Operating System Vulnerabilities, Exploits and Insecurity

iOS and OS X the most vulnerable operating systems? Don't confuse vulnerabilities with exploits, or patch frequency with insecurity.

FBI investigating apparent ISIS attacks on Western websites

A number of seemingly unconnected Western websites were hacked over the weekend, with messages claiming Islamic State as the perpetrator.

DDoS attack on feminist blog backfires on International Women's Day

An attempt to silence feminism blog Femsplain backfires on DDoS attackers, as they only help to raise its profile.

Europol shuts down Ramnit botnet used to steal bank details

The Ramnit botnet that is said to have affected 3.2 million computers has been shut down by European police.

Lenovo and Superfish? Don't panic, you may not be affected

Lenovo's installation of a security-breaking app called Superfish on some computers has customers justifiably angry, but some folks are now unnecessarily confused by false positive detection.

Facebook exploit allowed attackers to remotely delete photos

A Facebook hack that allowed attackers to remotely delete any photo they wanted to from the social network has been patched by the company.

Electronic health records and data abuse: it's about more than medical info

After the Anthem mega-breach, questions abound about possible abuses of medical data. Here is a breakdown that offers some context.

Facebook launches ThreatExchange for companies to share security threats

Facebook has officially launched ThreatExchange - a collaborative social network where companies can share information on cybersecurity threats, in an effort to neuter potential damage.

Security terms explained: What does Zero Day mean?

One of the terms I’m most often asked to explain is what a “zero day” vulnerability or exploit is; let’s look at what that phrase entails.

WhatsApp privacy is 'broken,' reveals proof-of-concept hack

WhatsApp's privacy settings are "broken" and can be bypassed by downloading a simple bit of software, claims the Dutch developer behind proof-of-concept tool WhatsSpy Public.

Facebook turns 11 - what you need to know, and what do your likes say about you?

Facebook updated its privacy settings at the end of January. As Facebook turns 11 today, here’s what you need to know about the new settings and how they could affect you.

White House seeks 10% increase in cybersecurity spend

President Obama's budget proposal for the 2016 fiscal year includes a projected 10 percent increase in cybersecurity spend, reports Reuters.

The New Hacker's List and an Old Debate: Would you Hire a Hacker?

The recent opening of the Hacker List portal brings to mind the age-old question: Would you hire a hacker?

Facebook porn scam infects 110k users in 48 hours

A new porn scam is spreading startlingly quickly through Facebook - one that has managed to spread malware to over 110,000 users in 48 hours, reports The Guardian.

Taylor Swift hacked, but denies naked pictures will be leaked

Singer Taylor Swift has had her Twitter and Instagram accounts hacked, but laughed off claims that the hackers will release nude photographs of her.

Android Wi-Fi Direct bug means hackers can reboot your device

A vulnerability in Android's Wi-Fi Direct functionality has been uncovered by security researchers.

Edward Snowden doesn't use an iPhone for privacy reasons

NSA whistleblower Edward Snowden has claimed he doesn't use an iPhone for fear of surveillance technology in the smartphone, reports The Independent.

Blackhat: Lessons from the Michael Mann, Chris Hemsworth movie?

Blackhat, the hacker movie directed by Michael Mann and starring Chris Hemsworth, could spread awareness of digital threats. If it is a learning opportunity, what are the lessons?

Facebook will highlight hoaxes in users' newsfeeds

Facebook has announced plans to crack down on spam and hoaxes in the newsfeed, with a note highlighting 'false information' when enough people flag the link as a hoax.

Cybercrime deterrence: 6 important steps

Cybercrime: there's too much of it, and we need to do more to deter it. With the President of the United States now making frequent references to "doing more about cybercrime" now is a good time to look at what steps must be taken.

Lizard Squad DDoS-for-hire service hacked - users' details revealed

Lizard Squad failed to encrypt its database of LizardStresser's registered users - storing details of their usernames and passwords in plaintext. A schoolboy error if ever I heard one.

Swiss bank data released by hackers

The Swiss state owned Banque Cantonale de Geneve has confirmed that hackers have released confidential customer correspondences after the bank refused to pay the ransom demanded by the attackers

Hacked routers used for paid DDoS attacks

The rent-a-DDoS service that knocked out Xbox Live and Playstation Network is powered by thousands of hacked residential internet routers.

British Prime Minister wants access to messaging apps

British Prime Minister David Cameron has stated his belief that encrypted messaging services must have backdoor access to government agencies

'Critical Security Updates' cancelled for 939 million Android users

Google has revealed that Android smartphones and tablets running versions of the software released before 4.3 (Jellybean) will no longer be given official updates to an important part of the software

Digital Invasion: 3 things we learned from CES 2015

Ever lost a kid somewhere? Not anymore if the gadget vendors have anything to say about it. Now you can digitally strap your kid to your tablet and keep track of them. Kids not running enough to stay trim? There’s an app for that that works the same way. Got high blood sugar? You can keep track of that too using the sensor-du-jour highlighted at CES 2015 in Las Vegas.

Facebook privacy - why statements about copyright don't do anything

Facebook users around the world have reported the return of the network’s longer-lasting hoaxes - a legal disclaimer which allows users to regain copyright over their images and other content. Here's why it doesn't work.

Phish Allergy – Recognizing Phishing Messages

While phishing-related malware is still mostly Windows targeting, attacks that rely purely on social engineering and fake web sites might be delivered by any platform, including smartphones and tablets. The more cautious you are, the better informed you are, and the more you think before you click, the more chance you have of leaving phishing craft stranded.

5 reasons not to "hack back"

Are hacking victims "hacking back"? That question was recently posed in headlines like this one from Bloomberg: FBI Investigating Whether Companies Are Engaged in Revenge Hacking. The Marketplace reporter, Ben Johnson, speculated that 2015 might be the year of "hacking back" when he asked me about revenge hacking.

CES 2015 in Las Vegas: first impressions, 5 hot topics

With nearly 160,000 lust-ridden techies, corporate denizens and a few of us security types descending on a slightly crisp wintery Las Vegas to see what all the fuss is about at CES 2015, here are a few things to keep an eye out for this year at the show.

Bitstamp hacked for $5 million in Bitcoin

19,000 Bitcoin - valued at around $275 each, so $5 million together - have been stolen from a majour European Bitcoin exchange, reports RT.

Unpatched security hole has left millions of Moonpig customers at risk for 17 months

Moonpig, the online personalised card company, has been accused of a shockingly sloppy attitude to security, after apparently leaving a serious hole in its security unpatched.

Hobbit-inspired sword can help you find unsecured WiFi hotspots

Like many others, I was enchanted by The Hobbit (and later Lord of the Rings) at a young age - long before Peter Jackson turned J R R Tolkien's middle-earth fantasy books into a series of blockbuster movies.

Biometrics - can your fingerprint be ‘copied’ from a normal photo?

Fingerprint biometrics are entering the mainstream as a security measure, with both Apple and Samsung relying on readers to secure their flagship phones - but biometrics may not be as secure as many believe.

North Korea falls off the internet - is the United States to blame?

Barack Obama promises that the United States will respond to the Sony hack, and North Korea drops off the internet. Is there a connection?

Madonna thinks her computer was hacked

Turns out that the Material Girl has had her material stolen, and she's blaming hackers!

Mobile security: flaw allows hackers to read texts and listen to calls

Hackers can eavesdrop on your phone calls and text messages even with cell networks using "the most advanced encryption available" according to The Washington Post.

ICANN computers compromised by hackers

The nonprofit organization that looks after name and internet domains has been hit by a spear phishing hack that has compromised company data, reports The Register.

TorrentLocker: Racketeering ransomware disassembled by ESET experts

Security experts at ESET have released their latest research into the notorious TorrentLocker malware, which has infected thousands of computer systems around the world, taking data hostage and demanding a ransom be paid to ensure its safe return.

Identity theft - six tips to help keep yours safe

Private data such as addresses and social security numbers can be just as valuable to cybercriminals as valid credit card details can be to thieves - if not more so. Lock yours down with our tips.

Cyber Monday - 12 tips to help you shop safely online

Technology might evolve, but cyber gangs rely on tried-and-tested tactics. With a bit of care and attention, it’s easy to sort the genuine bargains from the too-good-to-be-true fakes.

Can e-cigarettes give you malware?

The long-term health effects of electronic cigarettes - or E-cigarettes - are still open for discussion - but the devices could harm your computer, at least if one report is to be believed.

Privacy and security post-Snowden: Pew Research parallels ESET findings

Privacy and security online are hot button topics in America today, as a new survey by the Pew Research Center confirms, mirroring similar results from two different privacy and security surveys conducted by ESET.

IT Pros also guilty of risqué selfies on mobiles

ESET study reveals many IT professionals are guilty of storing indecent material on their mobile phones, which would leave them embarrassed if lost.

Apple Pay and security - what you need to know

Mobile payments look set to be one of the defining technologies of 2015, as the launch of Apple Pay catalyses a boom in cardless payments - both from Apple’s own system, and rivals playing catch-up.

Facebook welcomes private browsers with dedicated Tor link

Facebook has opened its doors to privacy concerned users, but opening up a dedicated Tor link, guaranteeing that people who visit the social networking site through anonymous browsers aren't mistaken for botnets, Gizmodo reports.

How to make sure Adobe Flash is up-to-date and enabling it on-demand

Learn how to update Adobe Flash Player, to help protect against malware attacks.

Botnet malware: What it is and how to fight it

Malware or malicious computer code has been around in some form or other for over 40 years, but the use of malware to take control of a group of computers that are then organized into something called a botnet is more a twenty-first century phenomenon.

Botnets: remote controls for cybercriminals

As promised in our post about the European Cyber Security Month during October, we are publishing about Botnets and Exploits this week. Even though we had the Poodle flaw in the web encryption standard a few days ago, we are using this week to explain what are botnets and exploits and how they work.

Privacy online - what you can do (and what you can’t)

Many of us have moments when we need, or want, to be more private online - when searching for a new job, for instance, or when having a private business conversation.

Facebook 'Safety Check' allows travelers to alert family

Facebook is introducing a new feature targeted at users it believes are in or near a disaster zone to let their loved ones know they are okay, according to The Independent.

October is the Cyber Security Month: stats, events and advice

Since October 2012, the European Cyber Security Month is going live as a pilot plan across Europe. Inspired by the concept of other similar projects that were successfully implemented around the globe. One of them is the Stop. Thinking. Connect campaign supported by the National Cyber Security Awareness Month in the United States.