Articles about Security

VirusTotal Uploader 3 now available

PhrozenSoft’s VirusTotal Uploader has been updated to version 3.0, and there’s plenty of useful new functionality to explore.

You no longer have to launch the program as an administrator, for instance. You’ll still be able to upload most files to VirusTotal, get a verdict on whether they’re malware, and if you do run into any limitations then the program can be elevated at any time.

Continue reading

The numbers increase: 38 million user accounts affected by Adobe hack

Back at the start of the month, Adobe reported that the company’s network had suffered a breach and that as a result the accounts of 2.9 million customers had been compromised. Sounds bad? It's worse than first thought. And not just a bit worse; much, much worse. Upon further analysis of the figures Brian Krebs of KrebsOnSecurity puts the numbers at 38 million user accounts.

We reported the security breach at the time, and it is amazing to discover that the figure of 2.9 million affected users is in fact more than ten times as high. So how could the figures have been misread to such an extent? Apparently, many of the directories of data were password protected, making it difficult to give precise numbers at the time.

Continue reading

Microsoft security report warns of risks from unsupported operating systems

Microsoft has released its latest Security Intelligence Report detailing the threat intelligence gathered from more than a billion systems worldwide.

With Windows XP support due to end in April 2014 the report takes a close look at the risks posed to consumers and businesses of using unsupported operating systems. According to StatCounter, XP and older systems still account for around 21 percent of those in use.

Continue reading

Sophos launches cloud-managed security for business

cloud security

Organizations face a constant challenge to balance keeping their systems secure against the time taken to maintain that protection. Security specialist Sophos has announced an answer to this problem in the form of a product that can be managed from the cloud, providing a simplified approach combined with protection from the latest threats.

Sophos Cloud provides endpoint protection for all sizes of enterprise but because it's cloud-managed it can protect users regardless of physical location. This makes it attractive for companies that have multiple sites or a home-based workforce.

Continue reading

Internet Explorer vastly superior at defeating social engineering attacks

Security research firms frequently test browsers to see how good they are at protecting users from malware and phishing attacks. The results show you how secure (or otherwise) the latest versions are, but don't give you any real indication of how well they might perform in the future.

Identifying trends in performance is important, particularly for companies thinking of switching browsers, so NSS Labs evaluated the security of Internet Explorer, Chrome, Firefox and Safari by aggregating results from phishing and socially engineered malware (SEM) attack tests conducted between 2009 and 2013.

Continue reading

AI firm Vicarious cracks CAPTCHA codes

CAPTCHA are a thorn in the side of web users. Those almost indecipherable string of letters and numbers that are meant to help websites determine that you are a human rather than a spambot often cause more frustration for users than anything else, and they have now been cracked.

Vicarious, a California-based AI team, reveals that it has been able to develop algorithms that can successfully solve CAPTCHAs from the likes of Google, Yahoo and PayPal.

Continue reading

[Update -- fixed!] Social sharing service Buffer is hacked -- temporarily takes itself offline

Social sharing service Buffer is hacked

The latest web service to fall victim to a hack attack is Buffer, the social sharing tool that can be used to schedule posts to multiple social networks. Although it looks as though customers' passwords and billing details are safe, the problem was noticed late Saturday morning when spam type posts started to appear on users' Facebook and Twitter accounts. The Buffer team has been quick to take action and notified users via Facebook.

Buffer co-founder Leo Widrich posted saying "hey everyone! We greatly apologize for this big mess we've created. Buffer has been hacked." Shortly after this Facebook postings were disabled in a bid to stop the spread of spam and Buffer assured users that "We're continuing to work on this and trying to investigate and fix".

Continue reading

Card fraud in the US: How EMV technology will change everything

In recent months, the US has been at the root of the global EMV discussion (the name EMV comes from Europay, MasterCard and Visa). With adoption of the new standard slow-going, the US is one of the last major economies to make the transition. As a result, it has found itself on the receiving end of fraud migrating from mature EMV markets, exposing itself as a point of weakness for fraudsters.

In 2012, 20 US states reported an increase in ATM fraud via skimmed cards according to analytics vendor Fico. Meanwhile, EMV in the UK has seen overall card fraud decrease from $275 million in 2009 to just $68 million in 2012, according to Financial Fraud Action UK. Despite this, the UK is still plagued by skimmers, with attempts to steal card holder data from ATMs almost tripling, from 2,553 to 7,525 incidents over the past year. Fraudsters can use data from the mag-stripe, which remains on Chip-enabled cards, to then clone cards and use them where mag-stripe payments are still accepted. Therefore, as long as regions such the US continue to accept mag-stripe cards to withdraw cash, there will remain a global issue of fraud migration.

Continue reading

Most people still not doing enough to safeguard their personal data

I know a couple of people who have been victims of identity theft, and while they didn’t lose anything financially, there was a lot of work required afterwards to clear up the mess and put safeguards in place to ensure it didn’t happen again. What was amazing to me was that the thieves were able to do things like open store cards with information that was not only false, but incorrect (an entirely fictitious date of birth, for example).

A new infographic from Experian looks at the dangers of identity theft both on and offline, and provides statistics that show while most of us are aware of the risks, few of us actually do enough to properly safeguard our personal information. The findings probably won’t surprise you.

Continue reading

The real cost of ransomware

ransom note

Ransomware, software that locks you out of your PC and asks for a fee in order to release it, has been around for quite a while. The first examples date back to the late 1980s but in its most recent form it started to gain popularity with malware writers in 2006, starting in western Europe and rapidly spreading to the rest of the world.

Finnish security specialist F-Secure has been working with the police on a joint investigation and reckons that just one case could be responsible for up to $800 million of damage and losses.

Continue reading

Malwarebytes Anti-Malware makes its Android debut

Malwarebytes products have been protecting PCs since 2008, but the company has now decided to broaden its horizons with the release of an Android app.

Malwarebytes Anti-Malware Mobile still has plenty in common with its PC cousin, of course. The app is effective, free, and very easy to use: just launch it, click Scan and watch as your apps are checked for malicious code (we found this generally takes less than two minutes).

Continue reading

Google Ideas announces tools to combat online censorship #FreedomOfSpeech

Access to the internet and the ease of communication it affords us is something we now take for granted. In a sense this is how it should be -- access to the internet really should be seen as a right. But in all too many countries around the world, citizens find that government and dictatorships block or restrict access to the internet, or close down sites that speak out against regimes. This is something Google is keen to be involved in stopping, and this week launched a series of tools to help in the fight.

It's an idea which echoes of the Alliance for Affordable Internet campaign to make internet access cheaper, and Internet.org's dream of connecting the world, but there is a rather more political edge to it.

Continue reading

10 reasons why you should consider Windows Phone

With Android handsets and iPhones taking the lion's share of the smartphone market, Windows Phone is quite often overlooked by most consumers in their purchasing decisions. The popularity, or lack thereof, of devices running Microsoft's mobile OS likely plays an important part but it also detracts folks from getting the smartphone that may be right for them. Ask yourselves how many of your acquaintances have been in this position.

Many do not even take Windows Phone into consideration and the ones that do easily find a couple of reasons to dismiss the platform and jump on the Android or iPhone bandwagon. Yes, Windows Phone may not be the right answer for everyone but it might be for more people than naysayers think. And I have got 10 good reasons why consumers should give Windows Phone a chance.

Continue reading

New Android Trojan making the Asian rounds

Mobile malware tends to make news on a regular basis, most notably targeting Android. As Microsoft has learned with Windows, being the market share leader also means presenting the biggest target.

Russian virus researchers at Dr. Web are releasing new research around the latest volley from cyber-criminals, this one being dubbed "Android.Spy.40.origin". The Trojan is currently only prevalent in the southeast Asian geographic area, specifically in South Korea, where it's spread by means of unwanted SMS messages containing a link to an APK file.

Continue reading

Crossing the hacktivism line

Recently, I was a guest on the CNBC program, Squawk on the Street. The discussion centered on the possible outcome of a limited strike by the US on Syria, and I had the opportunity to provide my opinion on the retaliatory cyber implications for US interests. During the program, I disagreed strongly with the position taken by McAfee Worldwide CTO, Mike Fey: that the Syrian Electronic Army is no more than a hacktivist group. In my opinion, this is a dangerous assertion based on industry group-think and marketing rhetoric.

Two books that I have co-authored have examined attack sophistication in terms of categorizing a threat actor. Ultimately, I am not concerned with which organization or entity carries out an attack. I am, however, concerned with identifying and stopping malicious activity. For example, were a nation-state to engage in industrial espionage against a defense industrial-based contracting firm or critical infrastructure, such as a power grid, this typically would be classified as advanced persistent threat (APT).

Continue reading

© 1998-2026 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.