You can take off your aluminum foil deflector beanie, the bad guys aren't interested in what you have stored on your PC. That is, unless you work in the enterprise, in which case data thieves looking to swipe company secrets are a real threat. You may wish to know that Samsung's PM810 solid state drive (SSD) just attained Cryptographic Module Validation Program (CMVP) validation for conformance to the National Institute of Standards and Technologies (NIST) Federal Information Processing Standard (FIPS) 140-2 based on the drive model's heightened data security.
Anonymous seems to be moving up in the world. After attacking a global security research firm earlier this week, elements of Anonymous have now announced a hack from a few months ago the compromised SpecialForces.com, a seller of equipment to the military and law enforcement. As per the usual pattern, the stolen data is now available online.
The now widely used Wi-Fi Protected Access (WPA) standard is apparently not as protected as router makers had hoped. According to a new study, the PIN codes used to lock down the system can be brute forced on many devices by inputting incorrect PIN codes. Millions of routers and access points could be affected.
If you managed to steer clear of all the security threats in 2011, you're obviously doing something right. From hacked websites and Android malware, to the release of the Zeus trojan source code on the Web and everything else, it's been a busy year in the field of security. As we look ahead to 2012, do you know which threats to watch out for?
The outrage over Carrier IQ was bubbling just below the surface for months before it exploded out of modding circles a few weeks ago. The diagnostics software is on many phones, particularly Android handsets, and is used to gather extensive usage data. After the public outcry, Sprint has announced that Carrier IQ will no longer be used on its phones, and will be disabled on current devices.
Got your tin foil hats on? Good – you’ll need it for this. Earlier this week, Accuvant Labs released a study that named Chrome the most secure browser in all the land. Um, one problem: Google was the one that commissioned the study. But the story doesn’t end there! A couple of days ago, NSS Labs – an independent security research firm – released a report of its own, in which it dissected the flaws in Accuvant’s methodology and claimed that the Accuvant study was but a small portion of a wider plan by Google to effectively kill of Firefox. Oh snap!
Starting next month, Microsoft will begin automatically upgrading some Windows users to the latest version of Internet Explorer available for their PCs, the Redmond software juggernaut announced in a blog post today. These silent updates are deemed an "important step in helping to move the Web forward," though consider this a trial run.
Young employees determined to log onto Facebook or bounce around the Web are going to do so, in part because they're motivated to get online and frequently ignore IT policies, and also because the policies in place simply aren't tough enough, according to a global study from Cisco. Seven out of 10 young employees outright ignore IT policies on a frequent basis, and one in four is a victim of identity theft before the age of 30, Cisco says.
Apps masquerading as legitimate third-party programs like Angry Birds, Cut the Rope, Tetris, Need for Speed, and others are part of a so-called "RuFraud" scam in which unknowing victims are charged premium SMS fees. This has reportedly been going on for the past few months, mainly in Europe, and it's something Google is cracking down on by removing offending apps from the Android Market.
The recently discovered Carrier IQ controversy is a little unsettling, to say the least. In short, Carrier IQ is a monitoring program that tracks things like GPS location, app usage details, and HTTP requests, and worst of all, this peeping tom program comes pre-loaded on many Android handsets (there's a way you can check for it if you own a rooted phone). Want to know more?