Call 01865 845 700
YouTube Google-Plus LinkedIn Twitter


WhiteLine
 
 
NEWS ARCHIVE

WhiteLine

"Girl killed herself" Facebook scam - be aware before you Share!
mar 6th 2014

You know the saying about buses - you don't see one for ages, then three come along at once.

Facebook scams and hoaxes are a bit like that, except for the "you don't see one for ages" part.

But, judging by the most popular articles on Naked Security over the past couple of weeks, large-scale hoaxes and scams do somtimes come in threes.

READ MORE

___________________________________________________________________________________________________________________

Meetup.com DDoSed by extortionist, refuses to pay ransom
mar 6th 2014

Who in the world would launch a distributed denial of service (DDoS) attack against Meetup.com?

That's beyond the pale, suggests one understandably aghast fan:

But a DDoS is exactly what's been plaguing the site, Scott Heiferman, Meetup.com co-founder and CEO, wrote on the company's blog.

READ MORE

___________________________________________________________________________________________________________________

Man guilty of "fixing" women's computers to spy on them via webcam
MAR 6th 2014

A 30-year-old London man has been found guilty of fiddling with three women's computers so he could spy on them through their webcams.

After a week-long trial, which police said had followed a "complex and protracted investigation that involved detailed examination and evaluation of computer files", Andrew Meldrum was convicted of three counts of unauthorised access to computer material and two counts of voyeurism.

He'll be sentenced on 14 April 2014.

READ MORE

___________________________________________________________________________________________________________________

Apple ships OS X 10.9.2 - delivers on promise to patch SSL/TLS hole "very soon"
FEB 26th 2014

Forget my unofficial patch for OS X!

Apple has done what it said, and delivered the latest update to Mavericks, numbered OS X 10.9.2, "very soon."

As usual, Apple's dedicated Security Updates page (HT1222) doesn't yet mention what's in 10.9.2. [As at 2014-02-26T00:44Z.]

For the Nth time, I implore Apple - and you should email Cupertino about it to add your voice, too - not to follow an update process that explicitly refers you to HT1222 for security information but doesn't update that page until much later.

But the Combo Update download page does mention what we all want to hear...

READ MORE

___________________________________________________________________________________________________________________

Ethical hacking organisation site hacked, defaced with Snowden's passport
FEB 25th 2014

The website for EC-Council, a US-based issuer of security certifications, was defaced over the weekend with Edward Snowden's passport, an email from Snowden to the council dated 2010, and a message jeering at the council and its purported habits of password reuse.

The message:

Defaced again? Yep, good job reusing your passwords morons jack67834#

owned by certified unethical software security professional

Obligatory link: http://attrition.org/errata/charlatan/ec-council/
-Eugene Belford

P.S It seems like lots of you are missing the point here, I'm sitting on thousands of passports belonging to LE (and .mil) officials

READ MORE

___________________________________________________________________________________________________________________

Stalking victim's petition to LinkedIn for blocking feature is finally heard
FEB 24th 2014

Anna R., a US woman from Columbus, Ohio, says that she was once sexually assaulted in the workplace.

She left her job, she says, hoping to leave the trauma behind.

But then, the stalking started.

It came via email, voicemail - "some threatening, some flirty, day after day", she said.

READ MORE

___________________________________________________________________________________________________________________

300,000 internal security breaches in UK last year
FEB 19th 2014

Beware of disgruntled employees - a new report reveals that UK businesses are being hit by over 1,000 internal security breaches every day.

Security software vendor IS Decisions came to these findings as a result of a new study, entitled ‘The Insider Threat Security Manifesto: Beating the threat within', which surveyed 250 IT decision makers.

The study found that more than 300,000 internal security breaches took place in UK businesses over the last 12 months - an average of 1,190 per working day.

READ MORE

___________________________________________________________________________________________________________________

UK bank customers targeted by new Zeus variant
FEB 18th 2014

A new version of the notorious Zeus banking Trojan, which hides itself inside digital photos, has been discovered by research firm Malwarebytes. And in a worrying echo, Trustwave has uncovered malware that harvests credit card details from online stores then camouflages itself as a JPG picture file to escape detection.

Malwarebytes senior security researcher Jerome Segura revealed the new Zeus variant, dubbed ZeusVM, in a 17 February blog post. Segura includes a screen shot that shows ZeusVM targeting the customers of dozens of well-known banks worldwide, including Lloyds, Barclays and Santander, as well as Wells Fargo and Deutsche Bank.

READ MORE

___________________________________________________________________________________________________________________

Why we need to rethink how we view security
FEB 18th 2014

Looking back at the major security stories of the last few months, there's something of a pattern emerging.

While many may seem to be down to a simple flaw in a single layer of security, on deeper examination most actually involve problems with multiple layers, and highlight the importance of an in-depth approach to security.

Target breach

Let's start with the recent, epic Target breach. Their POS systems got infected with malware, which harvested card data and sent it off to the bad guys, to do with as they please.

Sounds pretty simple - their anti-malware let them down. It should have spotted and blocked the malware in the first place.

READ MORE

___________________________________________________________________________________________________________________

Safer Internet Day: don't be an online sheep - our Top 10 Tips help you think before you act
FEB 11th 2014

Today is Safer Internet Day.

That's a European initiative aimed at helping youngsters to enjoy the internet without putting themselves at risk.

Last year at this time, we published ten short and simple Top Tips for young children and teenagers online.

This year, we thought we'd remind you of those tips, keeping them even shorter and simpler, so that they're easy to remember.

As you read them, you may find yourself thinking, "Those tips are too restrictive. Only an old timer or a wet blanket would be so strict."

READ MORE

___________________________________________________________________________________________________________________

NYPD tests Google Glass as they mull becoming Robocops
FEB 11th 2014

The New York City Police Department is beta-testing the ultimate creepy stalker toy, according to news reports.

One "ranking New York City law enforcement official" told Venture Beat that the NYPD is interested in seeing what use Glass might be in investigations, particularly when worn by police on patrol:

We signed up, got a few pairs of the Google glasses, and we’re trying them out, seeing if they have any value in investigations, mostly for patrol purposes.

READ MORE

___________________________________________________________________________________________________________________

LinkedIn's iPhone 'Intro' tool goes outro
FEB 12th 2014

LinkedIn launched Intro in October 2013.

Within one day, the email plug-in for Apple iOS, designed to suction LinkedIn profile information and insert it into emails received on phones, was dubbed a "dream for attackers".

Its lifespan was destined to be brief.

On Friday, LinkedIn announced that the guillotine drops on Intro's security-oblivious little head on 7 March 2014.

The way Intro worked was to show email recipients LinkedIn information from senders who are also LinkedIn users.

READ MORE

___________________________________________________________________________________________________________________

Facebook's 10 years of security & privacy thrills 'n spills
FEB 4th 2014

Princeton University: Based on epidemiological modeling, Facebook will shrivel up and mostly die by 2017 (PDF), in much the same way as an infectious disease might.

Facebook: Princeton University will disappear by 2021, followed by the evaporation of all air by 2060.

Naked Security: Happy Year 10 of the Zuckerbergian invasion of planet Earth!

READ MORE

___________________________________________________________________________________________________________________

Take the 3-step Privacy Plan Diet
FEB 4th 2014

As happens every so often we have a critical fix being released on a day other than Patch Tuesday.

Adobe released an emergency update for its Flash Player plugin for Windows, OS X and Linux to fix a zero-day vulnerability.

The fix addresses CVE-2014-0497 a integer underflow vulnerability that can be used to achieve remote code execution.

READ MORE

___________________________________________________________________________________________________________________

Misleading advertisements lead to hijacked browser settings
FEB 4th 2014

A few hours ago Mrs. W was looking to install a fresh copy of iTunes on her PC and performed a quick Google search.

Above the first (and correct) result was an ad. Nothing unusual about that, except that this particular ad screamed "SCAM!"

As you can see, the URL could lead one to believe it is the iTunes download site, so I thought I would check it out. The site I arrived at had a long list of legitimate applications with links to download them, including the one Mrs. W was interested in, iTunes.

This is where it is handy to have a virus lab hanging around. You can look into these things safely and see what the scam artists are up to with little to no risk.

READ MORE

___________________________________________________________________________________________________________________

Take the 3-step Privacy Plan Diet
Jan 28th 2014

Losing your grip on personal privacy is easy these days.

The internet is never more than an arm's length away, and the stores are chocked full of tempting, bite-sized apps.

We all know that privacy is important, but indulgence is fun!

On the other hand, abstinence is drudgery, watchfulness is dull, and doing the Right Thing is a chore.

So, can you maintain your privacy in 2014 without intolerable compromise and inconvenience? We think it's time to find out.

The answer will be different for each person so we've come up with a plan to help you come to your own personal conclusion - The Privacy Plan Diet!

READ MORE

___________________________________________________________________________________________________________________

Report from the future: Data Privacy in the year 2044
Jan 28th 2014

Today is 28 January 2014. That means it's Data Privacy Day!

So we asked Naked Security's Virtual Futurist, Frank di Scorse, to do the following:

  • Go forward in time 30 years.
  • Absorb the next generation's attitude to privacy.
  • Report back from the future.

Here's the way Frank sees it, all the way from 2044.

Ask yourself, "Is this where we want to go?"

READ MORE

___________________________________________________________________________________________________________________

San Jose Police seek private residents' security camera footage for database
Jan 28th 2014

Police in the US city of San Jose, in California, would be able to tap into volunteers' private security cameras under a proposal put forth on Thursday.

The San Jose Mercury News reports that the proposal would allow property owners to register their cameras with a new San Jose Police Department database on a voluntary basis.

The San Jose police have said that this isn't about active surveillance, per se; it's more after-the-fact than that.

Rather than sit around looking at what innocent citizens are up to in their neighborhoods, the police said, they'd instead merely rely on the ability to quickly analyze video footage following the occurrence of nearby crimes.

The newspaper described the new surveillance push as the act of a city that's gone from being one of the safest in the US to one with surging crime, including a string of arson fires that burned through the downtown area this month.

READ MORE

___________________________________________________________________________________________________________________

Marketers, IT contractor arrested in theft of 20 million South Korean credit cards
Jan 21st 2014

At least 40% of South Korea's entire population - some 20 million people - have had their names, social security numbers and credit card details ripped off and sold to marketing firms in the nation's biggest-ever theft of personal information.

It's looking like an inside job.

The theft has been traced back to an IT contractor working for a company called the Korea Credit Bureau, which produces credit scores, the BBC reports.

READ MORE

___________________________________________________________________________________________________________________

Digitally signed data-stealing malware targets Mac users in "undelivered courier item" attack
Jan 21st 2014

In fact, it was somewhat more than that: it was one of those "undelivered courier item" emails linking to a dodgy web server that guessed whether you were running Windows or OS X, and targeted you accordingly.

You're probably familiar with "undelivered item" scams.

The idea is surprisingly simple: you receive an email that claims to be a courier company that is having trouble delivering your article.

In the email is a link to, or an attachment containing, what purports to be a tracking note for the item.

READ MORE

___________________________________________________________________________________________________________________

Why aren't we learning long-term lessons from security disasters?
Jan 20th 2014

Security and privacy problems seem to have grown bigger and badder over the last year, with ever larger breaches and data leaks, continual revelations on the depth and breadth of government snooping, worries about the efficacy of encryption techniques (even when properly applied), and gluts of software vulnerabilities building to a crescendo with the impending end of patches for one of the world's most popular platforms.

For the most part our reaction to these developments is to plug leaks, implement workarounds, and make quick fixes.

READ MORE

 

WhiteLine
go back to the LATEST NEW & THREATS  READ MORE
 
 
  © Quadsys 2014  -  Site Map  |  Privacy Policy  |  Terms of Use  |  Cookies Information  
Cookies in Use