If you have any private photos on Facebook that you really don’t want out there, consider this story your fair warning to delete them. A flaw in the social networking site’s reporting mechanism allows users to peer into content that is otherwise marked "private". Now would be a good time to remove that pic of drunken you mooning the boss.

Facebook flaw briefly exposes private photos, including CEO Mark Zuckerberg’s

Posted: December 6th, 2011 under Facebook, Internet, Privacy, Security.
Comments: none

Millions of iPhones, Android and other smartphones have the Carrier IQ spyware rootkit in them. Here’s how to find it and try to zap it.

Finding and cleaning out your smartphone’s Carrier IQ poison | ZDNet

Posted: December 2nd, 2011 under Security.
Comments: none

Columbia University’s Intrusion Detection Systems Lab has found a significant core vulnerability in certain networked HP printers that lets a remote system infiltrate print jobs, remotely inject malware into the printer’s firmware that takes control of the machine.

Columbia researchers show remote HP printer hijack [video]

Posted: November 30th, 2011 under Security.
Comments: none

The United Nations finds itself resecuring its network Wednesday following a hack that resulted in the login details of the employees of several divisions being posted to the Internet. Calling itself TeaMp0isoN, the group calls the UN "a Senate for global corruption" and "sits to facilitate the introduction of a New World Order and a One World Government".

United Nations hacked! Passwords posted!

Posted: November 30th, 2011 under Security.
Comments: none

Most major sites supporting HTTPS operate in a non-forward secret fashion, which runs the risk of retrospective decryption. In other words, an encrypted, unreadable email could be recorded while being delivered to your computer today. In ten years time, when computers are much faster, an adversary could break the server private key and retrospectively decrypt today’s email traffic.

Google Online Security Blog: Protecting data for the long term with forward secrecy

Posted: November 28th, 2011 under Google Chrome, Security, Software.
Comments: none

Malware aimed at the Android platform has increased five-fold since July, raising questions on the open-door policy Android has in installing apps. IT company Juniper Networks says the reason for this is the Mountain View, Calif. company’s own lax attitude when it comes to oversight.

Malware on Android begins to spiral out of control

Posted: November 21st, 2011 under Android, Operating Systems, Security.
Comments: none

Anti-spyware company Lavasoft AB is now owned by a set of online entrepreneurs who have been linked with misleading websites.

The Montreal-based entrepreneurs, who purchased the company’s assets in January, have previously been accused of selling the free versions of Lavasoft products to unwitting internet users as recently as 2007 via cyber-squatting sites.

Were Lavasoft’s buyers once on its hit list? • The Register

Posted: November 13th, 2011 under Security, Software.
Comments: none

Summary: One version of the attack was triggered by a rigged Microsoft Word .doc that probably included some social engineering and required the target to open the booby-trapped file.

The mysterious Duqu malware attack exploited a zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan.

Windows kernel ‘zero-day’ found in Duqu attack | ZDNet

Posted: November 1st, 2011 under Internet, Operating Systems, Security, Windows 7, Windows Vista, Windows XP.
Comments: none

iPad 2 owners need to reconsider just how secure their tablets are following the discovery of a flaw that allows attackers with Apple Smart Covers to unlock iPads, even if they are password protected. The issue was first disclosed in the forums of German Apple enthusiast site apfeltalk.de, and has since been replicated numerous times including in tests by BetaNews.

Want to break into iPad 2? Get a Smart Cover

Posted: October 21st, 2011 under Apple, iPad, Security.
Comments: 1

In the old, old days researchers wrote virus code to prove a point and lone coders released malware that disseminated a message or simply vandalized computers. Modern malware is all about money. Symantec has just released a report on the various techniques used to make a profit from Android-focused malware. Given that Android is now the most widespread mobile platform, it’s a wide-open field for malefactors seeking to cash in.

How Android Malware Makes Money

Posted: October 20th, 2011 under Android, Security.
Comments: none