Children are “the enemy” of good IT security
“Children are a formidable adversary - unlike any other,” says Microsoft security researcher Stuart Schechter, in a paper to be presented at the SOUPS security conference next week.
Archives - July 2013
“Black swan” warning as cybercrime hits half of world stock exchanges
More than half of securities exchanges around the world faced cyber attacks last year, according to a paper released by the International Organization of Securities Commissions (IOSCO).
How to create strong passwords (without driving yourself mad)
There are a few tricks to making passwords that will at least slow down cybercriminals - buying you time to reset your accounts if a list of encrypted passwords leak in a data breach.
Tumblr warns users over iPhone app password danger
Micro-blogging site Tumblr has warned users that passwords can be “sniffed” from its iPhone and iPad apps - and issued a “very important” security update for both apps.
NIST cybersecurity framework rolls on amid murmurs of regulation
What needs to happen before the President of the United States can stand before the American people and assure them that a comprehensive and good faith effort has been made to stop cyber attacks disrupting the delivery of essential goods and services? The NIST workshops are seeking answers to that question.
Texas restaurant sues credit card giant after point‑of‑sale hack
A Texas restaurant chain is suing one of its suppliers over a point-of-sale system which allowed hackers to steal customer data - claiming that card-processing giant Micros Systems supplied units which failed to meet security guidelines.
Hacked signal‑boosters let cybercriminals “listen in” on cellphones
A $250 signal-boosting device for cellphone users can be hacked, two researchers claim - offering total access to phone calls, internet use and text messages on devices connected to the “femtocell”.
“Warning fatigue” means browser users ignore up to 70% of security alerts
Browser security warnings can work to protect users from phishing and malware sites - but “warning fatigue” means important alerts over site security can be conmpletely ignored.
Facial recognition system “reads” blood vessels for unbreakable security
A new biometrics system could “read” blood vessels under the skin using thermal imaging cameras - a system which its inventors claim would be “almost impossible to spoof.”
Cyber threats are now the third‑biggest worry for CEOs, Lloyds survey reveals
Cyber risk has shot up in importance for company CEOs and senior executives, according to an Ipsos survey for Lloyds Risk Index 2013.
Old‑school security? Kremlin orders $15,000‑worth of electric typewriters
A Kremlin security agency has ordered $15,000 of electric typewriters - sparking international gossip about a return to “old school” security measures.
Facebook Graph Search: How to keep your data private
Facebook’s Graph Search is quietly rolling out to U.S. users this week - a powerful new tool which can reveal information people might have forgotten they ever "shared". Our tips will help keep private information safe.
“Cyber‑mercenaries” pose serious new threat, British government warns
Governments around the world are recruiting “cyber-mercenaries” - groups of skilled cyber professionals who target institutions such as banks and energy companies, British politicians have warned.
“Bug bounties” are cheap way to keep companies secure, Berkeley study finds
“Bug bounties” paid out for finding and reporting bugs and vulnerabilities are a cheap and effective way for companies to bolster their security, an independent study by UC Berkeley researchers has found.
U.S. Government destroys $170,000 of PCS in malware scare – even mice and keyboards
A U.S. Government department threw away IT components including printers, computer mice and keyboards in an effort to root out a “sophisticated” and “persistent” malware threat - which did not exist.
The London Scam and the Londonderry Air
My colleagues at ESET Ireland, report that an all-too-familiar scam is currently hitting Irish mailboxes. I’ve talked about it at some length here previously – for instance here and here – but here’s a quick summary. Someone, apparently someone you know (a friend or a family member) contacts you to tell you that they’ve been
A cybersecurity framework to protect digital critical infrastructure
In the ongoing effort to protect cyber aspects of America's critical infrastructure, the third NIST Cybersecurity Framework workshop is being hosted July 10-12, 2013 by the University of California, San Diego, and the National Health Information Sharing and Analysis Center.
Darkleech and the Android Master Key: making a hash of it
I made a comment recently that was subsequently quoted in a recent ESET blog – Android “master key” leaves 900 million devices vulnerable, researchers claim – and it appears that comment may have confused one or two people. What I actually said was this: “Security based on application whitelisting relies on an accurate identification of
Cyber‑threat to London 2012 Olympic opening ceremony revealed
The threat of cyber attack loomed over the opening ceremony for the London Olympics last year, officials have revealed.
Nintendo site breached after month‑long brute force assault
A sustained brute force cyber attack battered Nintendo’s defences for a month this summer - and allowed cybercriminals access to private data such as names, addresses and phone numbers for up to 24,000 accounts.