Security

South Carolina taxpayers are upset after an estimated 3.6 million of their Social Security numbers were exposed to an international hacker who breached the state's Department of Revenue database. Approximately 387,000 credit and debit card numbers ... were also exposed during the attack. Luckily, most of these numbers appear to have been encrypted. The breach occurred in mid-September 2012. However, South Carolina officials didn't learn of the problem until several weeks later. Officials then initiated an investigation that discovered how the data had been accessed. South Carolina officials say ... (view more)

The barcodes on airline boarding passes may look innocent. However, one security researcher says that a smartphone camera allows anyone to figure out whether or not they'll be selected for a security check. Aviation expert John Butler recently ... noted, via his blog, that the information on barcodes isn't encrypted. (Source: wordpress.com ) Although airport staff use special scanners to read the barcodes, it turns out that a camera phone can scan the barcode and the proper app can convert it to a string of codes. You can then use the Internet to find out what these codes mean. Pre-Check ... (view more)

The Federal Trade Commission (FTC) says an Internet firm claiming it collected only shopper opinions about the products they bought was actually collecting personal data. The firm, Compete, is negotiating a court-approved settlement of the charges. ... So far, the punishment the company will face has not been publicly revealed. Compete used online ads to recruit customers into its "Consumer Input Panel", telling them they can give their opinions and win prizes. To participate, however, consumers needed to install special tracking software on their computers to monitor what websites they visited. ... (view more)

Facebook has announced an improvement to its antivirus marketplace. At the same time, the social networking site also announced it will begin working closely with security companies to build a database of dangerous, rogue websites. The security ... software will be featured in Facebook's antivirus marketplace, which launched this past April. The marketplace allows security firms to promote their products and allows users to choose one antivirus product for a free trial, then extend their coverage with a paid subscription. Facebook says 30 million users have visited the marketplace since it ... (view more)

According to a new report, weak software programming by medical companies could allow a hacker to deliver a fatal shock to a heart patient. The report is based on research by Barnaby Jack, a security analyst for IOActive who specializes in threats ... to medical technology. In a recent presentation at the Breakpoint Security Conference in Melbourne, Australia, Jack said that programming flaws associated with the wireless transmitters that send data to pacemakers could be exploited by hackers. According to Jack, hackers could exploit this vulnerability in a way that "could definitely result in ... (view more)

Yesterday Mozilla's security chief told users to stop using the latest edition of his company's browser. Michael Coates said the first release of Firefox version 16 contained a serious security flaw. Fortunately, hackers were unable to exploit the ... flaw and Mozilla has since offered a solution to the problem. The problem was particularly serious because Firefox users may have unknowingly upgraded to the new edition. Mozilla uses background updates, so security patches and new editions are downloaded and installed without user control or approval. Most of the time this isn't a problem. In this ... (view more)

A security company has come up with a way to reduce the effectiveness of website hacking. The plan is to split customer passwords and store them in two or more separate locations. The idea for split passwords comes from security firm RSA, which says ... the new technique aims to frustrate hackers who breach website security in order to acquire user names and passwords. Sometimes that data are stored without any encryption. Even when they are encrypted, hackers are often able to break the encryption, given enough time. Such breaches of security can be particularly dangerous if any of the site's ... (view more)

Several security advisors are warning Skype users to watch out for bogus messages with links that install malicious software. Once installed, a worm virus may pretend to hold the user's files hostage and demand payment for releasing them. Graham ... Cluely of security firm Sophos warns that the scam involves instant messages rather then voice or video chats. Potential victims receive a message containing phrases such as "lol is this your new profile pic?" The message includes a link that takes the user to a Google website featuring their own Skype name. In fact, the link points to "Goo.gl ... (view more)

A woman whose business intentionally scammed computer users by means of bogus security software has been ordered to pay a $163 million fine. Kristy Ross was vice president of Innovative Marketing, a firm legally registered in Belize (likely for ... favorable tax purposes) but actually operating out of Ukraine. The company has been the subject of legal action by the Federal Trade Commission (FTC) for the past four years. (Source: ftc.gov ) Bogus Security Scan Attracted Customers Innovative Marketing's business was actually a scareware scam: placing bogus website ads that pretended to scan a user's ... (view more)

The U.S. Federal Trade Commission (FTC) has banned several companies from using spy software on computers they rent out. The banned software not only logged users' keystrokes but unobtrusively accessed the computers' webcams. PC Rental Agent is the ... software that appears to have been used in more than 400,000 "leasable" computers around the world, including those rented out by 1,617 rent-to-own stores in North America and Australia. (Source: ftc.gov ) The software is ostensibly designed to track down computers when rental customers disappear with the machines. However, the FTC has ... (view more)