“Exploiting this vulnerability,” announced IBM’s Application Security Insider blog, “an attacker could steal arbitrary files from a DropBox / Google Drive user by tricking him into viewing a malicious HTML file inside the mobile app.”
Passwords: young people are lax, rich people are careful
A new survey on password attitudes shows a difference between age groups, income, marital status and more – providing intriguing data that might be as valuable to the sociologist as to the security industry.
Pacemaker virus could lead to “mass murder”
Hackers now have a new attack vector, but one with much more serious consequences than data theft or financial ruin: pacemakers and implantable cardioverter-defibrillators (ICDs).
Top 5 UK SMS spam campaigns are finance-related
When it comes to mobile spam, some campaigns are destined for the Hall of Fame, thanks to how widespread they’ve become. Taking a look at the contenders, mobile security firm AdaptiveMobile has ranked the top five SMS spam campaigns that have plagued U…
Multi-device, multi-vendor IT security departments lack automation, grow risk
Unsurprisingly, complexity in network security environments, particularly multi-vendor environments, yields risk, according to a new survey. And yet, manual processes and a lack of consolidation across operations is still the norm even as IT department…
Shining a light on zero-day attacks
A new study by Symantec researchers seeks a better understanding of zero-day attacks – and finds them more, prevalent, longer-lasting and more dangerous than hitherto realised.
ISO releases cyberspace-focused security standard
The ISO has released a brand-new cyber-security standard aimed at ensuring the safety of online transactions and personal information exchanged over the internet, including e-commerce, online banking, virtual medical records, remote office applications…
miniFlame emerges as small, highly targeted cyber-espionage tool
Spyware families are propagating, with the latest identified spawn being miniFlame, a “small and highly flexible malicious program” suitable for targeted, in-depth cyber espionage operations, according to Kaspersky Lab.
Facing a malware onslaught, Google plans scanner for mobile app market
Google is plotting ways to implement a client-side solution to prevent rogue apps from being downloaded from Google Play, the Android application store, according to an analysis.
UK government’s Facebook login proposals don’t hold water
Earlier this month there was much discussion in leading UK national newspapers about a proposal to allow the use of social media credentials to access government websites. This was confirmed by the Government Digital Service blog, which has promised mo…