Threats RSS Feed - Symantec Corp.

http://www.symantec.com/business/security_response/landing/threats.jsp

W32.Mezit!inf

- Thu, 17 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Shylock!gen12

- Thu, 17 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Infostealer.Dande

- Thu, 17 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Pandex!gen4

- Wed, 16 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Zbot!gen74

- Tue, 15 Apr 2014 00:00:00 +0000

Risk Level: Low. Type: Trojan.

SONAR.SuspLaunch2

-

Risk Level: Very Low. Type: Trojan.

Backdoor.Kihomchi

- Tue, 15 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

VBS.Crigent

- Tue, 15 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.Sality!gen1

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Low. Type: Virus, Worm.

SONAR.Sality!gen2

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Low. Type: Virus, Worm.

SONAR.SelfHijack!gen1

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.ProcHijack!gen5

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.SuspBeh!Drop

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Gatak!gm

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.Zbot!gen3

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.RogueAV!gen23

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low.

SONAR.RogueAV!gen22

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low.

Trojan.Shylock!gen10

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Shylock!gen11

- Mon, 14 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Bloodhound.Exploit.551

-

Risk Level: Very Low. Type: Trojan.

Packed.Generic.460

- Sat, 12 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Shylock!gen9

- Tue, 8 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Gatak!gen4

- Mon, 7 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Android.Virusshield

- Tue, 8 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Necurs!gen5

- Fri, 4 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Asprox.B

- Fri, 4 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

O97M.Crigent

- Thu, 3 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Yontoo.C

- Wed, 2 Apr 2014 00:00:00 +0000

Risk Level: Very Low.

Trojan.FakeAV!gen120

- Thu, 3 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.FakeAV!gen119

-

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomlock.AK

- Tue, 1 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

W32.Pixipos

- Tue, 1 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Worm.

Trojan.FakeAV!gm

- Wed, 2 Apr 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Denpur

-

Risk Level: Very Low. Type: Trojan.

Backdoor.Lokidok

-

Risk Level: Very Low. Type: Trojan.

Android.Malminer

- Thu, 27 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

PUA.Maltrec.TS!g1

- Wed, 26 Mar 2014 00:00:00 +0000

Risk Level: Very Low.

Trojan.Cryptodefense

- Wed, 26 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

W32.Craq

- Tue, 25 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Worm.

Trojan.Gampass!gen5

- Wed, 26 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Bloodhound.Exploit.550

- Tue, 25 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Trensil

- Mon, 24 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Adware.Maltrec.TS!g4

- Fri, 21 Mar 2014 00:00:00 +0000

Risk Level: Very Low.

Adware.Maltrec.TS!g6

- Fri, 21 Mar 2014 00:00:00 +0000

Risk Level: Very Low.

Trojan.Tsyrval

- Fri, 21 Mar 2014 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Security News Headlines - Yahoo! News

http://news.yahoo.com/security/

Health care site flagged in Heartbleed review

- Sat, 19 Apr 2014 01:18:27 -0400

FILE - This Wednesday, Nov. 27, 2013, file photo, taken in Washington, shows part of the HealthCare.gov website page featuring information about the SHOP Marketplace. People who have accounts on the enrollment website for President Barack Obama?s signature health care law are being told to change their passwords following an administration-wide review of the government?s vulnerability to the confounding Heartbleed computer virus. Senior administration officials said there is no indication that the HealthCare.gov site has been compromised and the action is being taken out of an abundance of caution. (AP Photo/Jon Elswick, File)WASHINGTON (AP) ? People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw.


Now Android fans can play one of the greatest computer games ever on their tablets

- Fri, 18 Apr 2014 21:15:11 -0400

Now Android fans can play one of the greatest computer games ever on their tabletsOld-school RPG fans still get nostalgic when you bring up Baldur?s Gate, the classic Bioware D&D-based adventure that set the standard for computer RPGs when it was released all the way back in 1998. In fact, the Balur?s Gate series?s popularity has been so enduring that studio Beamdog has overhauled it with improved graphics and features while also adding touch controls to make it easy to play on tablets.†Although Beamdog released its Baldur?s Gate: Enhanced Edition for the iPad a while ago, the studio has finally gotten around to porting it to Android, and it?s now available on the Google Play store for $9.99. Although the iPad version of the overhauled Baldur?s Gate received mixed marks for its buggy controls,


Biometrics expert slams Apple and Samsung fingerprint scanners as unsecured ?gimmicks?

- Fri, 18 Apr 2014 13:28:42 -0400

Biometrics expert slams Apple and Samsung fingerprint scanners as unsecured ?gimmicks?It?s pretty safe to say that†computer science Professor Willy Susilo won?t be relying on a fingerprint scanner to keep his mobile phone secure. In an interview with The Sydney Morning Herald,†Susilo says that the fingerprint scanners used by Apple and Samsung are mere ?gimmicks? that hackers can easily fool and that don?t give users and real biometric security.† That said, Susilo doesn?t think†that this means biometrics have no place mobile security. In fact he?s very bullish on two different kinds of biometrics scanners that may one day grace our smartphones: Retina scanners and vein scanners. Susilo is more optimistic about vein scanners, mostly because there are concerns among biometrics researchers that iris scanners could present cancer risks. Another advantage to


Research shows it?s ?blind luck? that asteroids haven?t destroyed a major city yet

- Fri, 18 Apr 2014 11:50:08 -0400

Research shows it?s ?blind luck? that asteroids haven?t destroyed a major city yetWell, here?s something happy to think about as you head into the weekend. Phys.org brings us word that three former NASA astronauts are going to present new research next week showing that there have been 26 asteroid crashes since 2001 that have caused ?atomic-bomb-scale explosions? that have fortunately been far away from major population centers. The research, which was conducted by the†B612 Foundation, used data from a†nuclear weapons warning network to measure the impact of major asteroid strikes on the Earth?s surface. ?This network has detected 26 multi-kiloton explosions since 2001, all of which are due to asteroid impacts,? explained B612 Foundation CEO Ed Lu, a physicist who worked at NASA from 1994 until 2007.†?It shows that asteroid impacts are


Attention Scrapbookers: Michaels Confirms Credit Card Data Breach

- Fri, 18 Apr 2014 11:27:49 -0400

Attention Scrapbookers: Michaels Confirms Credit Card Data BreachMichaels Stores finally confirmed on Thursday that the credit card data of nearly 3 million customers was compromised in a recent data breach. A company subsidiary,†Aaron Brothers, had up to 400,000 customer credit cards compromised by the breach, while Michaels Stores reported about 2.6 million vulnerable cards. The company concluded that the data breach happened at a limited number of point-of-sale systems at Michaels stores, using "highly sophisticated malware" not previously encountered by the security firms hired to investigate the breach. Michaels confirmed that it is aware of a "limited number" of fraudulent charges potentially connected to the breach.


?Highly sophisticated malware? stole credit card data from 3M Michaels customers

- Fri, 18 Apr 2014 07:25:40 -0400

?Highly sophisticated malware? stole credit card data from 3M Michaels customersAfter LaCie announced earlier this week it was the victim of a massive credit card breach that lasted for a year, crafts store Michaels revealed in a press release that hackers may have stolen credit card data for 3 million of its customers, including buyers that shopped at its Aaron Brothers subsidiary. The company has hired two independent security firms to conduct an extensive investigation, which revealed that payment systems in Michaels and Aaron Brothers stores were attacked by ?highly sophisticated malware? that had not been seen before by either firm. While the malware has been neutralized at this time, the company determined that the hack was quite extensive, allowing hackers to steal certain payment information including card number and


Scary Android malware uses Facebook to bypass two-factor authentication

- Thu, 17 Apr 2014 19:15:49 -0400

Scary Android malware uses Facebook to bypass two-factor authenticationAndroid users have yet another piece of malware to worry about.†PC World points out a technique that is specifically targeting Facebook users who use mobile banking. On computers infected with this trojan, users will see a message when visiting Facebook?s website alerting them that ?due to a rising number of attempts in order to gain unlawful access to the personal information of our users and to prevent corrupted page data to spread Facebook administration introduces new extra safety protection system.? If users click on the alert, they will then be directed to a page that instructs them to specify their mobile operating system and phone number. After that, they are then given a QR code for downloading an app on


Retailer Michaels Stores confirms payment card data breach

- Thu, 17 Apr 2014 18:20:19 -0400

A Michaels arts and crafts store is seen in San Diego, California(Reuters) - Michaels Stores Inc, the biggest U.S. arts and crafts retailer, on Thursday confirmed that there was a security breach at certain systems that process payment cards at its U.S. stores and that of its unit, Aaron Brothers. The company said in January that it was working with federal law enforcement officials to investigate a possible data breach. Michaels Stores said the breach, which took place between May 8, 2013 and January 27, 2014, may have affected about 2.6 million cards, or about 7 percent of payment cards used at its stores during the period. There was no evidence that data such as customers' name or personal identification number were at risk, Michaels Stores said in a statement.


Cyber cops: Target hackers may take years to find

- Thu, 17 Apr 2014 17:51:14 -0400

In this Feb. 20, 2014 photo, a man walks through a hall at Secret Service offices in Washington. Secret Service investigators say it could take years to identify the hackers who breached Target?s computer systems in December _and even longer to bring them to justice. (AP Photo/Carolyn Kaster)WASHINGTON (AP) ? Secret Service investigators say they are close to gaining a full understanding of the methods hackers used to breach Target's computer systems last December.


Business Highlights

- Thu, 17 Apr 2014 17:28:27 -0400

___ China factories face new challenge as growth slows Chinese manufacturers are discovering that being an efficient low-cost producer is no longer enough to prosper in the face of the country's slowing ...

Researcher finds flaw in Samsung fingerprint check

- Thu, 17 Apr 2014 15:34:39 -0400

BERLIN (AP) ? A Berlin-based researcher says he has managed to fool the fingerprint-based security system on Samsung's new Galaxy S5 smartphone using wood glue and a picture of the original print.

Hackers make Siri vastly more useful by modifying it to control Nest, Spotify

- Thu, 17 Apr 2014 11:00:11 -0400

Hackers make Siri vastly more useful by modifying it to control Nest, SpotifySiri is getting a lot of competition from Google Now and Microsoft?s Cortana these days, but some young hackers have just made Siri much more useful, even if they did so without Apple?s permission. Engadget draws our attention to†GoogolPlex, a new hack†for Siri developed by a quartet of freshmen at the University of Pennsylvania that lets you use Apple?s voice-enabled personal assistant to adjust the temperature on your Nest thermostat or to shuffle through your Spotify playlist. What makes this particular hack really great is that it?s extremely easy to set up. First, you need to go to your Wi-Fi settings on your iOS device and click on the ?i? icon next to the network you?re connected to. From there,


Police charge Canadian in Internet privacy breach

- Wed, 16 Apr 2014 21:23:55 -0400

OTTAWA, Ontario (AP) ? Police have charged a 19-year-old Canadian man in connection with the loss of taxpayer data from Canada's tax agency website.

It Took Just Four Days to Hack the Samsung Galaxy S5's Fingerprint Scanner

- Wed, 16 Apr 2014 18:01:55 -0400

It Took Just Four Days to Hack the Samsung Galaxy S5's Fingerprint ScannerIt took German "researchers" at†SRLabs†just four days to created a fake fingerprint using wood glue that can bypass the scanner on the brand new†Samsung Galaxy S5. Unlike the iPhone, the Samsung Galaxy S5 is integrated with PayPal, and the fingerprint scanner is used to authorize transactions and money transfers in the device. PayPal issued a statement in regards to the security scare: ?PayPal never stores or even has access to your actual fingerprint with authentication on the Galaxy S5. Brett McDowell, head of ecosystem security at PayPal, believes that this hack proves only a very minor threat: ?This is not something you can do on any number of devices.


U.S. SEC releases cyber security examination blueprint

- Wed, 16 Apr 2014 17:06:36 -0400

By Sarah N. Lynch WASHINGTON (Reuters) - U.S. securities regulators have unveiled a road map that lays out how they plan to make sure Wall Street firms are prepared to detect and prevent cyber security attacks. The SEC also plans examinations of more than 50 firms that will focus on cyber security-specific issues. The document's release comes several months after Jane Jarcho, an associate director in the SEC's investment adviser examination program, announced in a speech the agency planned to scrutinize whether firms have policies to prevent cyber attacks. The SEC subsequently followed up with a March 26 roundtable where experts debated how public companies, brokerages, asset managers and exchanges can protect themselves from cyber threats, and what role the U.S. government should play to ensure such attacks are adequately disclosed.

American Funds urges password change to counter 'Heartbleed' bug

- Wed, 16 Apr 2014 15:39:45 -0400

A lock icon, signifying an encrypted Internet connection, is seen on an Internet Explorer browser in ParisBy Jim Finkle and Ross Kerber BOSTON (Reuters) - American Funds, the No. 3 U.S. mutual fund family, advised some customers to change user names and passwords on Wednesday as the number of companies and people affected by the notorious "Heartbleed" bug grows. American Funds also advised customers who logged into Americanfunds.com from December 12, 2013 to April 14 to create new security questions and delete their browsing history. Heartbleed refers to a security bug in software known as OpenSSL used in about two-thirds of all websites and many other technology products. Dan Guido, chief executive of cybersecurity startup Trail of Bits, said more warnings are likely because no company will want to be remiss in trying to protect customers.


Why Heartbleed could be much worse for Android users

- Wed, 16 Apr 2014 14:14:34 -0400

Why Heartbleed could be much worse for Android usersEven though Google does not have a Heartbleed problem, particularly since†the company has known about the OpenSSL bug a month before everyone else,†a large number of Android users may still be at risk, The Guardian reports. And that?s not because Google has not patched the security flaw, but rather because Heartbleed indirectly benefits from several factors. For starters, Heartbleed only affects one version of Android and that?s the ?old? Android 4.1.1. However, that also happens to be a very popular Android version running on Android phones, with as many as 50 million users running it on their current devices. The number comes from analytics firm Chitika, although†Google is only saying that ?less than 10%? of Android devices activated worldwide are


Not even Tor can keep you safe from Heartbleed

- Wed, 16 Apr 2014 13:18:35 -0400

Not even Tor can keep you safe from HeartbleedSo here?s some sort-of good news: Cybercriminals might be just as freaked out about the Heartbleed bug as the rest of us. Trend Micro analyst J.D. Sherry writes that revelations about the gaping hole in the Open SSL, the†security protocol used to encrypt web traffic, have caused ?shell shock in the Deep Web as many of the hidden services within the TOR (The Onion Router) are impacted as well.? Why is Heartbleed so potentially thorny for people who use Tor? Well consider what makes Tor so popular for criminals in the first place:†It†keeps your online activity anonymous by routing†your traffic through several different servers before sending it through to your computer. However, the anonymity of your communications can become compromised


Beware, phone thieves: The smartphone ?kill-switch? is coming

- Wed, 16 Apr 2014 11:30:57 -0400

Beware, phone thieves: The smartphone ?kill-switch? is comingThe five largest U.S. wireless carriers and many smartphone makers including Apple, Google, HTC, Huawei, Motorola, Microsoft, Nokia, Samsung and others on Tuesday announced they have agreed to include ?kill-switch? technology in all smartphone models released after July 2015, Re/code reports, in a move that should help decrease smartphone thefts and further protect customer data. The companies have agreed to include software features in upcoming models that will allow users to remotely wipe their data and render the devices inoperable once they?re lost or stolen. Apple already has†such features in place in iOS 7, allowing iPhone users to better protect their devices against theft ? the ?Activation Lock? feature in iOS 7 prevents devices from being reactivated even after being


Terrifying interactive map shows global cyber attacks happening in real time

- Wed, 16 Apr 2014 10:09:56 -0400

Terrifying interactive map shows global cyber attacks happening in real timeHeartbleed is hardly the only online threat we have to worry about these days. The massive OpenSSL bug should certainly be taken seriously ? here are all the passwords you should change immediately†because of Heartbleed ? but there are threats around just about every corner on the Internet. LaCie on Wednesday confirmed that it was†the last company to fall victim to a massive cyber attack where users? credit card data was compromised, but it is hardly the only recent target. In fact, you?ll be shocked to learn†how many cyber attacks are taking place right now as you read this. Antivirus and Internet security software firm Kaspersky recently created a beautiful and terrifying interactive world map that gives us a real-time


LaCie is the latest victim of massive credit card breach

- Wed, 16 Apr 2014 06:25:38 -0400

LaCie is the latest victim of massive credit card breachFrench company LaCie, maker of various storage solutions, on Tuesday announced that it has been the victim of a massive attack that exposed the personal data of buyers, including credit cards, to a third party. The company said it was informed by the FBI on March 19 that ?an unauthorized person used malware to gain access to information from customer transactions that were made through LaCie?s website.? The company has hired an investigation firm, and has temporarily disabled its online store, while it secures it. LaCie said that it believes all transactions made between March 27, 2013 and March 10, 2014 may be affected. Hackers were apparently able to access customers? names, addresses, emails, card numbers and expiration dates and


Once-Leading Bitcoin Exchange Mt. Gox Calls It Quits

- Wed, 16 Apr 2014 02:58:13 -0400

Once-Leading Bitcoin Exchange Mt. Gox Calls It QuitsMt. Gox, once the leading Bitcoin exchange, has given up its plans to rebuild following a devastating data breach in February. On February 28, Mt. Gox filed for bankruptcy just days after going offline due to security concerns. The resulting public relations nightmare caused bitcoin prices to dip and ruined Mt. Gox?s credibility as a secure place to store cryptocurrency.


Samsung executive says Galaxy S5 to outsell S4, sees second quarter rollout for Tizen phone

- Wed, 16 Apr 2014 01:43:27 -0400

A man uses his mobile phone in front of a giant advertisement promoting Samsung Electronics' new Galaxy S5 smartphone, at an art hall in central SeoulBy Miyoung Kim and Se Young Lee SEOUL (Reuters) - Samsung Electronics Co Ltd's new Galaxy S5 smartphone should outsell its predecessor and defy predictions that the South Korean titan's latest model will struggle in a tough market for high-end handsets, a top executive said. The world's biggest smartphone maker has slashed prices of the S5, which rolled out globally on Friday, offered a gift pack worth $600, and more than doubled the number of initial launching countries to 125 in a bid to sustain growth in the mobile business, which generates 70 percent of its total profit. A smooth launch is crucial for Samsung, which reported its second straight quarter of profit decline earlier this month as margins in the key smartphone business come under growing pressure from cheaper Chinese rivals. "(The S5) is selling faster than the S4 so far, though it's difficult to share specific numbers as we're still at early stages," Yoon Han-kil, senior vice president of Samsung's product strategy team, told Reuters in an interview.


Wireless industry makes anti-theft commitment

- Tue, 15 Apr 2014 20:57:34 -0400

SAN FRANCISCO (AP) ? A trade group for wireless providers said Tuesday that that nation's biggest mobile device manufacturers and carriers will soon put anti-theft tools on the gadgets to try to deter rampant smartphone theft.

Why you should expect your favorite websites to crash over the next few weeks

- Tue, 15 Apr 2014 20:30:13 -0400

Why you should expect your favorite websites to crash over the next few weeksIf you find yourself unable to access your favorite websites over the next few weeks, don?t worry: The Internet isn?t broken, it?s just undergoing very needed repairs. The Washington Post has talked with some security experts who expect that patching the Heartbleed bug is going to cause major disruptions on the Internet for a while as major web companies scramble to guard their websites against a bug that caught the tech world flat-footed last week. ?Imagine if we found out all at once that all the doors everybody uses are all vulnerable ? they can all get broken into,? Jason Healey, a cybersecurity scholar at the Washington-based Atlantic Council, told the Post. ?The kinds of bad things it enables is


Google knew about Heartbleed for around a month and never told anyone

- Tue, 15 Apr 2014 13:17:11 -0400

Google knew about Heartbleed for around a month and never told anyoneFor the past week, a lot of the tech world has been trying to figure out what to do about the Heartbleed bug that has the potential to compromise the security of any website that uses the Open SSL encryption protocol. However, The National Journal reports that Google got a big head start on patching Heartbleed because it discovered the security hole back in March and never told anyone else about it. In some ways this isn?t too surprising since companies often make sure to patch their own websites and services when they discover security flaws before telling the world about them. However, The National Journal notes that ?keeping the bug secret from the U.S. government may have left federal


Regulators: No interruption after utilities hacked

- Tue, 15 Apr 2014 09:25:06 -0400

Electric, natural gas and major water companies and regional distribution systems in Connecticut have been penetrated by hackers and other cyber attackers, but defenses have prevented interruption, state ...

Major Google Glass update rolls out, as new orders open up

- Tue, 15 Apr 2014 06:25:13 -0400

Major Google Glass update rolls out, as new orders open upGoogle on Friday is not only opening up Google Glass†orders to interested buyers looking to score a pair of smart glasses, but it?s also rolling out a major update to its wearable device, bringing KitKat to Glass owners.†Starting with 9 a.m. EDT, Google will be opening up a ?limited number of spots in the Explorer Program,? but the device will only be available to U.S.-based customers willing to spend $1,500 for it. As for KitKat for Glass, Google describes it as its ?most exciting? update for the device yet. ?Our most exciting update is subtle, but big,? the company wrote on Google+. ?We?ve been working on a significant upgrade to a new version of the Glass software. It?s not a


Not even BlackBerry can escape the Heartbleed bug

- Mon, 14 Apr 2014 21:45:32 -0400

Not even BlackBerry can escape the Heartbleed bugHere?s how you know that Heartbleed is a serious and widespread problem: Even BlackBerry is scrambling to push out patches for it. Although BlackBerry prides itself with being the world?s leader in mobile security, Reuters reports that it was caught flat-footed by the Heartbleed bug just like everyone else and is now planning ?to release security updates for messaging†software†for Android and iOS devices by Friday to address vulnerabilities in programs? exposed by the massive new security flaw. Heartbleed is†a major flaw in†OpenSSL, the security protocol used to encrypt web traffic, that could potentially†allow hackers to swipe any data that users send over the web. News about the bug sent shockwaves throughout the tech industry last week as companies are now


Google unveils email scanning practices in new terms of service

- Mon, 14 Apr 2014 18:22:24 -0400

Surfboards lean against a wall at the Google office in Santa MonicaBy Alexei Oreskovic SAN FRANCISCO (Reuters) - Google Inc updated its terms of service on Monday, informing users that their incoming and outgoing emails are automatically analyzed by software to create targeted ads. The revisions more explicitly spell out the manner in which Google software scans users' emails, both when messages are stored on Google's servers and when they are in transit, a controversial practice that has been at the heart of litigation. Last month, a U.S. judge decided not to combine several lawsuits that accused Google of violating the privacy rights of hundreds of millions of email users into a single class action. Users of Google's Gmail email service have accused the company of violating federal and state privacy and wiretapping laws by scanning their messages so it could compile secret profiles and target advertising.


'Heartbleed' blamed in attack on Canada tax agency, more expected

- Mon, 14 Apr 2014 17:59:33 -0400

The Canada Revenue Agency website is seen on a computer screen displaying information about an internet security vulnerability called the "Heartbleed Bug" in TorontoBy Jim Finkle and Louise Egan BOSTON/OTTAWA (Reuters) - Canada's tax-collection agency said on Monday that the private information of about 900 people had been compromised as hackers exploited the "Heartbleed" bug, and security experts warned that more attacks will likely follow. The breach allowed hackers to extract social insurance numbers, which are used for employment and gaining access to government benefits, and possibly some other data, the Canada Revenue Agency said.


Maker of Android flashlight app with 50M downloads avoids fine after selling location data

- Mon, 14 Apr 2014 17:17:56 -0400

Maker of Android flashlight app with 50M downloads avoids fine after selling location dataThis past December, we reported that a popular Android app called Brightest Flashlight could do more than just shine light. Brightest Flashlight was a simple flashlight app that was highly-rated and had over 50 million installs. However, it had one devious, hidden feature: It would share personal data, such as your location, with advertisers. The FTC caught wind of this and began investigating†the developer. According to GigaOm, the FTC reached a settlement with the developer last week, and it looks like he got away easy. Erik Geidl, the single developer behind Brightest Flashlight, will have to stop collecting location data unless he clearly explains how and why he?s doing so. He will also have to delete any location data he


U.S. retailers to share cyber threat data after Target attack

- Mon, 14 Apr 2014 15:51:38 -0400

People shop at Target store during Black Friday sales in the Brooklyn borough of New YorkU.S. retailers are planning to form an industry group for collecting and sharing intelligence about cyber security threats in a bid to prevent future attacks in the wake of last year's big attack on Target Corp. The National Retail Federation said on Monday it will establish an Information Sharing and Analysis Center, or ISAC, for the retail industry in June. ISACs are industry groups that typically run security operations centers that operate around the clock, providing alerts about emerging threats to their members and sharing information provided by law enforcement and other government agencies. There are more than a dozen such organizations among industries including financial services, emergency services, healthcare, technology companies, public transportation and utilities. The financial services industry ISAC, which is widely considered the most successful group of its type, will help retailers set up the new organization.


Google acquires drone-making startup Titan Aerospace

- Mon, 14 Apr 2014 15:03:27 -0400

Google acquires drone-making startup Titan AerospaceGoogle announced on Monday that it would be acquiring Titan Aerospace, a startup that develops high-altitude, solar-powered drones. Titan Aerospace was previously courted by Facebook for a reported $60 million buyout, but it appears that Google struck first. The Wall Street Journal reports that Google did not divulge the price of the acquisition, but the search giant did say that the 20 or so employees of Titan will remain in their New Mexico location. CEO Vern Raburn will also continue to run the company. Google plans to ingratiate the Titan team with its own Project Loon, an undertaking which hopes to expand Internet coverage by building†large, Internet-enabled balloons for†areas of the world that†are not yet online. ?It?s still early days,


Study shows increase in online information thefts

- Mon, 14 Apr 2014 14:09:20 -0400

NEW YORK (AP) ? The number of Americans who say they've had important personal information stolen online is on the rise, according to a Pew Research Center report released Monday.

Everything iPhone users need to know before switching to Android

- Mon, 14 Apr 2014 14:02:02 -0400

Everything iPhone users need to know before switching to AndroidiPhone fans are by far the most loyal fans out there, but Android Authority has put together a very comprehensive guide for the tiny minority of iPhone users out there who are interested in making the switch to Google?s mobile operating system. The guide contains five major sections for iPhone users that tell you how to move your iPhone contacts, calendars, images, bookmarks and music over to your shiny new Android device. Interestingly, most of the transfers can be done pretty easily through Apple?s own iCloud service that backs up your iPhone?s contacts, calendar events, bookmarks and other key data. In fact, the only part of Android Authority?s†guide that doesn?t at all involve iCloud is its recommendations for moving your


Here?s how to protect yourself with two-step verification on 11 top websites

- Mon, 14 Apr 2014 12:59:25 -0400

Here?s how to protect yourself with two-step verification on 11 top websitesHeartbleed is a very scary bug that came to light recently and once again sent†the Internet into a frenzy†with talk about how to protect yourself from security vulnerabilities and hackers. Several sites also published guides covering how to protect yourself from Heartbleed, suggesting that using stronger passwords could somehow have kept users safe from having their data compromised by Heartbleed. Using complex passwords is always a good idea, but†even the longest password would have been vulnerable in the case of†this particular flaw. What would have offered users solid protection, however, is two-step verification. Two-step verification is a security measure that†adds an additional layer of authentication in order for users to log into a website. So, for example, you might first


German research center target of espionage attack

- Mon, 14 Apr 2014 10:27:57 -0400

The German Aerospace Center says it was the target of a suspected espionage attack for several months. The research center on Monday confirmed a report by German magazine Der Spiegel and said it had asked ...

The tale of two Androids: Before and after the iPhone

- Mon, 14 Apr 2014 08:45:03 -0400

The tale of two Androids: Before and after the iPhoneTaking the stand on Friday in the second U.S. Apple vs. Samsung patent lawsuit, Google?s Android engineering vice president Hiroshi Lockheimer said that the company did not copy iPhone when designing Android. However, Re/code and AppleInsider have obtained internal Google documents submitted into evidence that remind us just how different†Android was in the beginning, with the first Android devices not even supposed to support touchscreen displays. ?We like to have our own identity,? Lockheimer said while defending†Android, revealing that he joined Google in April 2006 to work on Android. The documents in question, however, show how the identity of Android was shaped around the iPhone?s launch, turning it from a BlackBerry lookalike†into an iPhone alternative. The ?Android Project Software Functional


Why Obama's response to the Heartbleed bug is so troubling

- Mon, 14 Apr 2014 02:08:00 -0400

The government reserves the right to keep internet vulnerabilities secret.On Friday, the Obama administration unequivocally denied a report that the NSA had exploited the Heartbleed vulnerability to gather intelligence, part of a swift effort to shut down a damaging storyline that featured the government knowingly failing to shield millions of Americans from an online security flaw. But in so doing, the administration also made two important admissions. First, it can, if pressed, use plain English free of obvious deceit, in contrast to the obfuscation that has characterized the government's response to a stream of revelations about the NSA's vast internet dragnet. The vulnerability made it possible to obtain whatever data was in the memory of the computer during the authentication process, which meant that protective measures like user passwords or security questions might be accessible to hackers.


 

Twitter / SecureMac

http://twitter.com/SecureMac

SecureMac: MacScan 2.9.3 with Google Chrome & SeaMonkey Support Released for Macs #privacy #security #mac - http://t.co/wCy0sddR

- Fri, 18 May 2012 14:52:24 +0000

SecureMac: MacScan 2.9.3 with Google Chrome & SeaMonkey Support Released for Macs #privacy #security #mac - http://t.co/wCy0sddR

SecureMac: Proud @MacworldUK and @MacworldAU reviewed @PrivacyScan and gave it 5/5 stars & an Editor's Choice award! http://t.co/ew6Wjj67

- Thu, 05 Apr 2012 01:30:08 +0000

SecureMac: Proud @MacworldUK and @MacworldAU reviewed @PrivacyScan and gave it 5/5 stars & an Editor's Choice award! http://t.co/ew6Wjj67

SecureMac: Researching new piece of Mac #malware that is currently in the wild infecting computers running OS X. http://t.co/38RsQVAQ

- Tue, 20 Mar 2012 06:00:04 +0000

SecureMac: Researching new piece of Mac #malware that is currently in the wild infecting computers running OS X. http://t.co/38RsQVAQ

SecureMac: SecureMac is honored ~ @MacworldUK has awarded @PrivacyScan as Best of Show for Macworld | iWorld this year. http://t.co/bBqaCH7F

- Fri, 16 Mar 2012 20:18:06 +0000

SecureMac: SecureMac is honored ~ @MacworldUK has awarded @PrivacyScan as Best of Show for Macworld | iWorld this year. http://t.co/bBqaCH7F

SecureMac: Attention Developers, @SecureMac is hiring Cocoa Developers. http://t.co/F4Give2s #jobs #dev #hiring

- Tue, 13 Mar 2012 18:52:23 +0000

SecureMac: Attention Developers, @SecureMac is hiring Cocoa Developers. http://t.co/F4Give2s #jobs #dev #hiring

SecureMac: SecureMac is hiring more Mac Cocoa Developers. See requirements & submit resume! #jobs #macjobs http://t.co/LOfi5e5T

- Mon, 05 Mar 2012 21:06:20 +0000

SecureMac: SecureMac is hiring more Mac Cocoa Developers. See requirements & submit resume! #jobs #macjobs http://t.co/LOfi5e5T

SecureMac: Read how Google's accused of Bypassing Safari's Privacy Controls http://t.co/1KyOlzbH Another Reason for @MacScan @PrivacyScan

- Fri, 17 Feb 2012 16:55:34 +0000

SecureMac: Read how Google's accused of Bypassing Safari's Privacy Controls http://t.co/1KyOlzbH Another Reason for @MacScan @PrivacyScan

SecureMac: PrivacyScan 1.0.1 has been released and is available on the Mac App Store adding bug fixes still 4.99! http://t.co/8fV15Tm7

- Wed, 08 Feb 2012 05:58:53 +0000

SecureMac: PrivacyScan 1.0.1 has been released and is available on the Mac App Store adding bug fixes still 4.99! http://t.co/8fV15Tm7

SecureMac: With the launch of @PrivacyScan in the Mac App Store we're #1 in utilities and ranking in top 10 paid overall. Day 1 http://t.co/Chc4IZDE

- Fri, 27 Jan 2012 02:19:15 +0000

SecureMac: With the launch of @PrivacyScan in the Mac App Store we're #1 in utilities and ranking in top 10 paid overall. Day 1 http://t.co/Chc4IZDE

SecureMac: @fakemacfusion Are you on the macworld press list? Let me know your email to get you off the PR list.

- Thu, 26 Jan 2012 16:06:39 +0000

SecureMac: @fakemacfusion Are you on the macworld press list? Let me know your email to get you off the PR list.

SecureMac: SecureMac staff will be on the Macworld show floor today at booth #442 talking security and demonstrating @PrivacyScan & @MacScan

- Thu, 26 Jan 2012 16:04:23 +0000

SecureMac: SecureMac staff will be on the Macworld show floor today at booth #442 talking security and demonstrating @PrivacyScan & @MacScan

SecureMac: PrivacyScan is now live on the Mac App Store! Check it out and give us your feedback! http://t.co/4W4y8ztO

- Wed, 25 Jan 2012 16:54:46 +0000

SecureMac: PrivacyScan is now live on the Mac App Store! Check it out and give us your feedback! http://t.co/4W4y8ztO

SecureMac: Need an Free/Discounted Expo Hall Pass to @Macworldexpo ? Get em while they last! http://t.co/gHP8PaZe #macworld

- Thu, 19 Jan 2012 20:39:49 +0000

SecureMac: Need an Free/Discounted Expo Hall Pass to @Macworldexpo ? Get em while they last! http://t.co/gHP8PaZe #macworld

SecureMac: We're going to be at @macworldexpo booth #442! Be sure to stop by and learn about the latest products!

- Wed, 18 Jan 2012 22:30:24 +0000

SecureMac: We're going to be at @macworldexpo booth #442! Be sure to stop by and learn about the latest products!

SecureMac: Getting ready for #macworld ~ booth 442. Be sure to follow us if you're still looking for a free expo hall pass, and watch for link.

- Fri, 06 Jan 2012 19:20:40 +0000

SecureMac: Getting ready for #macworld ~ booth 442. Be sure to follow us if you're still looking for a free expo hall pass, and watch for link.

SecureMac: Start off your New Year by changing your passwords. How long has it been? #macsecurity

- Wed, 04 Jan 2012 17:03:38 +0000

SecureMac: Start off your New Year by changing your passwords. How long has it been? #macsecurity

SecureMac: @ken_gok email macsec@securemac.com with as much info as you have on what you downloaded including links and we can check it out!

- Fri, 23 Dec 2011 15:50:24 +0000

SecureMac: @ken_gok email macsec@securemac.com with as much info as you have on what you downloaded including links and we can check it out!

SecureMac: MacScan 2.9.2 Released! Celebrate with us and download a free 30-day trial or upgrade your app! http://t.co/xr3NJoQk

- Tue, 20 Dec 2011 17:09:59 +0000

SecureMac: MacScan 2.9.2 Released! Celebrate with us and download a free 30-day trial or upgrade your app! http://t.co/xr3NJoQk

SecureMac: Love Cyber Monday? Get the http://t.co/G8EB7cwc software bundle for 49.99! First 10k people get MacScan!

- Mon, 28 Nov 2011 17:23:17 +0000

SecureMac: Love Cyber Monday? Get the http://t.co/G8EB7cwc software bundle for 49.99! First 10k people get MacScan!

SecureMac: RT @macscan: 1 Day Only - Black Friday Sale ~ MacScan 80% OFF Use Coupon Code CYBERSALE11 - http://t.co/AtD091ty

- Fri, 25 Nov 2011 05:08:17 +0000

SecureMac: RT @macscan: 1 Day Only - Black Friday Sale ~ MacScan 80% OFF Use Coupon Code CYBERSALE11 - http://t.co/AtD091ty