Security

'Tis the season of cybersecurity threat predictions for 2017. Vendors' glossy reports shower onto the desks of customers and journalists like gentle Christmas snow. But so many of these reports, like so many snowfalls, are nothing but slush.

All year we've been hearing about the spreading plague of ransomware, and how the Internet of Things (IoT) will be a security nightmare. Remember the botnet made of video cameras? Vendors have been waving around phrases like "artificial intelligence" and "machine learning" and "threat intelligence sharing" like magic wands.

AirDroid is one of the treasures of the Android world, a product of the platform’s more open nature. In a nutshell, it allowed Android users to control their devices from a web browser, to send or read messages, manage files, or even mirror the device’s screen. That power, however, has apparently come at a price.

North Korea's government sanctioned Red Star operating system (OS) contains a vulnerability that can allow attackers to hack into it remotely, according to security experts. The reclusive nation's secretive Linux-based OS was leaked to the world in 2015 and ever since, several critical vulnerabilities have been brought to light.

Following a few glasses of wine, John’s inhibitions had dropped when he went online to talk to a woman he had met through an internet dating site. Although they hadn’t met in person, they had been exchanging messages for about a week and a half.

Because of the familiarity built up through previous messages, and the effects of the alcohol, when she suggested that she would remove some of her clothes if he did the same, he agreed. Straight away he realised he had been scammed.

In terms of delivering public cloud services, an Azure customer recently taught Microsoft a lesson in running a tight ship.

Ian Duffy, a software engineer at online retailer Zalando, had set out to create a secure, custom Red Hat Enterprise Linux (RHEL) machine image to be deployed on both Amazon Web Services (AWS) and Microsoft Azure. During the process, he discovered a vulnerability that could have provided an attacker root access to virtual machines.

Online criminals—at least some of them wielding the notorious Mirai malware that transforms Internet-of-things devices into powerful denial-of-service cannons—have begun exploiting a critical flaw that may be present in millions of home routers.

Hackers have broken into a high-end European bank and are blackmailing its customers.

Customers of Valartis, a Chinese-owned Liechenstein bank, are being told by unknown blackmailers they must pay 10% of their life savings or face having account details sent to finance authorities and the media, German-language newspaper Bild reports.

A big rise in drone use is likely to lead to a new wave of "dronejackings" by cybercriminals, security experts warned Tuesday.

A report by Intel's McAfee Labs said hackers are expected to start targeting drones used for deliveries, law enforcement or camera crews, in addition to hobbyists.

Many Skype users have recently reported seeing spam messages with links to Baidu or LinkedIn recently, and it appears the issue isn't a small one. As reported by The Verge, hackers have managed to breach Skype accounts to send spam even when the accounts have been "secured" with Microsoft's two-factor authentication.

Microsoft confirmed the problem in a statement to The Verge, noting that Skype itself was not breached, but hackers obtained account credentials by other means:

Microsoft's claim that Windows 10 made obsolete an important enterprise anti-exploit tool was inaccurate, said a security analyst at the center that coordinates with the United States' cyber-alert organization.