Security

Some of the web's most popular sites, including Yahoo, AOL, and dating portal Match.com, were recently hit by a wave of malicious advertisements linked to ransomware . The attack was carried out using vulnerabilities in web browsers plugins , and if ... successful, automatically (and silently) installed file-encrypting software CryptoWall on victim's PCs. According to reports, the malicious advertising -- or 'malvertising', as it's being called -- appeared on 22 different websites, including realestate.aol.com, and several Yahoo pages, including Yahoo Finance and Yahoo Sports. Three Million ... (view more)

Security researchers have purposely unleashed tools that could help hackers use USB drives to secretly spread malware on computers, including mobile devices with USB ports. The goal in releasing such tools is to coerce USB drive manufacturers into ... doing more to protect consumers against such attacks. The attack vector was initially reported in early August of this year, and until now was only theoretical. The tools were released by security researchers Adam Caudill and Brandon Wilson. Their campaign is inspired by the unveiling of " BadUSB ," a type of attack that uses a USB thumb ... (view more)

The Federal Bureau of Investigation's (FBI) director believes encrypting information on smartphones makes Americans less safe from violent criminals. In fact, James Comey suggests that smartphone companies may be marketing the feature in a way that ... actually encourages criminal behavior. Largely in response to the scandal involving the National Security Agency (NSA) and Edward Snowden , the world's largest mobile phone technology companies have introduced encryption systems designed to help users protect their data against government snooping. Last week Google announced it would enable ... (view more)

A new report from a government auditor suggests that the United States Healthcare.gov web site is missing basic security features. The most alarming findings include ineffective cyber security controls, such as resilient passwords and stable ... security patching. Healthcare.gov represents the central hub of the Obama administration's Affordable Care Act, which is intended to offer U.S. citizens an easier method of finding and acquiring health insurance. However, since the site's launch in October 2013 it has suffered from stability problems, with issues lingering well into 2014. ... (view more)

A company that helps protect websites against a popular form of cyber attacks says it's solved a major security concern. The change could mean high-profile websites can be much more resilient and secure. The company in question is CloudFlare, which ... offers services to defend against denial of service attacks (DoS) , including distributed denial of services attacks (DDoS) . That's where cyber attackers flood a website with bogus data requests, until the site (or server) is no longer able to deal with legitimate requests. Oftentimes such an attack will bring a web server to a grinding ... (view more)

Apple has denied any responsibility for the recent theft and publication of compromising photographs of celebrities. But some analysts say the pictures were vulnerable thanks to a combination of Apple's technical setups, plus the easy availability ... of password cracking software designed specifically for law enforcement authorities. Pictures and videos of famous females such as Jennifer Lawrence, Kirsten Dunst and Kate Upton began circulating earlier this week after being posted at controversial website 4chan. The US Federal Bureau of Investigation (FBI) is said to be investigating, but it ... (view more)

A new form of ransomware has reportedly infected more than half a million computers in the past six months, making its creators an estimated $1 million. Ransomware is a type of malicious software (or " malware ") that takes control of a computer ... system and then holds it for ransom. In many cases, if victims do not pay the ransom, the data on the computer is encrypted and rendered unusable. The ransomware program in question is known as CryptoWall. According to Dell SecureWorks' Counter Threat Unit (CTU), CryptoWall has been spreading rapidly since late last year. In fact, in ... (view more)

A new report suggests that consumers are concerned about digital security threats -- like the rapidly spreading 'Backoff' malware -- but very few make any changes in an effort to better protect their most sensitive information. The report comes from ... Russian security firm Kaspersky Lab, which recently carried out an online survey of 11,000 people based in 23 countries. (Source: kaspersky.com ) Kaspersky's survey revealed that over three-quarters of all respondents use several devices to connect to the Internet. About one in four respondents said they do most of their Internet ... (view more)

A new report suggests that roughly one thousand American businesses have been victimized by 'Backoff', a form of malware that exposes customers' most sensitive information, including credit card data. Backoff made headlines late last year when ... retail giant Target was hit , exposing credit card data of roughly forty million customers. Now, the National Cybersecurity and Communications Center (NCCIC) and U.S. Secret Service are suggesting that many more businesses have been exposed by the same malware. If an infection occurs, the Backoff malware is capable of recording keystrokes ... (view more)

A new survey suggests that the majority of hackers carry out their work simply because they find it fun and thrilling. The survey also found that only a small portion of hackers do their work in pursuit of financial gain. The survey was carried out ... by Washington-based security firm Thycotic, which asked hackers attending last week's Black Hat conference (held in Las Vegas, Nevada) what motivated them. More than half of the respondents, or 51 per cent, said they hack for the "fun" and "thrill" of it. Just 19 per cent, or about one in five of the hackers surveyed, said ... (view more)