users

Patch Tuesday - what to know and what to do for Microsoft and Adobe users

Both Adobe and Microsoft published Patch Tuesday updates this week.

There are plenty of issues to be concerned about - so we've written up our recommendations to help you prioritise your own patching...

Blizzard owns up to data haemorrhage - painful but probably not too bad

Blizzard owns up to data haemorrhage - painful but probably not too bad

Big-time online entertainment outfit Blizzard has just owned up to a data haemorrhage.

Blizzard strongly suggests - but manfully doesn't pretend to guarantee - that financial data such as credit cards, billing addresses, and real names weren't got at.

Journo totally owned thanks to over-helpful iCloud support

Journo totally owned thanks to over-helpful iCloud support

Mat Honan is a living example of Journalism 2.0.

Honan has also recently been the victim of a hack - a hack so trivial in some respects that naysayers will probably spend hours telling us that it doesn't qualify as a hack, even though it effectively hacked Honan's digital life into shreds...

How to explain phishing to your Grandma [VIDEO]

threatsaurus-threat-in-jar-250

Have you ever had to explain phishing to your Grandma? Are you tech support for friends and family?

If so, then the Sophos Threatsaurus is just what you need. The 2012 edition is hot off the press - get it for free today!

Cybercrime trio sentenced for $3m hacking spree via WiFi and malware

Cybercrime trio sentenced for $3m hacking spree via WiFi and malware

A Seattle hacking triumvirate has received a collective quarter-century behind bars.

With a combination of wardriving and malware implantation, they made off with $3m plundered from company accounts - including straight from the payroll.

Criminals in USB key espionage attempt against Dutch multinational. Or not.

Criminals in USB key espionage attempt against Dutch multinational. Or not.

A keen-eyed Naked Security reader alerted us to an interesting-sounding story about a USB-fuelled espionage attempt.

(For those who prefer us to write about security successes, not about failures, this one's for you!)

'Evil' network hacker sent to prison for two-and-a-half years

'Evil' network hacker sent to prison for two-and-a-half years

An Australian hacker from the New South Wales country town of Orange has been sent to prison for two-and-a-half years.

David Cecil, who went under the handle 'Evil', was arrested a year ago following a six-month investigation.

In memoriam - Alan Turing's 100th birthday

In memoriam - Alan Turing's 100th birthday

Alan Turing is probably best known to the public for his cryptanalytical derring-do at Bletchley Park, UK, during the Second World War.

But it is Turing's ever-present Halting Problem which teaches us the most about modern-day computer security. We salute his pioneering work.

Practical IT: How your firm can better secure access to social networks

business-social-networking_thumb

Facebook’s potential to ruin (or make) your business is a common news topic. We've looked into the risks, and how businesses might provide a more secure way of accessing social networks.

Data breaches aren't just about website insecurity and internet hacking...

Data breaches aren't just about website insecurity and internet hacking...

The Belfast Health and Social Care Trust in Northern Ireland, UK, has been stung with a £225,000 ($350,000) fine for a data breach.

In this case, though, the break-in was physical and the stolen data existed in printed form or on film...

IE remote code execution vulnerability being actively exploited in the wild

IE remote code execution vulnerability being actively exploited in the wild

A critical Internet Explorer vulnerability, announced and patched by Microsoft in June's Patch Tuesday, is being exploited in the wild.

Find out how hackers bypass modern protections like DEP and ASLR - and if you haven't patched yet, do it now!

Lost USB keys back in the spotlight in Privacy Commission report

Lost USB keys back in the spotlight in Privacy Commission report

In late 2011, we published our analysis of a bunch of USB keys we'd bought at a lost property auction.

We got a number of surprises - not least that the Privacy Commissioner decided he wanted a word with us. Find out what happened next...

VIDEO: How to solve the AusCERT 2012 #sophospuzzle

Mythbuster meets FPSRussia?

By popular demand, here is a video explaining how to solve the puzzle we published on our AusCERT 2012 conference T-shirt.

44 solvers from 14 countries cracked it in the time allowed - find out how they did it!

"One in 256 times *any* password might get you in" - MySQL authentication disaster

"One in 256 times *any* password might get you in" - MySQL authentication disaster

What if your authentication system itself were at fault? You could have the hardest-to-guess password, salted and hashed thousands of times, and still be at risk.

That's what happened to MySQL and MariaDB.

Security fears around remote working, the cloud and wireless networks cited by SMBs

Security fears around remote working, the cloud and wireless networks cited by SMBs

The days of IT managers simply worrying about the security of the network inside their physical offices are long gone.

Cloud services, mobile devices, wireless networks and a remote workforce are complicating security management for IT departments who wish to protect corporate data.