Week in review: Rogue web browsers, the most vulnerable smartphones, and secure practices for online shopping
Posted on 28 November 2011.
Here's an overview of some of last week's most interesting news, podcasts and articles:


Secure practices for online shopping
These simple steps apply to everyone who connects to the Internet, whether from laptops, personal computers, mobile phones, or gaming consoles. Before you connect to the Internet, take a moment to evaluate that you're prepared to share information or engage in a larger community.

38,000 emails from U.S. special agent leaked by Anonymous
Law enforcement officers and white hats working for the government or for private companies contracted by the government are among the favorite targets of hacking collective Anonymous, and the latest one to be targeted was Fred Baclagan, a Special Agent Supervisor of the CA Department of Justice in charge of computer crime investigations.

The most vulnerable smartphones
The devices on the list pose the most serious security and privacy risk to consumers and corporations.

Alleged leaker Bradley Manning finally scheduled for court
After being held in custody for over 17 months, former Army intelligence analyst Bradley Manning will finally see the inside of a court as his Article 32 pretrial hearing is scheduled for December 16 at Fort Meade, Maryland.

Does risk outweigh the benefits from the cloud?
Cloud computing provides organizations with an alternative way of obtaining IT services and offers many benefits including increased flexibility as well as cost reduction. However many organizations are reluctant to adopt the cloud because of concerns over information security and a loss of control over the way IT service is delivered.

Android officially the primary target for new mobile malware
The amount of malware targeted at Android devices jumped nearly 37 percent since last quarter, and puts 2011 on track to be the busiest in mobile and general malware history.

Yet another Trojan based on Spitmo source code surfaces
Even though nearly all new mobile malware in Q3 was aimed at Android phones, users with mobile devices running other mobile platforms are far from safe.

Is the Firefox 10 silent update feature a good thing?
While many IT security systems will have to be reconfigured to allow background updates to Firefox – which is not a good thing in the first place – there is danger that hackers could subvert the update system to allow them backdoor access to the users’ computer.

Fake e-ticket confirmation spam campaign
As the holiday season approaches, a lot of people are bound to travel in order to visit their loved ones, so fake e-ticket confirmation spam campaigns are to be expected.

OpenPGP implementation for webmail encryption
The idea of being able to encrypt and decrypt their email correspondence might appeal to a lot of users, but not all of them are technically savvy enough to implement solutions such as PGP (Pretty Good Privacy) on their computers. But, researchers from security firm Recurity Labs might have come up with a rather helpful (if still not a completely foolproof) solution to that problem.

Information security or IT security?
One would think that these two terms are synonyms – after all, isn’t information security all about computers? Not really. The basic point is this – you might have perfect IT security measures, but only one malicious act done by, for instance, administrator can bring the whole IT system down. This risk has nothing to do with computers, it has to do with people, processes, supervision, etc.

ID theft prevention tips
With the rise in online shopping and mobile shopping it's more important than ever for consumers to take precautions against identity theft this holiday season. PrivacyGuard released a list of tips aimed at helping holiday shoppers to protect their identity, and avoid risky behaviors that could lead to ID theft.

Can rogue web browsers make a comeback?
In this podcast recorded at Virus Bulletin 2011, GFI's Christopher Boyd talks about how rogue web browsers changed through the years, the dangers lurking behind them and the likelihood of them making a comeback - this time on mobile platforms.

Hungarian hacks into Marriot, tries to land job through blackmail
A Hungarian national who thought that he could blackmail Marriott International into giving him a job by stealing the company's internal documents and threatening to publish them has pleaded guilty to the charges laid against him in a District of Maryland court.

ISPs can't be forced to filter file-sharing traffic, says EU court
European ISPs will not be required to filter electronic communications which use file-sharing software in order to prevent file sharing which infringes copyright, the European Court of Justice decided on Thursday.

Bosnian hacker collected, distributed massive amounts of illegal porn
A Bosnian national, identified only by the initials E.S., has been arrested by agents of the Bosnian Federal Police's cybercrime unit following the discovery of a massive amount of pornographic images and videos of children on his computer.

40% of orgs doubt effectiveness of disposal procedures of old PCs
Corporate devices have varied levels of confidential data and company specific settings stored on them and access credentials all of which are recoverable. In the wrong hands it could be possible to not only gain access to the networks through recovered group admin credentials but also to compromise data which could constitute a serious data privacy breach.

New UK Cyber Security Strategy revealed
The UK Government's Cabinet Office has published on Friday a new Cyber Security Strategy whose aim is, among other things, to make the UK one of the most secure places in the world to do business in cyberspace and to make it more resilient to cyber attack.







Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //