Security

Security
April 2, 2012
by

Hackers steal 1.5 million card numbers in huge MasterCard, Visa breach

By on April 2, 2012 at 8:30 AM.

Hackers steal 1.5 million card numbers in huge MasterCard, Visa breach

Hackers stole credit card numbers belonging to as many as 1.5 million MasterCard and Visa customers, Global Payments, Inc. confirmed on Sunday. The international credit card processor was blocked by Visa after it reported the possibility of a major security breach on Friday. The company did not indicate how the hackers gained access to its system or who might be responsible for the attack. ”Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained,” the firm told The Wall Street Journal while noting that cardholder names, addresses and Social Security numbers were not compromised. The company did say that the credit card numbers were downloaded during the attack rather than just being accessed, however, indicating that the perpetrators may intend to use the information to create counterfeit credit cards. Affected Visa and MasterCard customers have not yet been notified that their account information was stolen.

No Comments
mobile
March 30, 2012
by

Selling used Android phones poses huge identity theft risk, expert says

By on March 30, 2012 at 1:25 PM.

Selling used Android phones poses huge identity theft risk, expert says

Android users who are looking to sell their old devices should be wary of the possible consequences. McAfee identity theft researcher Robert Siciliano warned that personal data from Android devices is not completely removed after a user activates the built-in wipe option, The Los Angeles Times reported on Friday. “What’s really scary is even if you follow protocol, the data is still there,” Siciliano said. If you have a BlackBerry or Apple device, Siciliano said your data can be fully deleted by following the manufacturer’s directions. As for smartphones running the Android operating system and computers running Windows XP, Siciliano recommends that people don’t bother with selling them at all. “Put it in the back of a closet, or put it in a vise and drill holes in the hard drive, or if you live in Texas take it out into a field and shoot it,” he said. “You don’t want to sell your identity for 50 bucks.” To test the security of various platforms, Siciliano purchased 30 smartphones and computers from Craigslist. The researcher was able to access personal data from 15 of the 30 devices through his own hacking efforts and the help of a forensic expert. The data obtained included bank account information, Social Security numbers, child support documents and credit card account log-ins. More →

No Comments
Internet
March 28, 2012
by

‘Anonymous’ hackers plan to shut down the Internet this Saturday

By on March 28, 2012 at 2:30 PM.

‘Anonymous’ hackers plan to shut down the Internet this Saturday

Notorious hacker group Anonymous has previously stated its intentions to shutdown the Internet on Saturday, March 31st, as a form of protest. “To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun, on March 31, anonymous will shut the Internet down,” the group stated last month. “Remember, this is a protest, we are not trying to ‘kill’ the Internet we are only temporarily shutting it down where it hurts the most.” Operation Global Blackout 2012 looks to shut down the Internet by disabling its core DNS servers, thus making websites inaccessible. Cyber security experts claim that it is unlikely that such an attack would be effective, however, and there is really no need to fear. Read on for more. More →

No Comments
mobile
March 28, 2012
by

iPhone passcode security can be bypassed in less than two minutes [video]

By on March 28, 2012 at 11:45 AM.

iPhone passcode security can be bypassed in less than two minutes [video]

As a standard security measure, Apple’s iPhone can be set to require a four-digit passcode  whenever the phone’s screen is powered on in order to prevent unauthorized access. With passcode security enabled, a user’s information is theoretically kept private if his or her device ever falls into the wrong hands. A recent Forbes report reveals that law enforcement agencies can bypass the iPhone’s passcode requirement in less than two minutes, however, gaining access to all of the private data stored on the devices. Read on for more. More →

No Comments
mobile
March 20, 2012
by

Android apps with ads found to pose privacy and security risks

By on March 20, 2012 at 10:05 PM.

Android apps with ads found to pose privacy and security risks

Researchers from North Carolina State University have found that mobile applications that integrate advertisements pose privacy and a security risks. The team conducted a study that examined 100,000 apps from the Google Play market and noticed that more than half contained “ad libraries,” while 297 of the apps included “aggressive ad libraries” that could download and run code from remote servers. Researchers also found that more than 48,000 of the apps that were examined could track location via GPS, while others could access call logs, phone numbers and a list of all the apps a user has stored on his or her phone.  Read on for more. More →

No Comments
Security
March 8, 2012
by

Blogger shows the world how to sneak anything past TSA’s nude body scanners [video]

By on March 8, 2012 at 10:45 AM.

Blogger shows the world how to sneak anything past TSA’s nude body scanners [video]

The United States Transportation Security Administration recently invested $1 billion in body scanner technology it claimed would make air travel safer, but the scanners have come under fire since the agency first revealed its intentions. Some people argued that the nude scanners were an invasion of privacy while others were concerned with radiation emitted by the machines. Now, however, it appears as though past arguments pale in comparison to recent information brought to light by scientist and blogger Jonathan Corbett. Read on for more. More →

No Comments
Security
March 6, 2012
by

U.S. police agencies to begin using drones within 90 days

By on March 6, 2012 at 6:40 PM.

U.S. police agencies to begin using drones within 90 days

Legislation signed by President Obama directs the Federal Aviation Administration to allow remotely controlled drones to be used by law enforcement agencies, DGR News Service reported. Within 90 days, police and first responders will have the authority to fly unmanned drones weighing less than 4.4 pounds at altitudes under 400 feet, with drones of all sizes to be permitted by the FAA by September 30, 2015. Previously, the use of drones was restricted in civilian airspace due to safety concerns surrounding the obstruction of larger aircraft. Successful lobbying of drone makers, however, was able to overturn the ruling. More →

No Comments
Security
March 2, 2012
by

Chinese hackers seized control of NASA computers

By on March 2, 2012 at 4:05 PM.

Chinese hackers seized control of NASA computers

Hackers targeted NASA computers, successfully gained access to employee credentials, and took control of systems at NASA’s Jet Propulsion Laboratory, CNN reported on Friday. Paul K. Martin, the agency’s inspector general, cited one case in a report issued this week in which intruders from China-based IP addresses gained “full system access” to change or delete sensitive files and user accounts for “mission-critical” systems at the Jet Propulsion Laboratory. “In other words, the attackers had full functional control over these networks,” Martin said. In an earlier attack, hackers stole credentials of roughly 150 NASA employees. The agency reported that it was targeted with 47 “advanced persistent threats” in 2011, 13 of which successfully compromised NASA’s computers. Read on for more. More →

4 Comments
mobile
March 1, 2012
by

Like iOS apps, Android apps can secretly access photos thanks to loophole

By on March 1, 2012 at 3:45 PM.

Like iOS apps, Android apps can secretly access photos thanks to loophole

The New York Times reported on Tuesday that due to a permission loophole, third party app developers could access an iPhone’s photo gallery app. The paper is now reporting that Google’s Android operating system suffers from a similar security hole. Unlike the iPhone however, which requires an app to have permission to access location data, an Android device that has permission to access the Internet can copy photos to a remote server without notice. “We can confirm that there is no special permission required for an app to read pictures,” said Kevin Mahaffey, chief technology officer of Lookout Security. Read on for more. More →

No Comments
mobile
February 28, 2012
by

Permission loophole gives developers access to iOS photo library and location history

By on February 28, 2012 at 5:20 PM.

Permission loophole gives developers access to iOS photo library and location history

Earlier this month it was revealed that the popular social networking app Path was uploading entire iPhone address books to the company’s servers without first gaining permission. The data uploaded included full names, phone numbers and email addresses. Path quickly confirmed the report and issued an update to allow users to opt-in or out. The New York Times reported on Tuesday that a user’s address book isn’t the only information vulnerable on iOS devices, however. The publications claims photos can also be accessed by third-party app developers. Read on for more. More →

2 Comments
mobile
February 16, 2012
by

Jailbreak apps leak private data less than Apple-approved apps, study shows

By on February 16, 2012 at 6:45 PM.

Jailbreak apps leak private data less than Apple-approved apps, study shows

Last week it was discovered that a number of popular iPhone apps were invading users’ privacy and uploading entire address books to external servers. The data uploaded included full names, phone numbers and email addresses, and the offending apps never asked for permission to transfer this sensitive data. A group of researchers at the University of California at Santa Barbara and the International Security Systems Lab began a study last year to discover how and where iPhone apps were transmitting data, reports Forbes. The team found that one in five free apps in Apple’s App Store was uploading private data to external servers, and apps from Cydia, an app store for jailbroken iPhones, would leak private data less frequently than Apple-approved apps. Read on for more. More →

No Comments
Security
February 15, 2012
by

Google Wallet prepaid service re-enabled after security fix

By on February 15, 2012 at 9:45 PM.

Google Wallet prepaid service re-enabled after security fix

Last week, two exploits concerning Google Wallet left users questioning the service’s security. One of the exploits allowed hackers to bypass PIN protection, but it was only present on rooted devices. A second exploit, however, did not require a handset to be rooted, leaving all Google Wallet users exposed. The company maintained that the service was secure but as a precautionary measure it disabled its prepaid card services, but Google announced on Tuesday that it has patched Wallet and has fixed the vulnerability. Security firm zVelo, however, is not satisfied with Google’s efforts. While the Mountain View-based company has suggested that users with rooted handsets don’t use Google Wallet, zVelo insists that a person can steal an Android phone and then root, thus performing the exploit to bypass the PIN. As an extra layer of security, it is recommended that users configure a passcode to protect their devices from unwanted access. More →

No Comments
Business
February 15, 2012
by

BlackBerry dealt another blow as government agency opts for iPhones, Android

By on February 15, 2012 at 3:05 PM.

BlackBerry dealt another blow as government agency opts for iPhones, Android

Government deployment of BlackBerry smartphones in the United States has been big business for struggling Canadian handset maker Research In Motion, but the tide seems to be turning toward Android and iOS. The National Oceanic and Atmospheric Administration said earlier this month that it would be ditching BlackBerry smartphones in favor of Apple’s iPhone, and now the General Services Administration has added the iPhone and Android devices to its list of approved devices. The GSA, an independent 12,635-person agency that procures supplies and products for other federal agencies, spends upwards of $70 billion each year with contracted vendors. In addition to BlackBerry phones, Android devices and iPhones have now been approved for purchase by GSA staff in order to support “applications that can help them work more efficiently with customers like the Departments of Justice and Homeland Security,” a spokesperson told Bloomberg Businessweek. It is not clear when the policy change went into effect. More →

2 Comments