Security

Outsourcing has become a popular way for big companies to save money. One example: offering 'bug bounties' that encourage independent researchers to help prevent security nightmares. According to a new study completed by University of California ... Berkeley researchers, it's far cheaper for technology firms to use these freelance security experts than expand an existing in-house security team. The study examined the bug bounty programs (otherwise known as vulnerability reward programs, or VRPs) used by two of the Internet's biggest firms: Google and Mozilla, makers of the Chrome ... (view more)

It's estimated that up to 99 per cent of all Android smartphones are vulnerable to a new security vulnerability. The bug involves two of the main security measures used on phones running the popular Android operating system from Google. The first ... security measure affected by the bug is the security check used on all applications that run on an Android phone. Every application has a cryptographic signature, which is a code that confirms the application is genuine. The signature directly correlates to the contents of the application itself, meaning that any attempt to tamper with the contents ... (view more)

Facebook says six million of its users have had their personal data exposed. The issue stems from a security bug that allowed email addresses and phone numbers to be easily accessed by a user's Facebook 'friends'. The problem is associated with ... Facebook's friend recommendation algorithm, which is designed to help users find old friends, family, and contacts and establish new relationships with them. Facebook uses uploaded personal data, including email addresses and contact lists, to find new 'friends'. This system can also be used to invite friends who are not yet Facebook members to join ... (view more)

There's a tendency to blame hackers for security breaches resulting in critical data being compromised. However, a new study finds that, in many cases, human negligence and system problems are also to blame. Recently, security firm Symantec and the ... Ponemon Institute carried out a study investigating the causes of serious data breaches. The findings were quite astounding: in more than one in three cases human error or negligence was to blame for a hack. Another 29 per cent of breaches were the result of system malfunctions. Human Error, System Fails to Blame for Data Breaches This means that, ... (view more)

The Zeus malicious software tool, which is designed to steal bank account information, is reportedly making a resurgence. This time Zeus is being spread through misleading Facebook pages. The Zeus malware, which has been circulating for roughly six ... years, poses as a legitimate file and tricks victims into installing it on their PCs. It then waits until a victim logs into an online banking site before using keylogging tools to capture log-in details. With enough information, the people behind Zeus can empty bank accounts. Malware Targets Bank Accounts, Social Security Numbers To make things ... (view more)

Motorola is experimenting with new methods for securing personal technology devices. The firm is actively searching for alternatives to the standard password. At the recent All Things D(igital) conference in California, Motorola's head of Advanced ... Technology and Projects, Regina Dugan, suggested transforming the human body into a walking verification center. The first method involves an electronic tattoo, whereby an individual would be able to literally wear a passcode on their skin. To pursue this idea Motorola has teamed with an electronics company MC10, which currently offers tattoos with ... (view more)

Iranian hackers pose a greater threat to the U.S. than their Chinese counterparts, a new report suggests. The theory is that China is more interested in spying on the United States while Iran wants to harm vital U.S. systems. The claims come in ... anonymous briefings given by U.S. government and security officials. They follow equally startling warnings by the FBI and Department of Homeland Security (DHS), which encourage U.S. businesses to share details of security threats so that experts can look for common patterns. Previously, U.S. security officials had pointed to the Middle East as a ... (view more)

The feared Zeus Trojan is expected to make a comeback in the next six months. According to security research firm Trend Micro, many cybercriminals are returning to this form of malware as a tool for compromising website security. Zeus is by no means ... new. Its source code was originally spread across the world wide web more than two years ago, and since that time has been customized by cybercriminals. Popular variants of Zeus included 'Citadel' and 'GameOver'. Overall, Zeus (sometimes called Zbot) is one of the oldest forms of financial malware still being used by cybercriminals today. Zeus a ... (view more)

Twitter plans to introduce an "account verification" feature that the social networking site hopes will help beef up security. The move follows a spate of attacks in which high-profile media accounts have been taken over and used to publish bogus ... news claims. The new system is a form of 'two-factor verification', meaning that merely providing a standard password isn't enough. When a person uses two-factor verification security, a hacker who gains access to a password still won't be able to break into an account. If users enable the new system in their account settings, they'll be able to add ... (view more)

Hackers have reportedly threatened to attack the computer system belonging to Cuba-based Guantanamo Bay prison. That has forced the U.S. military to take the facility's wireless network offline. Reports indicate the hack was designed to show support ... for Guantanamo Bay prisoners. More than half of the prison population is currently taking part in a hunger strike focused on raising awareness about the facility's conditions. Guantanamo Officials Fear Hacking Threat Anonymous, a so-called 'hacktivism' group that uses hacking as a form of political protest, began an online campaign to mark the ... (view more)