The U.S. Federal Trade Commission is continuing to focus its energies on protecting the growing number of consumers using smart phones and other mobile devices. Next up: a public forum to discuss threats to mobile devices. The FTC announced the one-day public forum on Friday and said it hopes to use the event to address problems like “malware, viruses and similar threats facing users of smartphones and other mobile technologies.” The event will take place on June 4th at the FTC’s offices on New Jersey Avenue NW in Washington, D.C. The public forum is just the latest effort by the nation’s leading watchdog to reign in a free-wheeling mobile application marketplace, and put stronger consumer and privacy protections in place. Earlier this month, the agency released a Staff Report that called on mobile OS, mobile device and mobile application firms to provide clearer guidelines to consumers about how their information […]
Tag: Google
Weekend Security Reads – Our Picks
This was another eventful news week in the security world – stories about hacks on two, prominent newspapers, and a widespread hole in UPnP, a technology that all of us use, but never pay much attention to. (Always a dangerous combination.) Let’s face it, Friday is a time for decamping from the office, not taking on some weighty new mental project or thought provoking issue. But, come Sunday morning over coffee, you might just be ready to switch your higher cognitive functions on again. If so, here are some Security Ledger picks for good weekend reads: Hacking the Old Gray Lady – Slate.com The top security story this week was the string of revelations about sophisticated, targeted attacks against leading U.S. newspapers, including The New York Times and The Wall Street Journal. The Washington Post may also have been infiltrated, according to a report on Krebsonsecurity.com. The attacks by so-called […]
New York Times Hack Puts Antivirus on Defensive
The big news this morning is the New York Times’ scoop on…well…itself. According to a report in today’s paper, the Times’s computer network was compromised for more than four months by attackers believed to be located in China. The attacks followed a Times exposé on the wealth accumulated by family members of China’s prime minister, Wen Jiabao – one of a series of reports in Western media outlets that raised questions about corruption and influence peddling in China’s ruling Communist Party. Attackers planted 45 pieces of information-stealing malware on Times systems, despite the presence of antivirus software from Symantec Corp. protecting those systems before, during and after the hack. The story is fueling debate about the value of anti-virus software and prompted Symantec to issue a statement defending its technology, but warning that signature-based antivirus is not enough to stop sophisticated attacks. According to the Times report, the attacks used compromised systems on […]
Pi Million Dollars! Google Sets $3.14 Million Pot For Pwnium 3 Contest
Google cemented its reputation as the squarest company around Monday (pun intended), offering prizes totaling Pi Million Dollars – that’s right: $3.14159 million greenbacks – in its third annual Pwnium hacking contest, to be held at the CanSecWest conference on March 7 in Vancouver, British Columbia. Google will pay $110,000 for a browser or system level compromise delivered via a web page to a Chrome user in guest mode or logged in. The company will pay $150,000 for any compromise that delivers “device persistence” delivered via a web page, the company announced on the chromium blog. “We believe these larger rewards reflect the additional challenge involved with tackling the security defenses of Chrome OS, compared to traditional operating systems,” wrote Chris Evans of Google’s Security Team. The announcement is part of stepped up efforts by the Mountain View company to put a premium on information about security holes affecting its products, […]
Does Your LinkedIn Profile Hold The Key To Your Password?
Say what you want about social media. The bare fact is that folks use it – more of them every day. In fact, social media sites like Facebook, Twitter and YouTube are growing – quickly – and have come to define our modern online experience. That said: the sites represent a huge security risk. Sites like Facebook, Twitter and Instagram are increasingly used as platforms to circulate scams and malicious links. A larger and more nebulous threat is posed by all the information that organizations and their workers are spilling online. It’s already common knowledge that hackers and other “bad guys” comb through worker profiles or LinkedIn, Facebook and other sites to help craft targeted attacks. But could your social networking profile provide more useful information – like your password? Independent security researcher Itzik Kotler thinks so. Kotler is the creator of Pythonect, a new, experimental dataflow programming language based […]
