Recent Posts

iPhone and iPad Hijacking: What You Need To Know

The past 24 hours has seen a spate of stories warning about a spate of ‘ransomware’ attacks on iPhones and iPads – especially in the the UK and Australia. According to the reports, compromised devices are locked and owners are instructed to email a ransom (variously: $100, $50, €100) to one “Oleg Pliss” to have their devices unlocked. These attacks aren’t really news. In fact, the Oleg Pliss scam appears to have been circulating for close to six months. However, it’s worthwhile reviewing what we do (and don’t) know about these latest attacks on mobile devices. Accordingly, Security Ledger has put together a short FAQ that tells you what you need to know about the latest mobile scam, and to dispel some of the rumors floating around in the Internet ether. What’s Going On? According to news reports and complaints on Apple Support forums, owners of iPhones and iPads are having their devices locked. […]

Continue Reading

Report: Samsung Investing In IoT Security

South Korean electronics giant Samsung Electronics Co. said on Tuesday that it will invest heavily in security for the Internet of Things sector, citing security for IoT as a ‘key future technology’ alongside energy storage and harvesting.   The report on Tuesday, from South Korea’s Yonhap News Service said Samsung, currently the world’s top maker of mobile phones, said Samsung is soliciting proposals on IoT security algorithms and protocols through the end of June. Possible applications include “biometrics, smart structures and advanced traffic networks,” according to Yonhap. The announcement comes by way of Samsung’s Future Technology Fostering Center, a research group that the company established last year to help keep it on the cutting edge in technology. According to published reports, Samsung has pledged 1.5 trillion won ($1.34 billion) over 10 years to fund the Center. Approximately 750 billion won ($670 million) will be allocated to research projects through 2017.

Continue Reading

Bad Actor: With Update, LG Says No Monitoring, No Smart TV!

Customers of consumer electronics giant LG are raising alarm about a recent software update that asks owners to agree to have their viewing behavior tracked and monitored, or see their ‘smart’ TVs made dumb: with access to features like YouTube and Netflix disabled. Owners of some models of LG brand SmartTVs who have applied a recent firmware have taken to blogs to complain about a firmware update for their TVs that prompt them to agree to lengthy new Terms of Service and Privacy Agreements. The revised documents grant LG permission to monitor and record their viewing habits and their interactions with the device, including voice commands. Users who do not agree to the new terms find many of their smart TV features disabled, according to customer testimony and an analysis by one independent IT researcher. The prompt to read and accept a new “Legal Notice,” “Terms of Use” and “Privacy Policy” appears when SmartTV users first […]

Continue Reading

Akamai: New DoS Tool Leads To Resurgence of SNMP Attacks

The security firm Akamai issued an advisory to customers on Thursday warning that a new software tool for managing distributed denial of service (DDoS) attacks was leading to a resurgence in large-scale attacks that use Simple Network Management Protocol (SNMP) traffic to overwhelm web sites.   The Threat Advisory (reg wall) was issued by Akamai’s Prolexic Security Engineering and Response Team (or PLXsert). According to the advisory, Akamai began noticing a resurgence in DDoS attacks using SNMP on April 11. The company said that firms in industry verticals including consumer goods, gaming, online hosting and Software-as-a-Service and non-profits had all been targeted.   [Read more Security Ledger coverage of DDoS attacks here.] The company has identified new- and updated tools in the cyber underground, including one dubbed SNMP Reflector – that are enabling the attacks. Simple Network Management Protocol (SNMP) is a protocol that is used for managing devices on a network including […]

Continue Reading

eBay Hacked, Urges Millions To Change Password

The online auction giant eBay said on Wednesday that a compromise of an employee’s account led to the compromise of a database storing passwords and sensitive account data for 145 million customers, worldwide. The company issued a statement on Wednesday saying that it was asking all its users to update their password, following the discovery two weeks ago that an employee’s account had been compromised and used to gain unauthorized access to the database. The hack occurred in late February or March, according to a forensic examination by eBay. eBay conducted what it described as “extensive tests on its networks” and said it did not find evidence of unauthorized activity on eBay user accounts linked to the incident. The online auction firm said it also has no evidence of unauthorized access to financial or credit card information, which is stored separately and in encrypted formats. In the incident, unidentified cyber […]

Continue Reading
1 328 329 330 331 332 397