Security threats

(get it in RSS or Atom)

Plenty Of Fish hooked by Canada's anti-spam laws, faces 48k penalty

Fish. Image courtesy of Shutterstock.

Canada's strict anti-spam laws have come down hard on another offender, with the operators of dating website Plenty Of Fish paying a $48,000 penalty for failing to provide proper unsubscribe options in emails sent to its users.

Uber goes Big Data, shares customers' data with a hotel chain

Uber

Uber has joined the rank of Big Data sellers, up there with Facebook, Google and Visa. The product: data about customers' movements, where they shop, where they work, where they go and much more.

Serious Security: China Internet Network Information Center in TLS certificate blunder

TLS certificates are very important.

In fact, you could say they are the cornerstone of online security, especially for e-commerce.

So we thought we'd use a story about a recent certificate security blunder to remind you why...

SSCC 191 - Live in Ljubljana [PODCAST]

Chester is on the road again, this time to present at a conference in Slovenia.

So this episode of the Chet Chat comes to you from an al fresco café in downtown Ljubljana...

Will Artificial Intelligence keep humans as pets?

Woz

Steve Wozniak is the latest tech luminary to sound a note of caution about the potentially apocalyptic dangers of Artificial Intelligence.

New Android 'on-body detection' leaves your phone unlocked as long as you keep moving

New Android lock feature freezes up your data when your phone stops moving

Keep it jiggling, whether in hand, pocket or purse, and the accelerometer will keep your Android phone unlocked and ready to go. Handy for pickpockets!

"Pwn2Own" competition pops Flash, Reader and four browsers, pays out over $550K [POLL]

Pwn2Own has become something of an institution on the North American computer security conference circuit.

Come and vote in our poll to tell us what you think of security contests like this...

What's that screenshot doing on Facebook? 60 Sec Security [VIDEO]

60ss-video-250

Facebook, ransomware and updates to updates - all in 60 seconds!

Our weekly video for 21 March 2015...

Greatfire.org faces daily $30,000 bill from DDoS attack

Anti-censorship China activists face daily $30,000 DDoS bill

GreatFire.org, a site that monitors websites blocked by the Great Firewall of China, has been hit with a massive DDoS attack.

Thought your private phone photos weren’t on Facebook? Think again…

photos-250

Facebook just fixed a privacy bug in a feature of its mobile app called "Photo Sync."

That's good news...but did you even notice that Photo Sync was on in the first place?

Google announces "two improvements" to Google Play app approval process

play-250

Google recently added actual humans to the Android app approval system...

...now there's age rating and better feedback for rejected apps as well.

Target agrees to pay $10 million to settle data breach lawsuit

Target agrees to pay $10 million to settle data breach lawsuit

Target has proposed a huge $10 million settlement for victims of its 2013 data breach in which at least 70 million records were compromised.

Ransomware - should you pay?

payup-250

The big question, usually left unanswered in technical discussions of ransomware, is, "Should you pay?"

We help you make up your mind.

Double FREAK! A cryptographic bug that was found because of the FREAK bug

Researchers checking up on the state of FREAK patching turned up another bug as a result.

Sometimes, finding programming mistakes requires serendipitous coincidences!

SSCC 190 - The CeBIT 2015 edition [PODCAST]

sscc-5-years-250

Recorded right on the Sophos booth at the CeBIT show in Hannover, Germany.

Here's the Fifth Anniversary edition of our weekly podcast...enjoy!

"Black Box" brouhaha breaks out over brute forcing of iPhone PIN lock

A brouhaha has broken out about a "Black Box" that can brute force your iPhone PIN by trying every possible combination, from 00..00 to 99..99.

Apparently, it can even circumvent the "10 mistakes and you're finished" test. Sort of...

Google forgets one little "Yes/No" setting, leaks private WHOIS data

g-250

Even Google can make data leakage mistakes, as network security expert group Talos recently noticed.

Just one tiny little Yes/No setting that went wrong...

TeslaCrypt ransomware attacks gamers - "all your files are belong to us!"

tesla-250

TeslaCrypt is a new ransomware that goes above and beyond CryptoLocker in the types of files it seeks out to hold for ransom, including those related to video games.

SophosLabs dug in to find out what TeslaCrypt has in store for gamers, and everyone else.

Bank tests heartbeat-encoded wristbands for online authentication

UK bank tests heartbeat-encoded wristbands for online authentication

Halifax is trialing the use of a wristband to store our ECGs, given that our hearts are random number generators unique to every individual.