Browsing Category: SMB Security

The controversy over stealthy monitoring software by CarrierIQ has raised important questions about user privacy and business ethics in the Brave New World of smart phones, tablets and the like. In the uproar over CarrierIQ’s surreptitious monitoring of mobile phone users, various tools have appeared that claim to be able to detect the software. However – removing CarrierIQ from your phone is another matter entirely. And,while some sites have offered instructions on doing so, Kaspersky Lab researcher Tim Armstrong said that, for all but a few mobile phone hardware experts, doing a CarrierIQ-pendectomy is a bad idea. 

Read more...

Facebook has fixed a critical flaw in a user feedback feature that allowed any user to access private photos posted in other users accounts. Before it was fixed, the flaw was used to hack the account of Facebook CEO Mark Zuckerberg and post photos online.

Read more...

Security researchers often use language and metaphors from the natural world to describe problems in the virtual world. (Thus, our use of the terms “virus,” and “worm.”) Now it turns out that the links may not be so arbitrary, after Microsoft researchers discovered that tools they developed to detect spammers’ efforts to avoid anti-spam filters were also great at spotting mutations in the HIV virus.

Read more...

Researchers have known for years that virus writers and attackers pay close attention to the analyses researchers do of their work, and it appears that the Duqu authors are no exception. Shortly after the first public reports about Duqu emerged in early autumn, the crew behind Duqu wiped out all of the command-and-control servers that had been in use up to that point, including some that had been used since 2009.

Read more...

The security industry has no shortage of hard problems to solve, but the one that’s getting the most attention right now is finding a way to improve, or ideally, replace, the CA infrastructure. The latest in what has become a series of recent proposals to help shore up the certificate authority system comes from a pair of Google security researchers who have laid out a plan for providing auditable public logs of certificates as well as proofs for each certificate that’s issued.

Read more...

Categories: Scams, SMB Security

It’s going to be considerably harder to get that sweet, knock-off Louis Vuitton bag you’ve been eyeing, and you can thank the US Immigrations and Customs Enforcement Agency (ICE) for that. The agency reportedly seized control of some 130 websites last week in advance of Black Friday and Cyber Monday, according to a report from The Register.

Read more...

Customers of the Lucky supermarket chain in California were feeling rather unlucky last week, after receiving notice from parent company Save Mart Supermarkets said that self-service checkout lines in 20 of its stores were found to have debit and credit card readers that had been outfitted with card skimmers.

Read more...

When CrowdOptic, a Silicon Valley, venture funded startup, developed a cool application that could stream real-time, context-aware information streams to mobile devices, the applications seemed straight-forward (and lucrative) enough: a blend of advertising and broadcasting that sports franchises and concert promoters might use to create an enhanced and “immersive experience” for fans attending live events. Along the way, however, the company discovered another, even more powerful use for their technology: crowd control.

Read more...