Skip to main content

Security

Europol warns users of WiFi hotspot security risks

posted onMarch 10, 2014
by l33tdawg

Europol, the law enforcement agency for the European Union, is warning that people should exercise extreme caution when using WiFi hotspots when out and about. Citing an increase in the number of "man-in-the-middle" attacks on such connections, the head of Europol's cybercrime division, Troels Oerting, said that public WiFi connections are being used to "steal information, identity or passwords and money from the users who use [them]". The advice is to not necessarily stop using public networks, but to avoid using them for anything that involves transmitting personal data.

Target overhauls security and compliance group, CIO resigns

posted onMarch 6, 2014
by l33tdawg

Target CIO Beth Jacob has apparently fallen on her sword in the wake of the massive security breach in mid-December that compromised 40 million debit and credit cards and swept national headlines. Her resignation was rendered this week effective immediately.

"If you look at the history of other large data breaches, turnover at the top of the IT shop is not unusual," says retail IT consultant Cathy Hotka.

Tool uses anomaly detection to discern real Android apps from root exploit malware

posted onMarch 6, 2014
by l33tdawg

Researchers from North Carolina State University (NCSU) have refined a technique – known as anomaly detection – and created a tool that applies it to Android applications, ultimately allowing them to detect and contain apps that are actually root exploit malware.

On Tuesday, Xiaohui Gu, Tsung-Hsuan Ho, Daniel Dean, and William Enck released their findings in a report titled, “PREC: Practical Root Exploit Containment for Android Devices.” They also presented their research at the ACM Conference on Data and Application Security and Privacy in Texas.

FreedomPop announces The Privacy Phone, a modified Galaxy S2 with built-in encryption

posted onMarch 6, 2014
by l33tdawg

At first it was apps like Wickr and Silent Circle designed to keep users’ communications safe but now we’re seeing more solutions baked right into handsets. Blackphone is perhaps the most popular example but low-cost mobile provider FreedomPop is now getting in on the action with a modified Samsung smartphone known as The Privacy Phone.

GnuTLS Bug Leaves Linux Users Vulnerable To Hacks

posted onMarch 6, 2014
by l33tdawg

A variety of Linux distributions are vulnerable to hacks because of a bug that allows people to bypass security protocols to intercept and disseminate encrypted information. A member of the Red Hat security team discovered a bug in the GnuTLS library that allows hackers to easily circumvent the Transport Layer Security (TLS) and secure sockets layer (SSL).

US gov claims it spent TOO MUCH on wiretaps and blames SPRINT

posted onMarch 4, 2014
by l33tdawg

The Barack Obama administration has filed a civil lawsuit against US wireless operator Sprint, alleging that the carrier intentionally overcharged law enforcement agencies for services related to American government wiretapping programs.

Under current US law, telecommunications carriers are required to assist law enforcement with legally authorized surveillance operations. But they can also ask the government to pick up their costs associated with those operations, so long as they follow billing rules set by the Federal Communications Commission.

Israeli spies banned from biometric ID cards, passports

posted onMarch 4, 2014
by l33tdawg

Israel's main security and intelligence agencies have banned their employees from taking part in a new country-wide biometric identity card trial, along with officers in sensitive units of the country's armed forces.

The Mossad and Shin Bet agencies both opposed establishing the database in 2010, fearing it would lead to dangerous leaks of identities, causing long lasting damage to both intelligence agencies, according to news outlet Haaretz.

Secure Android smartphone could be targeted by hackers and NSA

posted onMarch 4, 2014
by l33tdawg

The new "Blackphone" smartphone may have only debuted at last week's Mobile World Congress but concerns are already being raised that it will be targeted by hackers and the NSA.

Spanish start-up Geeksphone, Silent Circle and Pretty Good Privacy announced the Blackphone at the technology exhibition in Barcelona last week, with STMicro later demonstrating its own security-focused smartphone, the Boeing Black.

Meetup.com offline as it refuses to pay US$300 ransom to hackers

posted onMarch 4, 2014
by l33tdawg

Social networking website Meetup.com is fighting a sustained battle against cyber attackers who are demanding only US$300 to call off a campaign that has kept the site offline for much of the past four days.

The site, which enables strangers to meet for activities of shared interest such as sports and other hobbies, could not be accessed early Monday afternoon.