Protect online privacy without reading the fine print
Your personal data is out there. Every thought you tap out on Twitter, every status update you post on Facebook, and even the last credit card purchase you made is accessible via the Internet.
Stories by Robert Vamosi
Keep your credit cards safe from skimmers
You're in a restaurant, enjoying a deep conversation. Peripherally, you see the waiter take your credit card and return a few minutes with a slip for you to sign. You think nothing of it until a few hours later when you receive a call from your bank: Someone is racking up serious debt on your credit card, mostly for electronics purchases. Is it you?
Cross-site scripting: An old problem returns
In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook's controversial Instant Personalization feature. The exploit ran on Yelp, one of the three sites that Facebook had selected to test Instant Personalization. Deglin was able to obtain not only Facebook profile information shared with Yelp but also the e-mail addresses for that profile's Facebook friends--a potential gold mine for marketers and spammers alike.
Bugnets Could Spy on You via Mobile Devices
Imagine sitting in a café and discussing the details of a business proposal with a potential client. Neither you nor the client has a laptop; you're just two people having a conversation. But unbeknownst to you, someone half a world away is listening to every word you say. Later, as you leave, you receive a text message referring to the proposal and demanding money in exchange for silence.
Protect data with on-the-go drive encryption
This past January, the health organisation Kaiser Permanente reported a theft of an external hard drive from an employee's car. The hard drive contained data on about 15,500 Northern California patients, including their full names, medical record numbers, and, in some cases, gender, dates of birth, and other info on treatment and care received at Kaiser (but not patients' social security numbers or financial data).
New banking trojan horses gain polish
Criminals today can hijack active online banking sessions, and new Trojan horses can fake the account balance to prevent victims from seeing that they're being defrauded.
Is your PC bot-infested? here's how to tell
As fireworks boomed on the Fourth of July, thousands of compromised computers attacked U.S. government Web sites. A botnet of more than 200,000 computers, infected with a strain of 2004's MyDoom virus, attempted to deny legitimate access to sites such as those of the Federal Trade Commission and the White House. The assault was a bold reminder that botnets continue to be a massive problem.
Former Google VP Suggests User-Based Security
At the Black Hat security conference on Wednesday, former Google VP of Engineering Douglas Merrill gave the opening keynote presentation, and it wasn't a traditional security industry talk. The takeaway: Let users dictate enterprise security needs.
Twitter: a growing security minefield
In June, the world watched as tweets from the streets of Tehran flooded Twitter. Frequent Twitter users--and people who hadn't even heard of the microblogging service--were suddenly and simultaneously witnessing its potential.
Mac botnets don't mean an increased threat (yet)
Writing in the latest issue of Virus Bulletin (registration required), two Symantec researchers report what they believe is the first evidence of a major botnet consisting of compromised Macs.
Deleted data drives new data breaches
According to a new report on data breaches from Verizon Business, cyber criminals are no longer attacking where the credit card files are, but where they once were.