What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-09-21 23:06:38 | Who on earth would want to use Google\'s Allo chat app? (lien direct) |  Google makes a u-turn on privacy with its new chat app, Allo.
|
|||
|
2016-09-21 22:35:00 | Danger USB! Oz police warn of malware in the letterbox (lien direct) |  Residents in a suburb of Melbourne, Australia, have been blighted by a plague of malicious USB sticks.
|
★★ | ||
|
2016-09-21 21:48:40 | Almost any file is up for grabs when this Android banking trojan attacks (lien direct) |  At first glance, Tordow behaves like other mobile banking malware targeting the Android operating system. But then things get somewhat more sophisticated...
David Bisson reports.
|
|||
|
2016-09-20 16:29:22 | Cisco customers targeted by hackers using leaked NSA hacking tools (lien direct) |  Cisco has announced it will be releasing a patch for a zero-day vulnerability exploited by a group of NSA hackers.
David Bisson reports.
|
|||
|
2016-09-20 13:46:20 | Android community MoDaCo suffers data breach, user database stolen (lien direct) |  Criminal hackers appear to have broken in via compromised admin account.
|
|||
|
2016-09-20 12:26:43 | How any Facebook page could have been hijacked or deleted, in just 10 seconds (lien direct) |  Can you imagine just how much online criminals would pay to be able to hijack, and even delete, any page on Facebook?
Read more in my article on the Hot for Security blog.
|
|||
|
2016-09-20 12:22:43 | Watch Teslas being hacked as they drive, from up to 20 km away (lien direct) |  Chinese hackers literally open a backdoor on a Tesla car...
|
Tesla | ||
|
2016-09-19 20:49:27 | Bypass an iPhone\'s passcode lock for $100 (lien direct) |  Which is a lot cheaper than the $1.3 million the FBI paid to break into the San Bernardino shooter's iPhone 5c.
|
|||
|
2016-09-19 16:18:22 | Misspelled Malwarebytes isn\'t the real deal. It\'s ransomware! (lien direct) |  A piece of software masquerading as a security product from Malwarebytes is making its rounds on the web and distributing ransomware to unsuspecting users.
David Bisson reports.
|
|||
|
2016-09-19 15:26:10 | Uninstall your anti-virus says Amazon, if you want to work for us from home (lien direct) |  You may want to earn money working from home as a customer service rep for Amazon, but they have some worrying rules about what you should (and shouldn't) be running on your computer.
Watch my latest video to learn more.
|
|||
|
2016-09-19 09:12:05 | Fight cybercrime by "plug and play" encrypting all data and communications (lien direct) |  Graham Cluley Security News is sponsored this week by the folks at Corporate Encryption. Thanks to the great team there for their support! Read below to learn more about their enterprise encryption solution.
We encrypt email, chat, data, calling, calendars etc. – also on smartphones and mobile devices.
TEP is the World's first turnkey enterprise encryption solution, enabling business to communicate and collaborate securely - while still being efficient and flexible. The platform is web-based and also comes with apps.
TEP also helps enterprises get ready for the relative high standards introduced by EU's new data protection law - General Data Protection Regulation (GDPR).
The platform solves a major "headache" in one go. TEP's end-to-end encryption ensures only the sender and intended recipients are able to decode the communications and data. All data is protected, both while in transit and at rest. In short, it's all about who has the access to the encryption keys.
Communications and data are protected by strong AES 256-bit end-to-end encryption and RSA 2048-bit key cryptography. Combined with our proprietary platform integration, this is the most secure and easy-to-use platform offered to the enterprise market. Your communications and data are extremely secure and protected. They deserve it.
Enterprises can choose between a hosted - or an on premise solution, depending on data storage needs and requirements.
TEP is developed by Corporate Encryption GmbH, a cyber-security company, specialized in secure encrypted communications. We are a strong International team of security, cyber-forensic and encryption specialists, with offices in Switzerland and Denmark.
Click here to learn more, register for a free demo, and start protecting your enterprise and clients against cybercrime.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. |
|||
|
2016-09-18 19:27:34 | How an attacker could exploit Windows Safe Mode to steal users\' passwords (lien direct) |  Safe mode doesn't necessarily mean secure mode.
David Bisson reports.
|
|||
|
2016-09-16 16:30:39 | Anti-virus industry\'s bête noire Tavis Ormandy to enter the lion\'s den (lien direct) |  The Virus Bulletin conference is being held in Denver, Colorado, next month. And they have a controversial guest...
|
★★★★ | ||
|
2016-09-16 15:20:53 | Cover your webcam - protect your privacy from hackers (lien direct) |  Don't let hackers spy upon you by hijacking your webcam. Cover your webcam when you're not using it.
In this video, Graham Cluley describes the threat.
|
|||
|
2016-09-16 10:33:36 | Some security advice for Colin Powell to better protect his Gmail account (lien direct) |  Former US Secretary of State Colin Powell has had his personal Gmail account hacked.
Which is kind of embarrassing... Here's what people should do to better protect their email accounts.
|
|||
|
2016-09-15 16:23:41 | How one teen gained access to T-Mobile\'s network for free - without any data plan or contract (lien direct) |  A teenager recently found a way to gain access to T-Mobile's mobile network for free - that is, without any data plan or contracts.
David Bisson reports.
|
|||
|
2016-09-15 11:18:29 | Hack an Android phone remotely, and win $200,000 (lien direct) |  Google has announced a hacking contest offering a $200,000 first prize to vulnerability hunters around the world if they can find a way to remotely hack an Android device knowing nothing more than its phone number or email address.
Read more in my article on the Hot for Security blog.
|
|||
|
2016-09-15 08:38:56 | Turning the tables on a scammer... by contacting his mum on Facebook (lien direct) |  Some scammers think the chances of the police ever catching them are low, but there's one thing they are afraid of: their mum.
|
|||
|
2016-09-14 21:47:26 | Google Play obsessed with tracking Android users\' every move (lien direct) |  Google Play has a keen interest in tracking Android users as they go about their day, and there's little that can be done to stop it.
David Bisson reports.
|
|||
|
2016-09-14 15:49:30 | Adblock Plus wants to put more ads on your screen (lien direct) |  When an ad blocker announces its plans to put more ads on users' screens, you can probably imagine the internet's reaction...
|
|||
|
2016-09-14 00:32:34 | iPhones bricked as Apple releases iOS 10.0 (and then - rather rapidly - 10.0.1) (lien direct) |  The "biggest release of iOS ever" is plagued by reports of bricked iPhones and iPads.
Thankfully, Apple was quick to release a fix - version 10.0.1.
|
|||
|
2016-09-13 23:51:48 | A patchtastic day for Flash and Windows users - don\'t delay! (lien direct) |  Don't drag your feet. If the likes of Adobe and Microsoft describe vulnerabilities as critical it's important that you patch them at your earliest opportunity.
|
|||
|
2016-09-13 20:48:17 | Hacker jailed after stealing thousands of pounds worth of gold bullion (lien direct) |  A Canary Wharf-based hacker compromised a gold bullion trading company in order to gather information that would help his gang intercept the valuable packages.
|
|||
|
2016-09-13 20:18:23 | \'Now the cyber is so big\' says Donald Trump (lien direct) |  "You know cyber is becoming so big today. lt's becoming something that a number of years ago, a short number of years ago wasn't even a word. Now the cyber is so big."
Hear what I think in my latest video.
|
|||
|
2016-09-13 19:58:59 | Backdoor targeting corporate data through... Microsoft Publisher files? (lien direct) |  Malicious hackers are abusing Microsoft Publisher files to try to infect businesses with a backdoor and steal corporate data.
David Bisson reports.
|
|||
|
2016-09-13 14:32:32 | No over-the-air update means GM has to recall four million cars to fix fatal software defect (lien direct) |  US motor company General Motors is recalling four million vehicles worldwide due to a software bug that has been linked to at least one death.
Read more in my article on the Hot for Security blog.
|
|||
|
2016-09-12 13:00:05 | How 911 emergency services across the United States could be knocked offline by a mobile botnet (lien direct) |  Israeli researchers have published a paper describing how hackers could use a mobile botnet to threaten the United States's 911 emergency call infrastructure.
David Bisson reports.
|
|||
|
2016-09-12 09:12:07 | Bank\'s data center knocked offline by really loud noise (lien direct) |  Sound is just a vibration. And guess what hard drives don't like? Big vibrations...
|
|||
|
2016-09-12 09:07:19 | FBI arrests Crackas With Attitude who allegedly hacked CIA boss\'s AOL account (lien direct) |  Two alleged hackers, said to have compromised the online accounts of senior government officials, have had their collars felt.
|
|||
|
2016-09-12 09:05:53 | Discover VASCO\'s top 10 tips for a successful and secure Mobile First Strategy! Register now for this webinar (lien direct) |  Graham Cluley Security News is sponsored this week by the folks at VASCO. Thanks to the great team there for their support!
VASCO, a global leader in authentication, electronic signatures, and identity management, is sharing its expertise in a free webinar entitled "Top 10 tips for a successful and secure mobile first strategy."
Mobile banking has definitely shifted focus from transaction to customer interaction, enabling users to engage with their bank anytime, anywhere and more frequently.
But how can you establish a successful and secure mobile first strategy, while keeping an eye on user convenience?
Register today for this FREE 30-min webinar!
Discover the necessary tips to establish a successful and secure mobile first strategy:
Enable more services on mobile
Make user experience fast, convenient and secure
Score your user's device and context
Combat malware and other attacks
Adopt mobile as the key to all your banking channels
and many more...
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. |
Guideline | ||
|
2016-09-10 08:12:28 | CallJam malware infects Androids and keeps ringing premium rate numbers (lien direct) |  The CallJam malware masquerades as a four-star rated Android game on Google Play, and has a worrying addiction to making premium rate phone calls.
David Bisson reports.
|
|||
|
2016-09-09 14:41:21 | Facebook censors iconic image of Vietnamese girl fleeing napalm attack (lien direct) | Norwegian newspaper editor Espen Egil Hansen has written an open letter to Facebook chief Mark Zuckerberg. The reason? Facebook removed a post published by the Norwegian newspaper Aftenposten which contained the Pulitzer Prize-winning photograph of a young girl running naked down a road after being burnt in a napalm attack during the Vietnam war. Listen, Mark, this is serious. First you create rules that don't distinguish between child pornography and famous war photographs. Then you practice these rules without allowing space for good judgement. Finally you even censor criticism against and a discussion about the decision – and you punish the person who dares to voice criticism. Facebook is too powerful, and its decisions often erratic and contradictory. There are plenty of ghastly and unpleasant things on Facebook that it could protect its users from, but to which it chooses to turn a blind eye. However, banning such a well-known and iconic image, a photograph that has gone down in history and helped hasten the end of the Vietnam War, seems absurd. | |||
|
2016-09-09 14:12:34 | (Déjà vu) Online DDoS service vDOS hacked, spills details of its customers and targets (lien direct) | Krebs on Security writes: vDOS - a "booter" service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline - has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets. The vDOS database, obtained by KrebsOnSecurity.com at the end of July 2016, points to two young men in Israel as the principal owners and masterminds of the attack service, with support services coming from several young hackers in the United States. If information about vDOS's customers falls into the hands of law enforcement that could prove to be a little... ummm... uncomfortable for those paying to knock innocent websites offline without the permission of their owners. Chances are that many of vDOS's customers may have imagine that their details would have been kept private, and that there would have been little risk of their identities being discovered. That belief was clearly misguided. Security blogger Brian Krebs has the full story, including how for years vDOS used PayPal to launder its ill-gotten gains (they're now accepting payments via Bitcoin). | |||
|
2016-09-09 13:03:03 | Unencrypted website? Expect to start being shamed by Google Chrome from January (lien direct) |  Too many websites are being lax with the security of your passwords and credit card information, and Google says enough is enough.
Read more in my article on the Hot for Security blog.
|
|||
|
2016-09-08 16:24:09 | Holy Mokes! OS X users warned of sophisticated backdoor malware (lien direct) |  Mac users are at risk of a version of the sophisticated Moke backdoor malware, already discovered for Windows and Linux, that can spy upon you.
David Bisson reports.
|
|||
|
2016-09-08 12:48:33 | WordPress bloggers \'strongly encouraged\' to immediately apply security update (lien direct) |  With the huge number of sites running WordPress, and the frequency with which attackers exploit vulnerabilities on the platform to launch malicious attacks, it makes sense for self-hosting bloggers to update their systems as soon as possible.
|
|||
|
2016-09-07 21:58:51 | Want the iPhone 7? Make sure you sell your old phone safely! (lien direct) |  Tempted to upgrade your old iPhone to a brand new iPhone 7?
David Bisson reports on what safety steps you should take before selling your old device.
|
|||
|
2016-09-07 21:26:35 | Dell has acquired RSA (lien direct) | Amit Yoran, president of security firm RSA, writes: Today is a new beginning for RSA as we are now a part of the collective team of Dell Technologies, the world's largest privately controlled tech company. No doubt, many of you are asking what the impact of this merger will be to RSA. I am happy to tell you that RSA's mission remains unchanged. And our commitment and passion to help our customers transform their security programs remain unchanged. RSA will continue to focus on delivering solutions that help enable our customers worldwide to create business-driven security strategies that connect business context with threat activities to more quickly and efficiently defend against cyber risk. There will be no changes to our product strategies, sales models, customer support interactions, processes, or resources that we are not driving. The acquisition comes as part of Dell's multi-billion dollar takeover of RSA's parent company EMC. RSA has published customer and partner FAQs. Yeah, yeah... RSA is a security company. That's why it offers its customers FAQs in the form of PDF files. | |||
|
2016-09-07 21:07:57 | Porn sites are giving up on Adobe Flash - and who can blame them? (lien direct) | Motherboard reports: On Tuesday, porn site Pornhub said it would be ditching all Flash content from its site, opting instead for HTML5, the most recent version of the web language that offers more support for multimedia content. Since hackers have had a number of successes at compromising porn sites, it's notable that one of the largest is taking this step, albeit when Flash is already on its last legs. "It was just a matter of time until we switched, as HTML5 is becoming the standard across platforms. Now makes the most sense as Google and Firefox are slowly pushing Flash support out of their browsers. Plus HTML5 has improved security, better power consumption and it's faster to load," Corey Price, vice president of Pornhub, told Motherboard in an email. “All adult sites should make the transition to HTML5. Flash is nearly dead,†he added. Ahh, la petite mort... It has been a long and lingering death, but when Adobe Flash is finally gone for good, please don't send any flowers. We're well rid of it. If you're bold enough to still be using the internet with Flash enabled please enable "Click to Play" at the very least. But if you want to enter the brave new world of a Flash-less world, here is our guide on how to uninstall it from your computers. | |||
|
2016-09-07 20:48:35 | How to turn the tables on fake CEO scammers (lien direct) |  A security consultant reveals how he was able to find out information about a scammer, attempting to trick a company into making an urgent wire transfer.
Find out how your company can better protect itself from similar business email compromise attacks.
|
|||
|
2016-09-06 22:16:23 | Stop calling it \'the cloud\', start selling t-shirts... (lien direct) | A couple of years ago, I said something to the press that became a minor meme. My suggestion was that people should "stop calling it 'the cloud'" and start referring to it as "somebody else's computer" instead. After all, as soon as you start using language like that, your brain makes an important shift when it comes to thinking about privacy and security considerations. Security Memetics refined things further, suggesting "There is no cloud, just other people's computers". Lo-and-behold today you can purchase any number of t-shirts and stickers bearing the message, many using an image designed by Chris Watterston. Don't believe me? Check out "The many faces of There is no cloud". I wish I had been so entrepreneurial. I haven't made a single cent out of it! | |||
|
2016-09-06 21:13:01 | Taking umbrage at Umbreon, the Linux rootkit that likes to hide (lien direct) |  A Pokémon-themed rootkit called Umbreon is targeting Linux systems.
David Bisson reports.
|
|||
|
2016-09-06 13:27:08 | Owen Smith forgets to wipe his whiteboard, and reveals his password (lien direct) |  Twitter snap reveals more than it planned of British politician's campaign secrets.
|
|||
|
2016-09-05 16:36:02 | Riseup, providing encrypted comms for over 15 years, could run out of money next month (lien direct) | Riseup.net, the non-profit collective which has been providing dissidents a way to encrypt their communications since 1999, without revealing your location or logging your IP address, is running out of money: The news is not good We hate to be bad news birds, but we need to tell you that Riseup will run out of money next month. We had a number of unexpected hardware failures, lower-than-expected regular donations, and a record year of new Riseup users which puts more financial pressure on us than ever before. We need your help to keep things going this year, so we are starting a campaign to ask Riseup users to give us just one dollar! Can you give us a dollar? There are a lot of easy ways to do it: https://riseup.net/donate It seems that Riseup.net saw a boom in new users in the wake of the Edward Snowden revelations, but has not managed to match that growth with sufficient regular donations. If Riseup.net shuts down, that also means the end for 150,000 email accounts and over 18,000 mailing lists that depend on the service for their privacy and security. It would be sad to see Riseup.net close its doors. I hope people who value online liberty will support this noble cause. (Yes, I already donated.) | |||
|
2016-09-05 16:00:09 | Exposed! Almost 800,000 Brazzers usernames and passwords revealed after forum hack (lien direct) |  Some 790,724 unique email addresses and the associated usernames and plaintext passwords used by members of the Brazzers message forum have been… umm.. exposed.
Read more in my article on the Hot for Security blog.
|
|||
|
2016-09-05 11:37:04 | Podcast with Ahmed Mansoor, the world\'s most spied-on man (lien direct) | If you're a user of Apple products you should know that critical updates have been pushed out for iOS and OS X in the last couple of weeks, addressing vulnerabilities that state-sponsored hackers have been using to spy upon people of interest. Malware exploiting the vulnerabilities could intercept every SMS message you receive, read your email, scoop up your contacts list, steal your passwords, spy upon your FaceTime calls, turn on your iPhone's video camera and microphone. Citizen Lab reported last month that the target of the attacks was award-winning human rights activist Ahmed Mansoor, the so-called "million dollar dissident". It was when Mansoor received two suspicious SMS messages last month he didn't click on the links - but instead forwarded them to security researchers for investigation. Sure enough, brand new sophisticated mobile spyware was lurking at the other end. And that's why Apple rolled out emergency security updates. Because it's not just Mansoor who is at risk from attacks exploiting vulnerabilities in OS X, Safari and iOS. Everyone who uses these products is put at risk while vulnerabilities like this exist. If you've ever wondered what it might be like to be the victim of state-sponsored espionage, if you care a jot about privacy and how encryption can save lives, you should check out Patrick Howell O'Neill's interview with Ahmed Mansoor on the Daily Dot's Layer 8 podcast. Recommended. | |||
|
2016-09-04 21:12:10 | It\'s 2016, and anti-virus products still goof up like this... (lien direct) |  Sophos false alarms on Winlogon.exe, causing chaos for some users.
|
|||
|
2016-09-04 15:02:12 | Phishing and data theft await users due to target="_blank" vulnerability (lien direct) |  Websites that sloppily implement the target="_blank" attribute on links are leaving visitors open to data theft and phishing attacks.
David Bisson reports.
|
|||
|
2016-09-02 08:19:26 | Mac users vulnerable to state-sponsored Trident attack, fixed in iOS last week. Patch now (lien direct) | Remember the critical security holes that Apple patched in iOS last week after a human rights activist had his iPhone targeted in a seemingly state-sponsored attack? Ahmed Mansoor received two suspicious SMS messages on his iPhone, directing him to websites containing a zero-day iOS exploit. Researchers connected the attack to Israeli-based firm NSO Group, and dubbed the vulnerabilities "Trident". Well, Apple has now quietly rolled-out a further security update revealing that the zero-day flaws are also present in Apple's OS X desktop operating system, as well as the desktop version of their OS X Safari browser. My advice to Apple users? Make sure that your Macs, MacBooks, iPhones and iPads are up-to-date. On OS X the easiest way to update your computer is to open the App Store app on your Mac, then click Updates in the toolbar. If updates are available, click the Update buttons to download and install them. On iOS go to Settings > General > Software Update. You may not be a human rights activist, but the fact that it took Apple *days* to issue a fix for OS X users after patching the same vulnerabilities in iOS has opened an opportunity for others to potentially exploit them against desktop users. In an ideal world, Apple would have patched its mobile and desktop operating systems at the same time. What we don't know is whether Apple didn't know the vulnerability was also present in OS X when it issued the iOS fixes, or whether it made the difficult decision to urgently update iOS even though its equivalent OS X fixes weren't yet ready. | |||
|
2016-09-01 16:49:48 | DressCode? More like code for an Android botnet... (lien direct) |  Google is working to remove malicious apps that enlist infected Android devices into a botnet from its Play Store.
David Bisson reports.
|
To see everything:
Our RSS (filtrered)
