Articles about Security

Snowden says GCHQ's Smurf programs can tap, hack, and control any smartphone

In an interview with BBC Panorama, Edward Snowden made further revelations about the capabilities of government agencies. Having blown the whistle on the NSA, Snowden has also shed light on the activities of the UK equivalent, GCHQ.

In tonight's interview, the former NSA contractor spoke of the agency's "Smurf Suite" -- a collection of tools that can be used to intercept and control smartphones, even if they're turned off. Named after the blue cartoon characters, the Smurf tools can be deployed via encrypted text message without alerting the handset owner.

Continue reading

WinRAR will not get 'useless' security patch to fix 'vulnerability'

Usually when a security firm finds a vulnerability in an app or a program, and notifies the developers, a patch is issued in a matter days, sometimes even hours.

Not when it comes to WinRAR. The guys over at RARLab have been reached out to by both Vulnerability Lab and Malwarebytes about a vulnerability which, they say, on a danger scale of 1 to 10 is a 9.2.

Continue reading

FireLayers and Check Point bring security to enterprise cloud apps

endpoint shield

As more employees use their personal devices for business, corporate data is increasingly put at risk from sophisticated malware.

To foil these attacks, real-time protection company FireLayers and security specialist Check Point Software Technologies today announced their joint Extend Perimeter Security solution, which spreads security to cloud applications and provides enterprises with protection from zero-day threats and malware distribution.

Continue reading

Monthly Android update guarantee is 'unrealistic'

The widespread Stagefright vulnerability has lead Google and Samsung to announce plans for monthly Android updates, which would minimize the time it usually takes to fix security bugs in their distributions. LG has quickly followed suit with a similar pledge of its own, but, when asked if it will do the same, HTC has basically said "no".

HTC is among the few Android vendors that deliver major software updates in a timely fashion, so this comes as a bit of a surprise. HTC America president Jason Mackenzie says that such a commitment is "not realistic", pointing at carrier approvals as the main reason why it is extremely difficult to guarantee a monthly release schedule.

Continue reading

How your company should respond to a security crisis

cyber crisis

Ideally, security breaches are prevented rather than responded to, but no company’s defences are completely impenetrable.

Therefore, it is up to businesses to ensure that they have a strategy for responding to security crises that prevents repeat attacks.

Continue reading

Shifu banking Trojan arrives in the UK

Trojan horse

IBM security researchers have identified a malicious banking Trojan "in the wild" in the UK.

The so-called "Shifu" malware strain had previously only been witnessed in the Japanese financial sector, but appears to now have international targets in its sights.

Continue reading

The most effective malware removal tools

Malware

The security industry tends to focus on prevention, but even on the best protected system there's always a chance of zero day infections slipping through the net. It's therefore important that products have an effective removal capability too.

The latest report from independent testing organization AV-Comparatives focuses on 16 of the leading security tools and how good they are at removing malware from infected systems.

Continue reading

AVG 2016 ships with new cloud detection system

AVG has announced updates for its consumer product range, including AVG Protection and AVG Performance.

All editions of AVG AntiVirus -- including AVG FREE -- use new cloud detection technology to spot malware outbreaks in real time.

Continue reading

Stagefright 2.0 vulnerability is here -- your Android device is probably at risk

Holy cow, Google, what the heck is going on here? Android should have been a Utopian-like Linux-based operating system that was secure and available to all. Unfortunately, the only things being made available to the masses are vulnerabilities. Quite frankly, the search giant is giving Linux a bad name.

When the Stagefright vulnerabilities were made public, it really underscored how broken the Android update problem is. Hell, people like me -- longtime Android users -- switched to iOS as a result. A lack of operating system updates from both manufacturers and cell providers means many users are forced to live with vulnerable devices -- not acceptable. Today, new vulnerabilities dubbed Stagefright 2.0 are revealed, and most Android devices -- since 1.0 of the operating system -- are now at risk.

Continue reading

Tens of thousands of medical devices are exposed to hackers

Thousands of critical medical systems such as MRI machines, completely out in the open and vulnerable to a hacker’s attack, have been exposed online, the media reported on Tuesday.

According to a report by The Register, more than 68,000 medical systems from a "very large" unnamed US organization have been exposed. That institution has some 12,000 staff and 3,000 physicians, it says in the report.

Continue reading

Suspicious Windows 7 Update has users worried Microsoft's servers may have been compromised [Update]

If you’re a Windows 7 user, you might want to check carefully which updates you install. Users on Windows forums, Reddit and Twitter are concerned about a new "important" update that looks more than a little suspicious.

The update appears to be a language pack, but the details that accompany it are far from the usual information you’d expect to see, leaving many to wonder if Microsoft's update servers could have been compromised.

Continue reading

OS X Gatekeeper rendered useless by new malware exploit

On the day that Apple releases El Capitan details of an exploit that makes it possible to bypass the Gatekeeper feature of OS X have emerged. Designed to combat various forms of malware, the security feature can be bypassed using a simple trick involving the use of a signed binary.

Even when Gatekeeper is configured to use its highest level of protection, the ease with which the fortifications can be slipped through is staggering. Using a file that has already been deemed trustworthy by Apple, it is possible to trick OS X into executing a malicious file stored in the same folder as the signed one. No patch is yet available, and it is believed the problem affects all versions of OS X.

Continue reading

How the mobile security landscape is changing [Q&A]

As our mobile phones become increasingly central to both our personal and working lives, securing them and the data they hold has become paramount. The nature of the mobile space means that threats are more dispersed and change fast, so traditional security solutions are struggling to cope.

How does this change in the security landscape affect businesses who may be faced with supporting a range of different devices and operating systems thanks to BYOD policies? We spoke to Gert-Jan Schenk, VP for EMEA at mobile security specialist Lookout, to get his view.

Continue reading

AdBlock Plus to introduce independent board to oversee Acceptable Ads program

Ad blocking has been in the news quite a lot recently, not least because of iOS 9's new support for advertising avoidance. Perhaps the most famous tool in the arena is Adblock Plus. It's something that many people have become reliant on for cleaning up their online experience but Eyeo -- the company behind AdBlock Plus -- has been keen to encourage people to permit the display of some advertising through its Acceptable Ads program.

That companies can pay to bypass Adblock Plus is nothing new, although Adblock Plus insists that most ads that are deemed 'acceptable' are added for free. Today Eyeo announces that it is going to hand over control of the Acceptable Ads program to a completely independent board.

Continue reading

If you're still using TrueCrypt, more security flaws mean it's time to move on

Data encryption

Security-minded computer users frequently turn to encryption to protect sensitive files. For those looking to go a step further, TrueCrypt offered full-disk encryption... at least it did until it was abandoned by its developers.

Since the software was dropped, researchers have discovered that it contains numerous security vulnerabilities, and two new flaws have been found that allow an attacker to gain elevated privileges. As part of Google's Project Zero, security researchers have been probing the encryption software -- which is still widely used -- for additional problems. The severity of the newly-discovered problems has led to renewed calls for remaining TrueCrypt users to seek an alternative.

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.