Posted May 5, 2012
Microsoft is reporting that malware is exploiting unpatched versions of its Microsoft Office Word 2000 suite to compromise Apple Macintoshes running Snow Leopard or earlier versions of Mac OS X. You go, girl.
Android Malware Spreading for First Time via Hacked Sites
Posted May 3, 2012
Lookout Mobile Security is seeing the first Trojan that’s coming over as a drive-by download, which hopefully won’t spread far, given the compromised sites’ relatively low traffic. Read the story.
Mac OS X Lion Update Exposes Clear-Text Passwords
Posted May 7, 2012
Even if it’s patched soon, Mac users should be aware that original, plain-text passwords might be retrievable from Time Capsule backups. The story’s on eWEEK.
US man confesses to part in $1.3M bank and payroll phishing scam
Posted May 8, 2012
A 31-year-old US man from Atlanta, Georgia, admitted last week that he and his gang stole more than $1.3 million USD by phishing confidential account information from e-commerce sites. Be careful, particularly if you do your banking at a large online bank, because those are now scammers’ favored phishing grounds. The Anti-Phishing Working Group’s latest survey shows that PayPal, after years of being phishers’ fav, is no longer No. 1 It’s ecommerce sites (and BANKS!) they’re after, since there’s more coinage to be had. Read it.
13 million US Facebook users not using, or oblivious to, privacy controls
Posted May 4, 2012
We already knew that people weren’t doing enough to protect their privacy on Facebook, but a new report has looked into this in more detail, and the numbers make for alarming reading. Consumer Reports also put out a bunch of good tips on how to use FB privacy controls, which we obviously need. Read more on Naked Security.
Skype knew about IP address security flaw since November 2010
Posted May 3, 2012
Skype learned about a security hole that reveals users’ IP addresses about 18 months ago, according to the security researchers who discovered the vulnerability. Here’s the story.
64% of people think cloud storage is risky, but 45% still go right ahead and use it
Posted May 2, 2012
Sophos polled people at their InfoSec Europe booth last week to find out their views on security in the workplace. Here’s what they found.
Intruder compromises user database for Star Trek Online and other MMORPGs
Posted April 30, 2012
The studio behind Star Trek Online, City of Heroes, City of Villains, and Champions Online suffered a user account database breach 16 months ago… and is only warning users about it now. Read it.
Mobile phone carriers oppose law requiring warrants for location data
Posted April 27, 2012
The proposed US bill doesn’t stop the carriers from handing over location data, but it does require that police get a warrant first. So what is CTIA’s problem with it? Read it and weep.
Teaching Security to the Ungeeky: Convince Them It Matters
Posted on 2012-04-11
Think security’s too technical to teach to everybody? Think again.
That misperception leads to a plague of problems, from USB-introduced viruses, to spending a fortune on fixing products after they’ve shipped. In this, the first in a series on teaching security to the nontechnical, I start with converting the security heathens. Read it and weep.