I take security and privacy issues seriously, but sometimes I despair when news stories such as that regarding Samsung TVs eavesdropping on private conversation explode across the media as happened last week. The reason for my despondency has less to do with the data privacy debate and more to do with the human stupidity one. That said, let's get the technical bit out of the way first. The privacy scare story kicked off after someone, eventually, noticed that privacy policy relating to Samsung smart TVs included the line: "Please be aware that if your spoken words include personal or other …

Member Avatar
Member Avatar
+3 forum 7

It's all too easy to think that spam is an old problem, and one that has largely been dealt with. Certainly, many people will tell you that they see very little evidence of spam in their mailboxes. This, however, has less to do with the demise of the spammer and everything to do with the effectiveness of spam filters. The latest Kaspersky Lab analysis of the spam and phishing threat landscape for the first quarter of 2015 suggests that some 59.2 per cent of email traffic was actually spam, which is good news in as far as that number is …

Member Avatar
Member Avatar
+3 forum 3

[ATTACH=RIGHT]17007[/ATTACH] Come with me if you want to rock. What is easily the greatest thing you’ve seen all week looks like an alternate ending to [I]Terminator 2: Judgment Day[/I], one that didn't leave me in tears and featured Ahhhnold rocking the main stage at Ozzfest, which isn't a far stretch this year with a leather-clad Rob Halford as a supporting act. The stainless steel stand, created by artist Christopher Conte, is a true marvel in every sense, much like the man behind the work. The Norwegian born illustration major earned his Bachelor’s Degree in Fine Art (BFA) from the Pratt …

Member Avatar
Member Avatar
+0 forum 1

As [news breaks](http://www.usatoday.com/story/tech/2015/06/12/office-of-personnel-management-hack-china/71146452/) that a second breach at the federal Office of Personnel Management may have seen another set of data, potentially more valuable than that accessed during [the first](http://arstechnica.com/security/2015/06/why-the-biggest-government-hack-ever-got-past-opm-dhs-and-nsa/), Philip Lieberman, President of privileged identity management specialists [Lieberman Software](http://www.liebsoft.com/), has been talking about what went wrong. Here's what he had to say on the matter: > The apparent US Government policy with regard to the protection of commercial enterprises attacked by nation states and others has been benign neglect (perhaps a shoulder to cry on). Current law and government policy forbid commercial enterprises to take any action against the …

Member Avatar
Member Avatar
+2 forum 5

The Electronic Frontier Foundation (EFF) has released the latest version of its 'Who Has Your Back?' [report](https://www.eff.org/who-has-your-back-government-data-requests-2015) and accompanying infographic, and it makes for interesting reading. Once you appreciate that what the EFF is talking about here is how good, measured as a response to a handful of yes or no questions, a bunch of leading tech companies are at protecting our data from government snooping requests. It's not about privacy in the larger scheme of things, just from that particular angle. That said, let's look at how the EFF came to the conclusions that can be seen in the …

Member Avatar
+1 forum 0

Speaking to TrustedReviews this week, Alexander Moiseev, Kaspersky Europe's Managing Director, has warned that your car is at serious risk of being hacked. He is, however, wrong and I'm going to explain why. ![bongosmall.jpg](/attachments/large/0/a4cebc93cab0ce6d2a6e28f218a2de8d.jpg "align-center") Kaspersky Lab and Mr Moiseev may well insist that the threats to the automotive industry are very real, and very much here and now; and while I don't dispute that there are concerns I do think there is a very real element of [Mandy Rice-Davies Applies](https://en.wikipedia.org/wiki/MRDA_(slang)) about the entire debate. With the demise, albeit a long and drawn out death, of desktop AntiVirus as the …

Member Avatar
Member Avatar
+3 forum 7

Researchers at security company AppRiver have issued a [warning](http://blog.appriver.com/2015/06/amazon-based-malware-targets-crypto-currency/) regarding a variant of the Fareit malware family which is using fake Amazon purchase confirmation emails to inject itself and steal any type of crypto currency that can be found on the target machine. ![amazonmalware.jpg](/attachments/large/0/4ed9d9dbe506fcd950aef08620e1e144.jpg "align-center") Troy Gill, manager of security research at AppRiver, details how his team have been monitoring, and blocking, what he describes as a stream of malicious emails during the last week. All posing as legitimate Amazon purchase confirmations, all stating that 'your order has been confirmed’ and all directing the reader to the attached, and infected, …

Member Avatar
+1 forum 0

Another month, another flaw related to the historical US export restrictions on cryptography; this time in the form of LogJam. It hits SSL 3.0 and TLS 1.0 which supported reduced-strength DHE_EXPORT ciphersuites, restricted to primes no longer than 512 bits, meaning that a man-in-the-middle attack is possible to force the usage of the lower export strength cipher without the user being aware and which impacts something like eight per cent of the top one million web domains and all the major web browser clients. Well almost, because Internet Explorer has already been patched (nice one Microsoft) with Firefox expected to …

Member Avatar
+2 forum 0

In what has quite possibly been one of the longest periods between security problems being revealed and action being taken, the Virginia Board of Elections voted on Tuesday to remove the certification of more than 300 AVS WINVote touchscreen voting machines. The Virginia Information Technology Agency, and consultancy Pro V&V, uncovered multiple flaws in the voting technology which had also been used in other states including Mississippi and Pennsylvania. The scandal here is that there have been concerted efforts to remove these machines from the electoral system since 2008 when experts investigating irregularities first flagged their concerns. They have consistently …

Member Avatar
Member Avatar
+2 forum 3

After a week of Jewish holidays bookending Advertising Week, SMX East, IAB Mixx, and OMMA, I took a break this past weekend to attend Comic Con NY at the Javits Center. A couple of first impressions: while the website announces it had the largest attendance to date, it seemed eerily empty as compared to previous years. That isn't to say it wasn't absolutely packed, because of course it was. But people were free to roam around and weren't packed in like sardines, unable to push through the crowds, which tended to be the norm on previous Comic Con Saturday afternoons. …

Member Avatar
Member Avatar
+0 forum 6

The hacker collective known as Anonymous first declared war on Islamic State (formerly known as ISIS) supporters back in the Summer of 2014 with [Operation NO2ISIS](http://www.forbes.com/sites/jasperhamill/2014/06/27/anonymous-hacktivists-prepare-for-strike-against-isis-supporters/) which promised to target the online infrastructure of those countries sponsoring Islamic State militants. This declaration followed the hacking of an Anonymous Twitter account, @TheAnonMessage, which was then used to post photos of a terrorist assault near Baghdad. At the time, an Anonymous spokesperson stated that "these savages who have no religion or morality are bent on burning everything in their path, killing and pillaging as they go. They must be stopped." Because Islamic …

Member Avatar
Member Avatar
+4 forum 9

It's the festive season but would you really expect Lady Gaga to give you a free iPad 2? That was the exact message being broadcast from Lady Gaga's Twitter account earlier, promising each and every one of her 17 million followers an iPad 2 and all they had to do was click the link for details. [ATTACH=RIGHT]23296[/ATTACH]Of course, there was no iPad. The Lady Gaga Twitter account had been hacked and if you clicked on that link it would take you to a number of different sites via redirects and then dump you at a survey designed to scam you …

Member Avatar
Member Avatar
+1 forum 6

My name is Davey Winder, and I am a phoneaphobic. At first glance it would appear that I am anything but alone if the results of a recent study into attitudes towards mobile phone usage are to be believed. But first impressions are often misleading and that's the case here, as unlike me it seems that the majority of people do not have a phobia of simply speaking on the phone (or more accurately having my train of thought interrupted by meaningless telephone conversations when an email will usually suffice) but rather the exact opposite. [URL="http://en.wikipedia.org/wiki/Nomophobia"]Nomophobia[/URL] is the fear of …

Member Avatar
Member Avatar
+2 forum 17

[ATTACH=RIGHT]22544[/ATTACH]Three and a half years ago, DaniWeb was reporting how [URL="http://www.daniweb.com/hardware-and-software/networking/news/218954"]stolen credit cards could be purchased online[/URL] for as little as $10 per card, complete with a guarantee that the accounts behind the cards were active, when purchased in larger volumes. So how has the market changed since the start of 2008? It should come as no real surprise, given the number of high profile data breaches which have resulted in the loss of credit card information from online databases, that the underground cybercrime marketplace has become pretty saturated with credit cards for sale. And whenever a market gets saturated …

Member Avatar
Member Avatar
+1 forum 9

The Iranian Cyber Army may be the latest elite military hacking squad to hit the headlines, but Iran has a long way to go if it's to catch up with China in terms of international data disruption. According to one newly published report into the threat from Chinese state-sponsored espionage activity, the true scale and nature of these cyber-attacks is really quite interesting. [ATTACH=RIGHT]24125[/ATTACH]Context Information Security argues in the '[URL="http://www.contextis.com/news/articles/targetedattacks/Targeted_Attacks_Whitepaper.pdf"]Hidden Tiger, Crouching Dragon, Stolen Data[/URL]' report that while cyber-attacks originating from China are nothing new, they have grown in both size and scope in recent years in order to support …

Member Avatar
Member Avatar
+0 forum 1

Following the arrest of 25 suspected members of the Anonymous hacking collective in Europe and South America, the INTERPOL website went offline. Coincidence? I don't think so. After all, Anonymous has already proven it isn't scared, or indeed incapable. of taking down law enforcement sites. Earlier in the month it managed to [URL="http://www.youtube.com/watch?v=pPZc-CqXG3U"]take the CIA website offline[/URL] and even managed to [URL="http://www.itpro.co.uk/638788/do-british-police-get-cyber-security"]listen in to a private conference call between FBI agents and Scotland Yard detectives[/URL] who were discussing how to deal with Anonymous hacking attacks amongst other things. The fact that the INTERPOL site went down within hours of INTERPOL …

Member Avatar
Member Avatar
+3 forum 1

If you use, or operate, a password-free wireless network then legal action being taken in the US by the adult movie industry might just be about to rain on your parade warns one European IT threat mitigation expert. [ATTACH=RIGHT]23826[/ATTACH]The lawsuit was filed by Liberty Media Holdings, a producer of adult movie content based in San Diego, and accuses in excess of 50 people in Massachusetts (where the lawsuit has been filed) of downloading and consequently sharing a gay porn movie illegally via BitTorrent. The complaint itself makes a point of claiming that the defendants either have direct responsibility as they …

Member Avatar
Member Avatar
+1 forum 10

[URL="http://en.wikipedia.org/wiki/Man-in-the-middle_attack"]Man-in-the-Middle (MITM) attacks[/URL] are, sadly, not news these days; they are a fact of online life. But word of how the latest SpyEye Trojan-driven MITM attacks are using clever post transaction fraud systems to effectively erase the evidence of the crime from the victims' view certainly deserve to be. Attacking online bank accounts in both the US and UK, the attacks were first spotted just before the seasonal holidays took hold by researchers at [URL="http://www.trusteer.com"]Trusteer[/URL], a security company which works with banks to protect customers from just such threats as MITM attacks. What is a MITM attack exactly? Well, simply …

Member Avatar
Member Avatar
+0 forum 2

Sykipot is not a new Trojan Horse by any means, but the variation found to be attacking Department of Defense smart cards is certainly something that government agencies need to be worried about. United States government agencies, that is. It's doubtful the Chinese government will be too worried about them, considering that the Sykipot-led attacks against these US government agencies would appear to be originating from China itself. [ATTACH=RIGHT]23494[/ATTACH]Security specialist [URL="http://www.alienvault.com"]AlienVault[/URL] has uncovered evidence that the attacks might stretch right back as far as March 2011 and have been targeting a number of agencies which use ActivIdentity, or more specifically …

Member Avatar
Member Avatar
+0 forum 1

[URL="https://www.facebook.com/TeaMp0isoN"]TeaMp0isoN[/URL], a black-hat hacking collective, has announced that it is to collaborate with Anonymous on Operation Robin Hood which swears to take money from the banks (in the form of stolen credit card data) and redistribute the wealth from the 1% to the 99% in support of the Occupy Movement. But just who exactly are TeaMp0isoN and what impact is Operation Robin Hood likely to have? [ATTACH=RIGHT]23129[/ATTACH]Let's start with the easy stuff first and get a handle on TeaMp0isoN. Although you might think that finding anything out about a hacking collective which does things the likes of the FBI and …

Member Avatar
Member Avatar
+0 forum 1

[ATTACH=RIGHT]22459[/ATTACH]Just how desperately are you looking for love? Unfortunately, for some the answer is all too often all too desperately; to the point where common sense leaps out of the window and is quickly followed by the bank balance. According to new research by the University of Leicester in the UK, hundreds of thousands of people have already fallen to what is being referred to as the online romance scam. In what is thought to be the first formal academic study of its kind, researchers at Leicester University have attempted to measure the true scale of online dating danger from …

Member Avatar
Member Avatar
+0 forum 6

[ATTACH=RIGHT]22151[/ATTACH]It would appear that a Florida bank has been the victim of a $13 million ATM heist, but just how did the cyber-robbers pull it off? Although the security breach which led to the ATM fraud itself seems to have taken place in March, and was disclosed in the first quarter earnings statement for Fidelity National Information Services Inc (FIS) back in May, details of exactly what happened are only just starting to leak from the FBI probe that followed. FIS, based in Jacksonville, is one of the world's biggest processors of prepaid debit cards with more than 775 million …

Member Avatar
Member Avatar
+3 forum 10

[attach=right]21629[/attach]There is an app for most things, but flying a helicopter has been (perhaps understandably) absent from the list. Sure, you can pilot a virtual helicopter or play a game involving a helicopter on-screen, but how about flying an actual helicopter in the actual sky using an actual iPhone? Griffin Technology Inc, best known for a whole load of innovative hardware accessories for the original iPod, has today been demonstrating how to fly a real helicopter using an iPhone, or an iPad for that matter. OK, so it's a small helicopter, a remote controlled one in fact, but it's real …

Member Avatar
Member Avatar
+0 forum 11

[ATTACH=RIGHT]22256[/ATTACH]England just scraped to a hard fought win against a physical and enthusiastic Argentina side in their opening match of the 2011 Rugby World Cup campaign in New Zealand. But while sports fans the world over get excited about how their country is performing in the initial pool group matches, some folk have other motives for clapping their hands with joy over the current wave of interest in Rugby Union: cyber-criminals are raking in the money with a whole host of Rugby World Cup 2011 scams. Nick Johnston, a senior software engineer with Symantec, [URL="http://www.symantec.com/connect/blogs/419-scammers-take-advantage-rugby-world-cup-fake-lottery"]has warned[/URL] that advance fee fraud …

Member Avatar
Member Avatar
+0 forum 4

It may seem like email has been around forever, but actually it is exactly 40 years since the first email was sent by the man credited with inventing it, engineer Ray Tomlinson, on Wednesday 8th June 1971. [attach]21227[/attach] Tomlinson was a computer engineer who was working for a company that had been hired to help build the Arpanet, the predecessor to the Internet, at the time. And in case you were wondering, that very first email message simply said: 'QWERTYUIOP' which as any self-respecting geek will know is the top line of letters on a standard QWERTY keyboard. QWERTYUIOP is …

Member Avatar
Member Avatar
+1 forum 11

[ATTACH=RIGHT]21852[/ATTACH]The Sun is the biggest selling newspaper in the UK, and famous for some truly scything political headlines over the years. Today the Rupert Murdoch owned red top tabloid finds itself on the wrong side of the headline writing tracks after it admitted that reader data may be at risk following a security breach. According to [URL="http://www.guardian.co.uk/technology/2011/aug/02/sun-website-users-personal-details-hacked"]The Guardian[/URL], News International has sent emails to "thousands of people to warn them" that their personal details may have been compromised if they entered competitions and polls on the official Sun newspaper website. The director of customer data for News International, Chris Duncan, …

Member Avatar
Member Avatar
+0 forum 3

[ATTACH=right]21447[/ATTACH]Penetration testing by the US Department of Homeland Security which involved dropping USB thumb drives and various data discs around the car parks of government agency buildings has revealed a not-so-shocking truth: just like most folk, government workers allow curiosity to trump security when faced with the opportunity to have a nosey at something they think they shouldn't be looking at. Some 60 percent of those who picked up the thumb drives and discs went on to stick them straight into their company computers in order to see what they contained. The more that the drive or disc looked like …

Member Avatar
Member Avatar
+2 forum 12

[ATTACH=RIGHT]21680[/ATTACH]The British website for pop sensation Lady Gaga has been hacked, it's official. The website was targeted by the US SwagSec hacking group it would appear, a group which has a track record (if you'll excuse the pun) of hacking the official websites of pop stars having already hit Justin Bieber and Amy Winehouse to name but two. Universal Music has now confirmed that part of a database was copied and the names and email address records of Lady Gaga fans accessed. The record label was at pains to point out that no passwords or credit card data was stolen. …

Member Avatar
Member Avatar
+2 forum 3

It's one of the more bizarre questions I have been asked during my twenty year involvement in the computer security business. Yet here I am, pondering whether something being called the Shrek virus could have enabled tens of thousands of butt ugly lonely people to bypass the attractiveness filtering of an online dating agency which only allows people voted 'beautiful enough' by the existing membership to join. [attach]21351[/attach]OK, so I'll readily admit I'm not 'beautiful' at least on the outside, but I'd rather slash my wrists than join a dating agency which proclaims "Browse beautiful profiles of men and women …

Member Avatar
Member Avatar
+0 forum 3

Today, Microsoft announced that it has [URL="http://www.xbox.com/en-US/Press/archive/2011/0308-Ten-Million-Kinects"]sold over 10 million Kinect sensors[/URL] as well as Kinect games. At the same time Kinect for Xbox has set a [URL="http://community.guinnessworldrecords.com/_Kinect-Confirmed-As-Fastest-Selling-Consumer-Electronics-Device/blog/3376939/7691.html"]new Guinness World Record[/URL] for having sold 8 million units in the first 60 days. They managed all of this during a recession, hello![ATTACH]19733[/ATTACH] Many [URL="http://www.pcgamer.com/2011/01/10/10-amazing-kinect-hacks/"]PC gamers and users are embracing Kinect[/URL], figuring out ways to hack it to use with a PC. Microsoft has already hinted that Kinect with eventually be made to support PC. I'm thinking Minority Report is getting closer and closer.

Member Avatar
Member Avatar
+1 forum 10

The End.