Infosecurity News
Dropbox adds two-step authentication
File-sharing has long had a reputation for being a veritable petri dish for viruses and/or credential or identity theft, but web-storage and sharing provider Dropbox is now offering two-factor authentication to thwart would-be hackers.
Swiss Army knife USBs slash security features
Victorinox, maker of the Swiss Army knife, has abruptly discontinued its security offering for the Swiss Army-branded line of portable USB memory sticks.
Is use of the Find My iPad app actually trespassing?
In what many would consider a bizarre case in Australia, an accused man says the evidence against him was obtained illegally when an iPad owner electronically tracked a stolen iPad via GPS to his property.
California’s Location Privacy Bill passes Assembly
Senator Mark Leno’s SB 1434, the Location Privacy Bill, has been passed by the California Assembly with a bipartisan vote of 63-11. Having now passed both chambers of the state legislature, the bill is headed towards Governor Jerry Brown.
Google’s new cloud Wallet – is it secure?
Earlier this month Google made some fundamental changes to the way in which Google Wallet operates. The main difference is that the ‘active’ part of payment has been shifted from the handheld device to Google’s servers; that is, the cloud.
90% leading paid mobile apps have been hacked
Arxan’s new study shows that more than 90% of top paid mobile apps have been hacked. App developers need to take note of this, and defend their own market.
DDoS and the collateral damage of hacktivism
Hacktivism cuts both ways. The biter gets bit, and a war evolves. Where there is war, there are weapons. And where there are weapons, there is collateral damage. There is a hacktivist war around Julian Assange, between his detractors and his defenders – and there is collateral damage.
ESET analysis links the Quervar virus to the Induc virus
A detailed analysis of the Quervar.C virus, currently running amok in The Netherlands, shows similarities beyond the likelihood of coincidence with the pre-existing Induc.C virus.
Tesco to be investigated by the ICO
Tesco’s online security practices have been much questioned and criticized by security commentators over recent weeks. Now it appears that the Information Commissioners office is listening and acting, with reports that it will investigate.
Apple mania used to deliver Flash exploit
Apple fans’ desire for information on the next iPhone is being used as the lure for a new round of email attacks. The emails carry an Adobe Flash exploit.
r00tbeer strikes again - twice
Following yesterday’s news of hacks against AMD and TBN, hacking group r00tbeer security has struck again, twice – this time against Dutch electronics giant Philips and the UK’s Student Room.
Getting hacked is just routine maintenenance, says AMD
“Due to routine maintenance, AMD's web ite is temporarily unavailable. We apologize for the inconvenience. This area will be back online as soon as possible.” That’s the notice on AMD’s blog following a hack and data release by the hacking team known as r00tbeer security.
Use iMessage rather than SMS, says Apple
Apple was responding to French iOS hacker pod2g’s announcement that he “found a flaw in iOS that [he considers] to be severe”, and that he is “pretty confident that other security researchers already know about this hole, and I fear some pirates as well.”
NCC Group buys Intrepidus for £7.1 million
Manchester, UK based NCC Group has acquired US-based mobile security testing specialist Intrepidus for £7.1m. It is NCC’s ninth acquisition in the network testing and software security space and the third in North America.
Judge rules that the Video Privacy Protection Act (VPPA) applies to online video
Hulu, an online video content provider, had attempted to get a class action against its practice of passing users’ viewing habits to a marketing company dismissed. In June, a California judge tossed six of the seven claims, but deferred ruling on the seventh.
Cyber Security Challenge UK launches new summer Cyber Camp
The task faced by Cyber Security Challenge UK is to fill the skills gap – there are simply not enough security specialists coming through the system. The organization’s latest innovation is a new 5-day summer camp to be held at Lancaster university next month.
Disttrack/Shamoon: a new targeted and destructive virus
Anti-virus companies and researchers are warning about a new targeted and destructive virus variously known as Shamoon and Disttrack. It seems to be targeted at the oil industry – and it wipes PCs.
Bugs beware: Google to offer researchers bonuses on top of bounties
Google has announced plans to hand out bonuses, in addition to its existing bug bounties, to researchers who report particularly troublesome flaws in its Chrome browser.
Atlanta police provides personal information to insurance scammers
At least three dozen members of the Atlanta police force provided personal information to scammers who posed as agents selling insurance benefits.
NASA not ready for APTs, warns audit
NASA’s inspector general (IG) is criticizing the space agency for not being ready to combat advanced persistent threats (APTs).