Samsung's Galaxy S6 Edge is blighted by 11 security problems according to the Project Zero team at Google. The team carried out research to determine how easy it would be for an attacker to exploit an Android phone produced by an OEM.

Over the course of just a week of investigations, Google discovered "a substantial number of high-severity issues". While Samsung has now fixed some of the problems, at least three are still to be addressed.

Continue reading →

The hacker group Anonymous is almost synonymous with attacks and data leaks, but while they tend to strike fear into some people, the truth is, if you aren't doing anything wrong then don't be scared. The group tends to stand up against bullies and human rights infractions -- witness its attack against ISIS.

Anonymous has threatened to release details about one the most feared hate groups in the United States, the Ku Klux Klan. The organization was conceived in 1865, just after the Civil War, It was quickly suppressed but reemerged in 1915, though the current incarnation began in 1946. Thankfully, after a long reign of terror, membership numbers have dwindled in recent times.

Continue reading →

UK customers of Vodafone are the latest victims of a hack attack. The telecoms company said that nearly 2,000 customer accounts had been accessed this week, exposing personal data including phone numbers and bank account details.

The security breach took place earlier this week, but it was only this weekend that Vodafone went public about it. A spokesperson said that the attack "was driven by criminals using email addresses and passwords acquired from an unknown source external to Vodafone". There is warning that the owners of the affected accounts could be subject to phishing attacks.

Continue reading →

The recent cyber-attack on TalkTalk has reinforced a common perception that cyber-attacks are the work of shadowy figures operating from bedrooms or basements, attempting to mimic the work of James Bond’s arch rival, Spectre. The reality -- and a lesser known fact -- is that the majority of attacks (55 percent) involve insiders.

These insider-inspired attacks may not grab the headlines in the same way as attacks by 15 year-olds do -- in fact for obvious reputational reasons, they rarely make the newspapers at all -- but they do give the IT departments of the organizations that have suffered the attack just as big a headache.

Continue reading →

The high profile company attacks keep coming these days with Target, Home Depot and, most recently, TalkTalk. Now word comes out that a major web hosting service has also fallen victim, spewing a generous amount of information to anyone interested.

000WebHost is working to resolve the problems, which led to 13 million emails and passwords being made public, but in the meantime it is trying to take precautions to protect users, though it seems a bit late for that.

Continue reading →

One thing no one seems to understand is that you don’t mess with Anonymous. Not unless you want all your dirty laundry publicly exposed on the plains of the digital world.

This time around, Anonymous has set its crosshairs at the KKK, or to be more specific, the Traditionalist American Knights of the Ku Klux Klan (TAKKKK) of Ferguson. It plans on revealing the identities of 1,000 of its members.

Continue reading →

The Metropolitan Police have released a statement saying that a 15-year-old boy has been arrested in County Antrim, Northern Ireland, in relation to the recent TalkTalk cyber attack.

He has been arrested on suspicion of Computer Misuse Act offenses and is currently being questioned by detectives from the Police Service of Northern Ireland (PSNI).

Continue reading →

The world of online security never stands still, and if the past year has shown us anything it's that you don't need sophisticated technology to launch a successful cyber attack.

Security company Trend Micro has released its annual security predictions report outlining the threats it expects to be facing next year. It forecasts continued growth in online extortion, hacktivism and mobile malware, as well as a shift towards an offensive cybersecurity posture for government entities and corporations.

Continue reading →

A new piece of research has raised further worries about data breaches, and specifically, the perception gap between the number of businesses who believe they’ve experienced a breach, and the actual numbers of data breaches occurring.

The research in question is the new Breach Confidence Index from Ilex International, an identity and access management company, which is based on a survey by YouGov that questioned just over 500 IT decision-makers in the UK.

Continue reading →

Chinese president Xi Jinping, and the British prime minister David Cameron, signed an agreement saying the two countries won’t hack and steal each other’s secrets.

A similar agreement was signed between China and the US, just a day before a Chinese cyber-attack against the States.

Continue reading →

Hackers associated with the Chinese government attacked a handful of American companies just a day after the two countries agreed not to cyber-attack one another.

According to CrowdStrike, a prominent American security firm, the attacks against seven American companies started on September 26. On September 25, President Barack Obama said he and Chinese President Xi Jinping agreed that neither government would knowingly support cyber theft of corporate secrets to support domestic businesses.

Continue reading →

The market for stolen goods is bustling, as it always has. The only difference today, as opposed to 25 years ago, is the high-tech approach to crime. Instead of buying your new speakers out of the back of a van you can go online and purchase someone's identity, or at least parts of it, such as a credit card.

A new report from Intel Security Group member McAfee delves into the prices and packaging. It's surprisingly cheap to buy many of these things. Alarming may be a better word. Your credit card may be priceless to you, but not to others.

Continue reading →

If you are like me, you do a lot of work on the go. Not a day goes by where I am not typing away on my laptop in a public place like Starbucks or on a bench. Unfortunately, this opens me up to visual hacking. In other words, devious people can simply glance at my laptop to see what I am doing. If you work with sensitive information, this is a huge problem.

According to a recent 3M-funded study, 90 percent of visual hacking attempts are successful. Luckily, HP has teamed up with 3M to fight this visual hacking scourge. Rather than use clunky screen covers, the computer manufacturer will integrate the 3M technology directly into the laptop display. Whoa.

Continue reading →

An investigation spanning the US and Europe is under way after tens of millions of dollars was stolen from bank accounts. The thefts are believed to have been facilitated by a strain of malware known variously as Dridex, Bugat, and Cridex, enabling a group known as Evil Corp to siphon off funds.

The malware has been known of for some time, but law enforcement agencies have only just started to make significant inroads that could thwart the activities of the botnet. An arrest has now been made in connection to the malware which hijacked online banking login pages on infected computers. After stealing usernames and passwords, taking money from accounts was a simple task.

Continue reading →

Netgear is yet to patch a publicized vulnerability that affects its routers. The security hole, which is described as 'serious', has already been exploited but Netgear is yet to act. The exploit allows attackers to change the affected routers' DNS settings and it is estimated that over 10,000 routers have already been attacked.

Netgear had been informed of the vulnerability by two security companies, but is still to release a firmware update to plug the hole. The exploit was privately revealed back in July by Swiss company Compass Security, but separately discovered and publicly published by researchers at Shellshock Labs in September who explain that it allows for "full remote unauthenticated root access" of routers.

Continue reading →