Data loss

(get it in RSS or Atom)

The FREAK bug in TLS/SSL - what you need to know

by Paul Ducklin on March 4, 2015 | 15 Comments

The FREAK bug affects TLS/SSL, the security protocol that puts the S into HTTPS and the padlock in your browser's address bar.

Paul Ducklin explains in plain English...

Uber subpoenas GitHub in search for hacker of driver database

by John Zorabedian on March 3, 2015 | Leave a comment
Image of magnifying glass over fingerprint courtesy of Shutterstock.

A breach of one of its databases in May 2014, in which the names and driver license numbers of 50,000 "driver partners" were stolen, is the latest entry on Uber's growing list privacy and security blunders.

5 mobile device risks in your business

by Ross McKerchar on March 2, 2015 | 1 Comment
7 Sins: Mobile Negligence

5 security risks that you need to get on top of before you let employees access corporate resources from mobile devices, and how to mitigate them.

Anatomy of a certificate problem - the "PrivDog" software in the spotlight

by Paul Ducklin on March 2, 2015 | 10 Comments

The bug's now fixed, but when software offers to make your secure transactions more secure...

...you don't expect things to work the other way around!

Bought PII from the government? PLEASE DON'T LOSE IT! 60 Sec Security [VIDEO]

by Paul Ducklin on February 28, 2015 | Leave a comment
60ss-video-250

Here's the latest episode of our weekly computer security roundup.

The latest news presented so you can enjoy it...in just one minute!

Anthem healthcare breach is smaller - and bigger - than first thought

by Paul Ducklin on February 27, 2015 | 10 Comments

There's good and bad news about Anthem's recent data breach.

The bad news includes the risk to between 8.8M and 18M non-customers who were in Anthem's database anyway...

SSCC 187 - The cryptography edition [PODCAST]

by Paul Ducklin on February 26, 2015 | Leave a comment
chet-chat-logo-featured-250

Sophos expert John Shier sits in for regular presenter Chester Wisniewski in this episode.

John and Paul Ducklin dissect the latest security issues, which were dominated this week by some thorny matters of cryptography.

Not just celebrity nude photos, Reddit bans all "involuntary porn"

by Lisa Vaas on February 26, 2015 | Leave a comment
Reddit bans "Involuntary Porn": Sexual material's not OK without an OK

Reddit blew it with The Fappening, but a new privacy policy enables even us nobodies to request image removal.

LinkedIn settles class action suit over 2012 unsalted password leak

by Lisa Vaas on February 25, 2015 | Leave a comment
LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn is privately settling the 2012 unsalted password leak. Were you one of the 800,000 affected users? Here's what you need to know.

Burning Man festival to cancel tickets of cheaters who used website hacks

by John Zorabedian on February 24, 2015 | 3 Comments
Image of Burning Man effigy courtesy of John Chandler/Flickr - Creative Commons license

Burning Man says it will cancel festival tickets purchased by approximately 200 individuals who managed to use a flaw in the ticketing website to jump ahead of the line.

How the "Great SIM Heist" could have been avoided

by Paul Ducklin on February 23, 2015 | 22 Comments

Apparently, intelligence services managed to penetrate the network of a major SIM card manufacturer, grab loads of SIM keys, and now we're all liable to be listened in on.

But why? What is it about SIM cards that made this possible?

What's SUPER and helps you to PHISH, sorry, FISH? 60 Sec Security [VIDEO]

by Paul Ducklin on February 21, 2015 | Leave a comment
60ss-video-250

Here's our weekly news roundup - from Superfish to Super Spectacles.

It's amusing, informative, and only takes a minute - enjoy!

Co-creator of Blackshades malware used to spy on Miss Teen USA pleads guilty

by Lee Munson on February 20, 2015 | Leave a comment
Blackshades malware co-creator pleads guilty, facing 10 years in jail

Alex YĆ¼cel has pleaded guilty to his involvement with the $40 program designed to secretly remotely control victims' computers.

How to get rid of the Lenovo "Superfish" adware

by Paul Ducklin on February 20, 2015 | 8 Comments

Here's how to get rid of the "Superfish" adware that was pre-installed on some Lenovo notebooks.

Lenovo "Superfish" controversy - what you need to know

by Paul Ducklin on February 20, 2015 | 13 Comments
sf-250

Controversy of the week is "Superfish," an adware program pre-installed on Lenovo computers that has some worrying security problems.

Here's what you need to know, in plain English...

Revenge-porn king Hunter Moore pleads guilty to identity theft, hacking

by Lisa Vaas on February 20, 2015 | 2 Comments
Revenge-porn king Hunter Moore pleads guilty to identity theft, hacking

Congratulations to the hundreds of victims and to Charlotte Laws: the extremely tenacious mother of one victim who wouldn't back down.

Hackers force closure of Canadian Bitcoin exchange Cavirtex

by Lee Munson on February 19, 2015 | 4 Comments
Broken Bitcoin. Image courtesy of Shutterstock.

Canada's largest Bitcoin exchange - Cavirtex - has announced its closure, saying the latest in a string of hacking attacks may have left hashed passwords and 2FA "secrets" compromised.

Twitter's new tool should stop password sharing and help fend off hijackings

by Lisa Vaas on February 19, 2015 | Leave a comment
Twitter. Image courtesy of Shutterstock / Twin Design.

The new tool, TweetDeck Teams, lets users share Twitter accounts without having to share passwords.

SSCC 186 - Just how firm is your firmware? [PODCAST]

by Paul Ducklin on February 18, 2015 | 2 Comments
chet-chat-logo-featured-250

Here's the latest episode of our weekly security podcast - from firmware and Firefox to Project Zero and Lightning conductors.

Chet and Duck are in fine fettle as usual...enjoy!

What do you mean, "Facebook is now text only"? - 60 Sec Security [VIDEO]

by Paul Ducklin on February 14, 2015 | Leave a comment
60ss-video-250

Here's the latest episode of our weekly one-minute security video.

Fun, fast...and educational.