It’s not a trend that gamers are especially ecstatic about, but in-app purchases (IAP) have become a major element of mobile gaming. It’s how many of the biggest games on the App Store stay afloat, but earlier this week, the developers at DigiDNA discovered a coding flaw that could allow hackers to steal thousands of dollars worth of IAP from popular games.
It's a question that occurs to many of us: if digital security is such a minefield, how do you keep your personal data safe?
One person who knows about the risks is Adam Langley. As a security engineer at Google, he makes key decisions about how your data is spread around the internet. He also has access to systems that would have hackers salivating.
So how does Adam make sure he's not taken for a ride? Not how you'd think. Speaking at a conference at CloudFlare headquarters in San Francisco, he outlined his strategy.
Do you have AirDrop enabled on your iPhone or Mac?
Maybe you'll think again after watching a video made by Australian security researcher Mark Dowd.
In a troubling new development, threat actors looking for different ways to break into and remain undetected on enterprise networks appear to have begun targeting routers connecting businesses to the Internet.
Once considered a largely theoretical risk, backdoored business routers could soon pose a big problem for enterprises, security vendor FireEye warned in a report released Tuesday.
The U.S. department charged with protecting government computers needs to secure its own information systems better, according to an audit released on Tuesday that showed lapses in internal systems used by the Secret Service and Immigration and Customs Enforcement.
The Department of Homeland Security also needs to establish a cyber training program for analysts and investigators, the audit said, with officials from several agencies blaming short-term budget allocations from Congress for their training cuts.
f you've got an Android 5.0 smartphone with anything but the very latest version of Lollipop on it, it's best to use a PIN or pattern to secure your lock-screen – because there's a trivial bypass for its password protection.
The vulnerability, published here by University of Texas researchers, allows miscreants to sidestep lock-screens on Android 5 devices, unless they've been fully patched to version 5.1.1 including last week's security updates.
GCHQ has declined to comment on a report in the Daily Telegraph this weekend, which claimed that UK cabinet ministers' emails had been hacked, but that – bafflingly – no breach had occurred.
Which is a bit like saying "nothing happened, but we're going to write a story anyway."
Tor -- The Onion Router -- is used as a way of browsing the web (more) anonymously. Most well-known for providing access to what has become known as the Dark Web, Tor has faced competition from other secure browsing systems such as HORNET. But now it is set to benefit from key changes that will improve security and have further implications.
Hack In The Box is set to host its first HITB GSEC security event in Singapore next month with a 3 day single track conference and an all women fireside chat session held alongside the main conference program.
Aimed at showcasing and highlighting next generation global security issues, keynote speakers for the event feature veterans of the security industry and leading security experts including:
Sounds like it's going to be a busy few days for R&D and PR departments at least two security companies.
This weekend, vulnerability researchers have separately disclosed flaws in products from Kaspersky and FireEye that could be exploited by malicious hackers.
First up was Tavis Ormandy. Ormandy, a security researcher at Google, has made a controversial name for himself over the years disclosing security vulnerabilities in products from other software vendors.
