Security

Scammers used a computer code loophole to trick more than a million people into downloading a rogue Android app. The fake variant of WhatsApp appears to have been designed to distribute ads. The bogus app took advantage of the popularity of the ... genuine WhatsApp Messenger, which has been downloaded more than 60 million times on Google Play alone. It's a tool for exchanging messages with friends or groups over the Internet rather than eating into SMS text message allowances. Extra Space Went Unseen "Update What's App Messenger" was one of numerous bogus apps that tried to mislead users with ... (view more)

One of the key security protections in WiFi has a serious vulnerability, a researcher has revealed. The exploit has to do with the protocol "WPA2" - currently considered the most secure protocol commonly used on WiFi routers and hotspots. Here's ... what you need to know about the WPA2 exploit. What's the problem and what does it affect? Security researcher Mathy Vanhoef has published a demonstration for what he's called "KRACKs," short for key reinstallation attacks. That's a way of exploiting a weakness in WPA2 (WiFi Protected Access II), the security system that is most ... (view more)

T-Mobile has fixed a bug that let hackers get sensitive personal data just by using a phone number. In theory, it could have been possible to collect details on all the company's customers, though T-Mobile denies this. The problem was discovered by ... Karan Saini, a security researcher who discussed the problem with the Motherboard Vice website. The site then approached T-Mobile about the problem. It said "we were alerted to an issue that we investigated and fully resolved in less than 24 hours. There is no indication that it was shared more broadly." (Source: vice.com ) The bug had to do with T ... (view more)

Users of a popular ad-blocking tool have been warned to watch out for a bogus version of the tool. One copy of the fake Adblock Plus was downloaded 37,000 times before being removed from the Google Chrome store. The legitimate version of Adblock ... Plus is one of the most popular tools available as a Chrome extension: a third-party tool that can be added directly to the browser itself. The makers claim that more than a hundred million devices are actively using the tool. The bogus version is particularly ironic, though not in a way that victims would appreciate: rather than block ads, it ... (view more)

Yahoo has admitted that a hacking incident in 2013 affected three billion user accounts. That's three times more than it originally disclosed and means every account was affected. The incident was one of two Yahoo hacks revealed last year. The ... first, announced in September, involved 500,000 accounts being hacked in 2014 . The second, announced in December, was said to have involved a hack of a billion accounts in 2013 . It's the 2013 attack that Yahoo now says it believes "all Yahoo user accounts were affected." It's keen to stress that it only recently discovered that the number was bigger ... (view more)

A newly discovered Internet Explorer bug means rogue websites can track the next site a user visits, or even the next search the user makes. While it's not necessarily devastating in itself, the researcher who found the bug says it is a sign ... Microsoft isn't paying enough attention to its old browser. The bug means that a 'rogue' web page could access the content of whatever the user types in to the Internet Explorer address bar as soon as they press the Enter key. This would normally be another website address, but the way Internet Explorer works means it could also be a search term. Security ... (view more)

Users of the popular CCleaner optimization software have been urged to immediately update the program. The software was recently compromised by hackers for almost a month, though it does not yet appear they did any damage. The warning to update is ... particularly important because CCleaner doesn't automatically update - though it does tell users when a new version is ready. The compromised versions were the 32-bit editions of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 . User who currently have these versions should uninstall them immediately, then get the latest copy from the website of ... (view more)

The majority of Bluetooth devices could be vulnerable to a malware attack. The attack, dubbed BlueBorne, can reportedly spread to devices without needing any action from the victim. The attack takes advantage of a bug in the Bluetooth technology ... itself rather than a specific operating system. At one point this summer an estimated 5.3 billion devices were at risk, running Windows, Android or Linux, as well as Apple devices running systems before the current iOS 10. Fixing the problem will require patches for specific devices and operating systems. Microsoft has patched the issue already, ... (view more)

Around 465,000 pacemakers have been 'recalled' over hacking fears. However, the St Jude Medical brand devices will be patched with a software update rather than removed and replaced. The pacemakers are radio controlled to allow doctors to alter the ... specific rhythm they aim for when regulating a heart beat. This radio control means doctors can adjust to the patients changing needs without the need to remove the pacemaker for alterations. That's important as the surgery for such a removal is inherently risky. No Signs Of Hack Attacks While the precise details haven't been revealed for obvious ... (view more)

More than 700 million email addresses and passwords have been leaked online. While many are bogus, enough appear to be genuine that security experts have advised users to change their email passwords. The collection of account details does not ... appear to have been used for identity theft or other fraud. Instead, the collection has been marketed as a way to send spam messages. The idea is that spammers can login to the compromised accounts in order to send their unsolicited emails. This effectively flies under the spam radar, as most spam comes from IP addresses without any reputation. In this ... (view more)