Guardian newspaper columnist [Dawn Foster](https://twitter.com/DawnHFoster) posted images on Twitter this weekend showing how she was able to login to the official Conservative party conference app as Boris Johnson, until recently the UK Foreign Secretary. Not only was there no password required to login to the app, all that was required was an email address, but once in all the details of user registration were accessible. So, in the case of Alexander Boris de Pfeffel Johnson (yes, that is his real name) that meant contact details such as his mobile phone number. It also meant that the logged in user could …

Member Avatar
Member Avatar
+0 forum 6

Last week a group of six 'm-commerce' experts took part in a round robin discussion in Manchester, England to determine the best ways forward for developers interested in creating a serious mobile web presence yet wanting to make money through the medium of mobile advertising at the same time. Anyone who has been involved in this particular area of Internet growth will appreciate just what a serious challenge the mobile web presents to those who have not invested, in thought and deed as much as financially, in getting to grips with a realistic m-commerce marketing strategy. Unless you are creative …

Member Avatar
Member Avatar
+0 forum 3

I've been writing about various security risks in the health sector for many years now. Usually my articles cover patient privacy, data protection and health provider network insecurity issues. Occasionally, they spill over into darker territory where the cyber risk morphs into a very real one as far as the health of the patient is concerned. Take my story at SC Magazine a couple of years ago which reported how researchers at Rapid7 had uncovered vulnerabilities in an insulin pump that had the potential to change the dosage supplied. Sure, the actual risk of exploit was low given that an …

Member Avatar
Member Avatar
+1 forum 1

I take security and privacy issues seriously, but sometimes I despair when news stories such as that regarding Samsung TVs eavesdropping on private conversation explode across the media as happened last week. The reason for my despondency has less to do with the data privacy debate and more to do with the human stupidity one. That said, let's get the technical bit out of the way first. The privacy scare story kicked off after someone, eventually, noticed that privacy policy relating to Samsung smart TVs included the line: "Please be aware that if your spoken words include personal or other …

Member Avatar
Member Avatar
+3 forum 7

Google's seemingly always changing indexing algorithm continues to hit site rankings as the search giant continues to drive a new generation of SEO relying upon original and relevant content generation and sharing above all else. Now a panel of SEO experts in the UK has warned that companies need to avoid putting all their SEO eggs into the one Google basket and instead embrace SEO strategic evolution in order to maintain and grow traffic. ![dweb-google](/attachments/small/0/dweb-google.jpg "align-right") At a round-table discussion, hosted by cloud provider UKFast, Sam Allcock, CEO of Custard Media, stated that the key to successful audience growth was …

Member Avatar
Member Avatar
+4 forum 35

It has long since been argued that continued exposure to something over a length of time will reduce the shock value of whatever it happens to be, from violence in movies to swearing in public. Now according to a [URL="http://www.usatoday.com/news/health/2007-12-12-porn-study_N.htm"]report[/URL] researchers at the Brigham Young University have suggested that the availability of 'pocket porn' via the Internet and mobile phones has led to a sea change in how women react to pornography. The full study is to be published in the Journal of Adolescent Research in January, but enough detail has been leaked ahead of publication for us to know …

Member Avatar
Member Avatar
+0 forum 10

The second annual Imperva Hacker Intelligence Initiative report, this one entitled [Monitoring Hacker Forums](http://www.imperva.com/docs/HII_Monitoring_Hacker_Forums_2012.pdf), is out and reveals that the threat surfaces being discussed by the hacker community are very different from those that businesses are spending money on defending against attack. ![dweb-hackers](/attachments/small/0/dweb-hackers.jpg "align-right") The Imperva research analysed the content of a number of online hacker communities, including many lesser known forums in order to get a more accurate snapshot of what those doing the hacking are actually discussing. By looking at a total of more than 400,000 different conversational threads, Imperva was able to determine that SQL injection and …

Member Avatar
Member Avatar
+0 forum 2

So you've lost access to your data through hardware failure or accidental erasure. What do you do? Like most cyber-warriors you naturally turn to the Internet, be that via a Google search or YouTube video, for help. That's a big mistake says [Kroll Ontrack](https://www.krollontrack.co.uk/blog/), a data recovery specialist, as self-inflicted permanent data loss is apparently on the up. Of course, there's going to be a certain amount of MRDA in this assertion. That's Mandy Rice-Davies Applies, or 'well he would say that, wouldn't he?' in case you wondered. As [Wikipedia says](https://en.wikipedia.org/wiki/MRDA), referencing an article of mine in the further reading …

Member Avatar
Member Avatar
+2 forum 8

According to the [Australian Federal Police](http://www.afp.gov.au/), it would appear that at least half a million credit cards 'down under' have been compromised and funds in excess of AUS $25 million (US $26 million) stolen. Although precise details are still coming in, it would seem likely that nothing more complicated than a bit of simple scanning for point of sale terminals which looked vulnerable was used to locate potential victims in the small retailer market rather than run the greater risk of detection by targeting banks or bigger business. Lessons learned from the Subway caper in the US last year no …

Member Avatar
Member Avatar
+2 forum 4

Following the recent ransomware attacks that leveraged the WannaCrypt0r malware and NSA-developed EternalBlue vulnerability exploit, there was [plenty of advice](https://happygeek.com/?p=812) that backup, backup, backup was the best mitigation. Data backups are, of course, an important part of any business continuity strategy. However, what happens when your backups are also encrypted by ransomware? There are variants out there, in the wild, that will target shared network drives, that will use cloud backup desktop sync clients to encrypt that data as well. There are variants that will not declare themselves and post the ransom demands until they have been successfully encrypting backups …

Member Avatar
Member Avatar
+0 forum 7

Radiohead are a band which does not need to prove anything to anyone. Their seminal album 'OK Computer' is consistently voted one of the greatest recordings of all time, be it the critics or mere mortal music fans putting the crosses in the boxes. Which is perhaps why the latest Radiohead album '[URL="http://www.inrainbows.com"]In Rainbows[/URL]' has not been made available through the usual channels, but rather the group have bucked the trend and challenged the music industry by making it available for free download instead. It was not meant to be quite that simple, of course. The distribution and sales model …

Member Avatar
Member Avatar
+0 forum 3

Want to buy a Dell machine loaded with Linux? Shame, as it appears that Dell Europe would really rather you bought a Windows-powered one, despite having a website devoted entirely to selling Dell Ubuntu laptops. And, oh boy, does it use some strange arguments to dissuade you from becoming a Linux convert. [attach]15934[/attach]Three years ago Dell went Ubuntu bashing, making it really pretty hard to buy a Linux-loaded machine from the vendor. The Linux machines back then cost more than the Windows ones, there were warnings about it not being compatible with lots of software and to top it all …

Member Avatar
Member Avatar
+7 forum 35

It's all too easy to think that spam is an old problem, and one that has largely been dealt with. Certainly, many people will tell you that they see very little evidence of spam in their mailboxes. This, however, has less to do with the demise of the spammer and everything to do with the effectiveness of spam filters. The latest Kaspersky Lab analysis of the spam and phishing threat landscape for the first quarter of 2015 suggests that some 59.2 per cent of email traffic was actually spam, which is good news in as far as that number is …

Member Avatar
Member Avatar
+3 forum 3

The UK's National Crime Agency (NCA) has said that it has dealt a "major blow to dark web markets." In a [statement](http://www.nationalcrimeagency.gov.uk/news/news-listings/483-international-law-enforcement-deals-major-blow-to-dark-web-markets) issued on the 7th November the NCA says that a coordinated operation between law enforcement agencies in Europe and the US has "targeted market places for illegal commodities on the dark web" and as part of this six people in the UK were arrested. Amongst those arrested in strikes closely coordinated with international partners in the US were the suspected administrators of Silk Road 2.0, the Tor accessed drugs and firearms market place. The NCA statement also claims …

Member Avatar
Member Avatar
+1 forum 7

Although it took eBay itself an absolute age to disclose that a serious breach had taken place, and then [completely screwed up the process of ensuring users change their passwords](http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/news/479152/more-ebay-security-stupidity-exposed), this should come as no real surprise. Happygeeks' Law states: the larger the corporate, the longer it takes to admit anything and the bigger the chance it will handle it badly. What is surprising is that it has taken so long for the stolen database of user credentials to go up for sale on the dark market. If you consider that the breach itself happened a couple of months ago, …

Member Avatar
Member Avatar
+1 forum 4

The news that JPMorgan Chase & Co, which is the largest of the US banks with a reach that extends to half of all American households, has been breached will surprise nobody. At least not in the sense that this is old news, with a disclosure of the event happening in August. The actual breach was discovered by the bank back in July, and is thought to have been active for at least a month prior to that. What is surprising, however, is that a financial organisation of such a size and reputation should fall victim to such a breach …

Member Avatar
Member Avatar
+1 forum 2

My van was built 15 years ago by Mazda in Japan as a multi-purpose 'people carrier' vehicle with the unlikely name of a Bongo. It has survived the years well, and I have now converted it into a camper van. Another 15 year old that travelled across the globe has not survived the passage time, and we can be thankful for that because I'm talking about the Love Bug. No, not Herbie the talking VW Beetle from those candy-sweet Disney films but rather a computer worm that spread like wildfire in May 2000. Also known as 'ILOVEYOU' thanks to the …

Member Avatar
Member Avatar
+3 forum 5

If you don't know who [Alan Turing](http://en.wikipedia.org/wiki/Alan_Turing) was, then shame on you. The British code breaker, mathematics genius and father of both computer science and artificial intelligence is rightly credited with helping to bring the second world war to an end. Turing was also gay, and that's where the shame has stuck firmly on the UK establishment for more than 60 years. Turing was convicted for 'homosexual activity' in 1952, and his punishment was to be chemically castrated. This shameful and appaling conviction meant that Turing was unable to continue his pioneering code-breaking work at Bletchley Park as he lost …

Member Avatar
Member Avatar
+8 forum 16

[ATTACH=RIGHT]22199[/ATTACH]Ever wondered just how many domain names there are on the Internet? DaniWeb has, and can reveal the answer as being an almost astonishing 215 million worldwide. According to global Internet infrastructure provider and domain registrar Verisign, more than five million domain names were added to the total during the second quarter of this year alone, which represents a growth rate of 2.5 percent above the previous three months. To put that into some perspective, that's a year on year growth in the number of Internet domains of 8.6 percent or some 16.9 million domains. If you were to look …

Member Avatar
Member Avatar
+3 forum 21

According to research from data recovery specialists Kroll Ontrack, some three quarters of those workers that had lost data on a broken device didn't attempt to ensure that information was irretrievable before disposing of the hardware. ![dwebdatarip](/attachments/large/0/dwebdatarip.jpg "dwebdatarip") It doesn't matter whether the hardware itself is a PC or laptop, removable drive, tablet or smartphone, the ugly truth remains that most people simply assume that if the device is dead then the data has died along with it. Actually, data lost through software corruption or hardware failure is more often than not recoverable - at least partially. The study revealed …

Member Avatar
Member Avatar
+2 forum 48

Adobe Flash users have been under attack from cybercriminals again, this time courtesy of [a zero day exploit kit by the name of Angler](http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html). The exploit kit has been readily available on the dark market, and hits vulnerabilities to be found in Flash Players up to 15.0.0.223, as well as the latest release. There is some uncertainty as to who is at risk from this kit, with some sources claiming Windows 8.1 and Google Chrome users are safe, while others tell me any version of Internet Explorer used with any version of Windows is at risk if Adobe Flash player …

Member Avatar
Member Avatar
+1 forum 8

News has broken this weekend that the personal data, including bank account details, of some 2.4 million customers of the Carphone Warehouse may have been compromised following a breach that the mobile phone retail giant is calling "a sophisticated cyber-attack." The company also warns that encrypted credit card data of up to 90,000 customers may have been accessed during the breach. Scotland Yard and the Information Commissioner's Office have both been notified, along with a security outfit specialising in forensic examination of such attacks. However, the statement from Carphone Warehouse, released on Saturday, and revealing that the compromised personal details …

Member Avatar
Member Avatar
+1 forum 7

Sanjib Mitra is a man who likes to be responsible and do the right thing. A year ago he discovered, quite by accident, that a little bit of URL tweaking could reveal personal data about people other than himself within a website database. He was completing a complicated application form himself when he was faced with a blank page and a browser back button that did nothing, so he tried changing numerical data at the end of the URL in an effort to salvage some of the information he had spent the previous hour entering. His reward was not time …

Member Avatar
Member Avatar
+0 forum 12

As [news breaks](http://www.usatoday.com/story/tech/2015/06/12/office-of-personnel-management-hack-china/71146452/) that a second breach at the federal Office of Personnel Management may have seen another set of data, potentially more valuable than that accessed during [the first](http://arstechnica.com/security/2015/06/why-the-biggest-government-hack-ever-got-past-opm-dhs-and-nsa/), Philip Lieberman, President of privileged identity management specialists [Lieberman Software](http://www.liebsoft.com/), has been talking about what went wrong. Here's what he had to say on the matter: > The apparent US Government policy with regard to the protection of commercial enterprises attacked by nation states and others has been benign neglect (perhaps a shoulder to cry on). Current law and government policy forbid commercial enterprises to take any action against the …

Member Avatar
Member Avatar
+2 forum 5

Action video camera vendor GoPro has announced that it is riding into the Tour de France with a promotional [video](https://www.youtube.com/watch?v=X63m5r5jJlg) to celebrate being named the official camera of the world's largest annual sporting event with a worldwide television audience of some 4 billion people, but not before the BBC [reported](http://www.bbc.co.uk/news/technology-32934083) how GoPro cameras could be used to spy on their owners. According to security company Pen Test Partners, it is way too easy to take control of GoPro cameras and one of the partners at the outfit, Ken Munro, showed demonstrated how. He showed the BBC how a GoPro Hero4 …

Member Avatar
+1 forum 0

A couple of decades ago, in another life, I wrote a little script which would capture keystrokes and then store that data within the 'white space' of an image file. It was pretty crude, but it was also twenty years ago and to be honest nobody was really looking for stuff which was effectively hidden in plain sight that way. That way being the use of something called steganography, from the Greek steganos which means covered and graphie which means writing; so literally covered writing. I used it to good effect during my period as an explorer of networks belonging …

Member Avatar
Member Avatar
+3 forum 1

Earlier this month, security outfit FireEye’s 'FireEye as a Service' researchers out in Singapore [discovered and reported](https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html) on a phishing campaign that was found to be exploiting a zero-day in Adobe Flash Player vulnerability (CVE-2015-3113). That campaign has been well and truly active for a while now, with attacking emails including links to compromised sites serving up benign content if you are lucky and a malicious version of the Adobe Flash Player complete with the exploit code if you are not. Adobe has now [responded with a security update](https://helpx.adobe.com/security/products/flash-player/apsb15-14.html) with the following recommendations: Users of the Adobe Flash Player Desktop …

Member Avatar
Member Avatar
+2 forum 1

The Electronic Frontier Foundation (EFF) has released the latest version of its 'Who Has Your Back?' [report](https://www.eff.org/who-has-your-back-government-data-requests-2015) and accompanying infographic, and it makes for interesting reading. Once you appreciate that what the EFF is talking about here is how good, measured as a response to a handful of yes or no questions, a bunch of leading tech companies are at protecting our data from government snooping requests. It's not about privacy in the larger scheme of things, just from that particular angle. That said, let's look at how the EFF came to the conclusions that can be seen in the …

Member Avatar
+1 forum 0

[URL="http://www.pcadvisor.co.uk/poll/index.cfm?action=showresults&pid=3228421"]A new poll into Operating System popularity by a British computer magazine[/URL] has revealed that an incredible 37 percent of respondents are still using Windows XP. That's more than Windows 7 which managed to woo 30 percent of the folk taking part, and Vista could only garner a pretty poor 16 percent of support. This being a PC magazine it should come as no great surprise to see Linux being used by 8 percent of respondents and Mac OS by 7 percent. However, what was surprising was the sheer number of people who refuse to let Windows XP die. [attach]15712[/attach]Was …

Member Avatar
Member Avatar
+6 forum 760

Speaking to TrustedReviews this week, Alexander Moiseev, Kaspersky Europe's Managing Director, has warned that your car is at serious risk of being hacked. He is, however, wrong and I'm going to explain why. ![bongosmall.jpg](/attachments/large/0/a4cebc93cab0ce6d2a6e28f218a2de8d.jpg "align-center") Kaspersky Lab and Mr Moiseev may well insist that the threats to the automotive industry are very real, and very much here and now; and while I don't dispute that there are concerns I do think there is a very real element of [Mandy Rice-Davies Applies](https://en.wikipedia.org/wiki/MRDA_(slang)) about the entire debate. With the demise, albeit a long and drawn out death, of desktop AntiVirus as the …

Member Avatar
Member Avatar
+3 forum 7

The End.