How to find out if GCHQ and the NSA spied on you, and how to complain
Privacy International has created a platform through which individuals and organizations can file complaints with GCHQ about surveillance of phone calls and internet usage. The charity has long concerned itself with government surveillance, particularly the sharing of data between the NSA and GCHQ.
The legality of mass surveillance has been questioned by many, and it has already been determined that human rights organization Amnesty International was illegally spied on. Edward Snowden's NSA revelations have led to a huge increase in awareness of privacy issues, and now Privacy International is making it easier to find out if you were spied on, and to lodge an official complaint.
New solution improves access control for hybrid clouds
The growth of cloud and hybrid environments brings challenges for security professionals when it comes to control, monitoring, and management of access to critical systems by privileged users and third-party vendors.
A new solution from secure access specialist Bomgar allows companies to quickly enable controlled system access and defend against cyber attacks without requiring complex process changes.
The state of Android security [Q&A]
In recent times Android has come under increasing threat from malware which has led to more people looking to install security software on their phones and tablets.
Mobile security specialist 360 Security recently announced that it had gained 11 places on the Android download charts in August, indicating a renewed interest in protecting devices.
Tor gains extra security as .onion becomes Special-Use Domain Name
Tor -- The Onion Router -- is used as a way of browsing the web (more) anonymously. Most well-known for providing access to what has become known as the Dark Web, Tor has faced competition from other secure browsing systems such as HORNET. But now it is set to benefit from key changes that will improve security and have further implications.
Engineering Task Force (IETF) along with Internet Assigned Numbers Authority, part of ICANN, has granted formal recognition to the .onion domain, adding it to the list of Special-Use Domain Names. Previously known as a psdeuo-TLD it was technically possible for the .onion domain to be used on the regular web -- now it is limited to Tor. There is also the possibility of site-specific encryption and the use of security certificates.
Millions of Ashley Madison passwords cracked
The fallout from the Ashley Madison hack continues. After the passwords of millions of users were stolen in a huge security breach, the encrypted database has now been cracked. A cracking group called CynoSure Prime eschewed a time-consuming brute force approach to breaking into the database, and instead exploited information revealed by a change the infidelity site made to the way it stored data.
This change effectively rendered pointless the bcrypt encryption that had been used to protect data. It was possible to dramatically speed up the cracking process so data was accessible in a matter of days rather than years. So should users of Ashley Madison be worried?
Health insurer discovers hack half a year too late
A health insurer in upstate New York was hacked, and more than 10 million of its members might have had their data stolen, Reuters reported on Thursday.
The Rochester-based insurer Excellus BlueCross BlueShield said it and its affiliates had been the target of a sophisticated cyberattack. It is offering free identity theft protection services to the affected.
Android/Lockerpin.A ransomware holds victims hostage by changing their PIN
The latest ransomware to hit Android users attempts to force victims into coughing up $500 by changing the PIN used to lock the device. Disguising itself as a system patch and then a message from the FBI suggesting that 'forbidden pornographic sites' have been viewed, the Android/Lockerpin.A malware differs from previous examples of ransomware that encrypted data.
The malware is impossible to remove without root access or by performing a factory reset. An interesting feature of the PIN change is that even the attacker is unware of what the new code is -- handing over money really makes no difference. But also worthy of note is the way in which Android/Lockerpin.A manages to gain Device Admin privileges.
Intel wants you to forget what it's like to use a password
Intel wants you to buy new PCs and laptops based on its latest, 6th generation Core processors. They were released last week, and power some of the latest Windows 10 devices.
Intel’s selling point? With the new processors, you can forget about passwords and use facial recognition software and other methods for logging in because hey, no one likes passwords any more.
Microsoft forcibly downloads Windows 10 whether you want it or not
Microsoft has started to download Windows 10 to the computers of Windows 7 and Windows 8.1 users regardless of whether they reserved a copy of the operating system upgrade. Eagle-eyed Windows users have noticed the sudden appearance of a folder called $Windows.~BT, occupying up to 6GB of space.
For anyone who reserved Windows 10, this would make sense, as this is the folder used as a temporary storage location during installation. But it seems Microsoft is trying to foist the operating system on everyone, regardless of whether they have expressed interest in it. On one hand it's a pre-emptive move that could be seen as speeding things up for someone if they should later decide to upgrade, but on the other it is slightly more sinister.
Dating sites continue to allow simple passwords, endangering users' private data
Apple and Microsoft are winning the PR game against the US government
Microsoft and Apple are battling the US government over the right to keep their users’ data safe, and according to a report by The New York Times, the American tech companies are winning.
At least they’re winning in the public relations game, as the general notion today is that those companies are doing everything they can to protect their users’ privacy.
Corporate virtual drives targeted by ransomware attacks
Recent discoveries like Adult Player have brought ransomware back into the news, but it's not just individuals that are being targeted.
Data recovery specialist Kroll Ontrack says it's seeing a rise in ransomware attacks aimed at corporate virtual drives. Recently Bitcoin payment was demanded in exchange for stolen data with the threat of the user's information being auctioned off.
Context-aware security keeps businesses safe and employees productive
Common access management processes limit employee productivity and often force employees to find workarounds that expose organizations to greater risk. In fact, 91 percent of business respondents report that their productivity is negatively impacted by security measures their employer has put in place.
This is among the findings of a new survey by Dell which shows that if a context-aware security approach were in place 97 percent of IT professionals say they would see the benefits, including improved worker productivity without compromised security.
Avant browser tops the vulnerability charts in the May-July quarter
According to the latest quarterly update from vulnerability management company Secunia, the product with the most vulnerabilities over the three months from May to July was the Avant browser and, once again, IBM is the vendor with the largest number of vulnerable products.
Avant clocked 206 vulnerabilities over the period, and this is partly because it uses both the Chrome and Firefox engines making it open to the vulnerabilities in both. Also Avant's July 2015 update was the first major version since March and will therefore include many of the Firefox and Chrome vulnerabilities uncovered in the meantime.
WhatsApp Web app vCard vulnerability leaves 200 million users at risk
A security researcher at Check Point has discovered a vulnerability in the WhatsApp Web app. The app -- which allows for WhatsApp messages sent to a phone to be viewed on a desktop computer, as well as syncing data -- can be exploited if a malicious user sends a specially-crafted vCard contact to someone.
A problem with WhatsApp's filtering of the contact card means that it could be used to "trick victims into executing arbitrary code on their machines in a new and sophisticated way". What's particularly worrying about this vulnerability is the fact that all an attacker needs is the phone number associated with a WhatsApp account. With an estimated 200 million WhatsApp Web users, there are a lot of potential victims.
© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.