Sophos - Naked SecurityAfter exposing usernames and passwords from Bell Canada, hacking group NullCrew claims to have compromised email servers at ISP Comcast.
Sophos - Naked SecurityThe group known as the Syrian Electronic Army (SEA) attempted to commandeer the DNS records of Facebook, but were thwarted by DNS provider MarkMonitor. Are the basic protocols up to the task of protecting us in 2014?
Sophos - Naked SecurityThe US government had a change of heart regarding disclosure of NSA surveillance requests. Tech companies including Facebook, Microsoft, Google, and Yahoo have duly let loose the goods - but six months stale with scant details.
Sophos - Naked SecurityEven though yesterday wasn't a Patch Tuesday, we ended up with two major browser-related updates: an unscheduled Adobe Flash patch, and an expected one: the update from Firefox 26 to Firefox 27.
Paul Ducklin takes a quick look...
Sophos - Naked SecurityAdvertisements don't have a great track record for safety and we are beginning to see more frequent abuse of search and mobile ads to deliver unwanted addons purporting to be legitimate tools. Be careful where you click and closely scrutinize software options before installation.
Sophos - Naked SecurityChet and Duck review the week's news in their informed and entertainingly serious style, discussing the prizes on offer at this year's PWN2OWN competition, talking about a new twist in Android malware, and reviewing the latest attack reports from Yahoo and Target...
Sophos - Naked SecurityHappy 10th birthday, Facebook! We shall celebrate by listicling the service's security and privacy greatest hits and biggest misses. Fasten your Facebelts!
Sophos - Naked SecurityIt's called PWN2OWN because if you successfully pwn, or hack into, the competition laptop, you own it *literally* - you get to take it home with you.
But there's also $645,000 in cash up for grabs, including a Grand Prize for finding, wait for it, an "exploit unicorn"...
Sophos - Naked SecurityWhite Lodging runs businesses such as gift shops and restaurants within big US hotel brands. Guests at one of those hotel brands, Marriott, are advised to check their card statements following the discovery of a 9-month-long card suctioning operation.
Sign up now »
Run your mission-critical applications in a secure and compliant virtual datacenter, or private cloud.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.