Sofia Elizabella Wyciślik-Wilson

Companies are often criticized for the length of time it takes them to patch security problems found in software. But this week Microsoft exceled itself, taking just 7 hours to patch a serious security hole in Office 365 that made it possible to gain unrestricted access to businesses' cloud accounts.

A problem with the SAML authentication system meant that it was possible to gain access to just about any Office 365 account, including accessing connected services like Outlook, OneDrive and Skype for Business. More than this, the exploit allowed an attacker to infiltrate companies and organizations such as Verizon, Georgia State University and British Airways who use Office 365. The researchers who unearthed the issue have praised Microsoft for dealing with it so quickly.

Continue reading →

Facebook has published its latest Global Government Requests Report covering the second half of 2015. The transparency report reveals that there has been as 13 percent increase in the number of government requests for data, but it also shows that Facebook is still not able to be as transparent as it might want.

For the first time the social network is able to report about the number of data requests that have a non-disclosure order attached to them. More than half of the requests -- 60 percent, in fact -- have gagging orders that prevent Facebook from notifying users about requests for their data.

Continue reading →

With the new big update to Windows 10 just around the corner, Microsoft is pulling out all the stops to make sure that developers have access to the tools they need to take advantage of the new features. Windows 10 Anniversary Update is due for release in July and ahead of the big day Microsoft has released a new SDK.

Having open-sourced the Xamarin iOS, Android and Mac SDKs, the launch of the Windows 10 Anniversary Update SDK Preview gives developers a chance to make sure their code works ahead of the update rollout. It is compatible with Build 14332 (and newer) of Windows 10 Insider Preview and includes an important selection of bug fixes.

Continue reading →

The Snooper's Charter -- or the Investigatory Powers Bill -- is a highly controversial piece of legislation the UK government is trying to bring into force to allow for the bulk collection of data, NSA-style. Outside of government, it is widely regarded as a massive invasion of privacy, and the human rights group Liberty is just one of the organizations that is very vocally opposed to it.

The bill will require ISPs to record customers' browsing histories for an entire year, and will permit the government to remotely hack phones and computers, as well as requiring tech companies to provide backdoor access to encrypted data. To highlight what is at stake, Liberty is running a No #SnoopersCharter campaign, and has released a video that attacks the notion of 'if you have nothing to hide, you have nothing to fear' head on.

Continue reading →

Apple had been hoping that the FBI would come clean about how it managed to gain access to the San Bernardino iPhone, but that's just not going to happen. The agency managed to crack the iPhone 5C at the center of the case after getting help from a third party rather than Apple.

But now the FBI has confirmed that it doesn't really know how the cracking tool works. Or, more precisely, it did not buy the rights to the technical details of the tool. After a very public battle with Apple, the FBI ultimately resorted to getting help from elsewhere, and there had been fears that the method would be classified -- now it seems it will remain secret simply because the FBI doesn't understand the tool it used.

Continue reading →

A federal judge has ruled that Amazon is liable for sending out bills to parents of children who made in-app purchases without permission. Amounting to millions of dollars, the bills have now been deemed unauthorized, and Amazon faces having to pay back a large percentage of the money.

The case has echoes of similar legal action brought against Google and Apple for purchases made by children in the App Store and Google Play. Amazon, Apple and Google have all implemented systems to prevent unauthorized purchases since being investigated by the FTC back in 2014.

Continue reading →

Microsoft's embracing of the open source movement grows ever tighter, and today the company announced that its Xamarin SDKs (available for Android, iOS and Mac) will be open sourced. It's not long since Microsoft bought Xamarin, and just weeks later the SDKs are being opened up.

Announced at the Xamarin Evolve 2016 event, the move sees Microsoft trying to encourage mobile developers. The company says it has already made great strides in this area: "we helped nearly 3.5 times more developers get started building great apps with Xamarin than ever in our history as a company".

Continue reading →

Google is already embroiled in one antitrust case in Europe where the company stands accused of abusing Android's dominance. Now photo agency Getty Images is accusing Google of promoting piracy and engaging in anticompetitive behavior by 'scraping' images from third party sites.

In a familiar-sounding complaint, Getty Images also says that Google skews search results in favor of its own services -- such as Google Images. The photo agency says that this directly impacts upon rival services, but perhaps the big charge is that a change made to Google Images provided access to copyrighted material and "promoted piracy, resulting in widespread copyright infringement".

Continue reading →

Security firm Kaspersky has released a tool that can be used to decrypt files on computers hit by the CryptXXX ransomware. Rather than paying the ransom demanded to regain access to files, victims are now able to turn to the free RannohDecryptor utility.

CryptXXX had been identified by ProofPoint earlier in the month and described as being closely linked to the Reveton ransomware operation and Angler/Bedep. The ransom of $500 is considered to be quite high, but Kaspersky's free decryption tool means that files can be retrieved without having to part with a cent.

Continue reading →

At its Dropbox Open in London, Dropbox unveiled a preview of its new Project Infinite technology. At its heart, it's a simple idea. Regardless of whether files have been synced to a device or not, they will show up in Dropbox on the desktop.

The aim is to reduce the reliance on browser-based tools which can slow down workflow. It allows for collaborators to gain instant access to files their co-workers have shared with them and allows files stored in the cloud to be treated in the same way as those stored locally.

Continue reading →

Nokia used to be a name associated with smartphones but now the Finnish company is looking to venture into a different area of the mobile device market. Today the company announced plans to acquire French health, fitness and wearables firm Withings for €170 million ($191 million).

Withings will join Nokia Technologies as the former smartphone manufacturer branches out into the Internet of Things and the lucrative health market. The acquisition will be settled in cash, and is expected to be completed by Q3 this year.

Continue reading →

There has been a lot of interest in online abuse in recent months, and social networks are taking steps to weed out the trolls and abusers. Twitter has already introduced a number of measures to help tackle trolls, and today announces the availability of a new reporting tool for users.

Now rather than having to report a number of abusive tweets individually, it is possible to report up to five tweets simultaneously. As well as reducing the workload for someone who feels the need to report content, the new tool also makes things easier for Twitter as it allows for additional information to be gathered.

Continue reading →

ISIS has been able to gain notoriety not only because of the atrocities committed, but through incredibly careful and calculated use of technology in general and the internet specifically. The likes of Twitter and Facebook have been embroiled in an on-going battle against terrorist social media accounts, and now the US military is taking the fight online as well.

Cyber Command is waging cyber war on Islamic State, trying to cyberbomb the terrorist organization into submission and prevent it from recruiting or spreading propaganda online. Using information gathered from the NSA, Cyber Command has turned its attention away from its usual targets such as Russia and China to focus instead on ISIS.

Continue reading →

YouTube is not paying artists enough in royalties for music videos, and Mötley Crüe's Nikki Sixx has had enough. He says that the Google-owned video site pays just a fraction of the likes of Apple and Spotify.

Sixx is calling on other musicians to join forces in a bid to make YouTube dig deeper into its pockets and pay artists a fair share. He is quick to point out that this is not just about getting more money for himself, insisting that he is also looking out for "the little guy -- the up and comers that we were at one point".

Continue reading →

A security researcher has discovered a way to get around Windows' AppLocker security system. Casey Smith found that it was possible to use Regsvr32 to call up a remotely hosted file that could be used to run any application -- malicious or otherwise -- of your choice.

This is something that will be a concern to companies, many of whom rely on AppLocker as it restricts what users are able to run on their computers. What is particularly concerning is the fact that the exploit does not require administrator privileges, and doesn't make any changes to the registry which makes it difficult to detect.

Continue reading →