Security

Millions of Android users have been hit by malware posing as games on Google Play, according to Avast security researcher Flip Chytry. The malware harbors fake ads that pop up when users unlock their devices, to warn them about nonexistent infections, or that their devices are out of date or have po...

Is It Time to Trash Flash?

On Monday, Adobe Flash Player users were hit by a zero-day flaw for the third time in two weeks. The company issued a security advisory for the vulnerability, which it dubbed CVE-2015-0313. The flaw exists in Flash Player 16.0.0.296 and earlier versions on Windows and Macintosh platforms. Successful...

SPOTLIGHT ON SECURITY

Is the FTC Jumping the Gun on IoT Security?

The security community has been waving a red flag about how the Internet of Things could become a cybercriminal's paradise. Last week, those admonitions were given some credence when the Federal Trade Commission recommended that the makers of IoT gadgets adopt some "best practices" to protect consum...

Google has decided not to fix vulnerabilities in WebView for Android 4.3 and older, sparking heated discussions among developers. Those versions of WebView run on the WebKit browser. Fixing them "required changes to significant portions of the code and was no longer practical to do so safely," expla...

Canada's spy agency, the Communications Security Establishment, has been eavesdropping on 102 free file upload sites, including Sendspace, Rapidshare and Megaupload, which has been shut down. A CSE program called "Levitation" lets analysts access information on 10-15 million uploads and downloads of...

SPOTLIGHT ON SECURITY

POS Terminals Rich Vein for Gold-Digging Hackers

Hackers are like gold miners. Once they find a rich vein for their malware, they mine it until it's dry. Point-of-sale terminals are such a vein. Following the success of the Target breach in 2013, the hacker underground was quick to rush more POS malware to market. "Attackers have recognized that t...

Google may have contributed to violating the First Amendment rights of three journalists working for WikiLeaks two and a half years ago, when it turned over to the FBI all their email, subscriber information and metadata. Google informed the journalists about its actions last month. "We are astonish...

SPOTLIGHT ON SECURITY

Businesses Waste Big Bucks Fighting Phantom Cyberattacks

Businesses spend an average of $1.27 million a year chasing cyberthreats that turn out to be dead ends. That is one of the findings in a report released last week on the cost of containing malware. In a typical week, an organization can receive nearly 17,000 malware alerts, although only 19 percent ...

Google's recent publication of Windows' vulnerabilities -- two within a week -- predictably raised Microsoft's ire. "Risk is significantly increased by publically announcing information that a cybercriminal could use to orchestrate an attack and assumes those that would take action are made aware of...

The United States National Security Agency reportedly knew in advance that North Korea was about to hack into Sony's systems. The NSA apparently penetrated North Korea's network through several vectors, including Chinese networks used to connect with the rest of the world and hacker connections in M...

UK Prime Minister David Cameron, who is standing for re-election, has vowed to ban personal encrypted communications apps such as WhatsApp if he is voted in. He also will allow UK government security agencies to monitor communications, with warrants signed by the Home Secretary. "The first duty of a...

SPOTLIGHT ON SECURITY

Sony Sortie's Smoking Gun Still Missing

Recent research from security firm Cloudmark has raised doubt about the purported connection between North Korea and last November's intrusion on Sony Pictures Entertainment's computer networks. The FBI last week continued to press its case that North Korea was behind the cyberattack, pointing to an...

FBI Director James Comey has "very high confidence" that North Korea was behind last November's cyberattack on Sony, he said at a cybersecurity forum held last week at Fordham University. The attack resulted in large amounts of intellectual property, confidential communications and employee data bei...

OPINION

The Secret Stories of CES

By this time, you likely are getting a bit sick out of folks talking about wild new products that won't be on the market for weeks or months while you are paying your Christmas bills. So rather than tell you about a slew of new products, I'll focus on the back stories that didn't seem to get much co...

SPOTLIGHT ON SECURITY

Fingerprint Theft Just a Shutter Click Away

Ever since smartphone makers started incorporating fingerprint scanners as a means of unlocking mobile phones, the Chaos Computer Club has attacked the technology with vigor. Not long after Apple added Touch ID to its iPhones, the German hackers demonstrated how to lift prints from a surface and cre...

Technewsworld Channels