New security measures keeps your installed Android apps in check
It's not unusual for a malicious Android app to sneak into Google Play, though they're obviously much more prevalent from third-party sources, especially from sketchy areas of the web. To help protect users from falling prey to an app's malicious intentions, Google is rolling out a new enhancement to its security scheme that will examine an app's behavior after it's been installed.
A so-called "mega breach" can be worth as much as 50 smaller attacks
Large scale cyber attacks are on the rise, says security firm Symantec, which dubbed 2013 "Year of the Mega Breach." According to Symantec, there's a significant shift taking place in how cybercriminals operate. Rather than go in for quick hits with small rewards, cybercriminals are seeing the financial benefit in plotting bigger attacks months in advance. A single mega breach, as Symantec calls these attacks, can yield the same reward as 50 small scale attacks.
Website owners far and wide scramble to fix a major vulnerability
This has been one of the busier weeks in recent history for IT workers and web admins. Earlier this week, researchers discovered a major flaw in OpenSSL, an open source encryption technology that's utilized by an estimated two-third of the world's websites. They're calling it "Heartbleed." By exploiting the bug, cybercriminals can comb through a server's memory and pluck sensitive user data, including usernames, passwords, credit card numbers, and more.
Highest number of valid bug reports came from India, followed by the U.S. and Brazil
Facebook on Friday published an update on the progress of its four-year-old bug bounty program, revealing that it paid out $1.5 million in bounties last year to take the program’s lifetime payouts beyond $2 million.
Managed to log in to dad’s account with simple trick
Each month, the Microsoft Security Response Center publishes a list of security researchers to whom it is thankful for privately disclosing bugs in its online services and, often, working with it to fix them. On the surface, the latest list may not seem too different from the previous ones, but that’s only until you realize that one of the over three dozen security researchers on it is actually a five-year-old kid.
Support for XP might be ending, but the world is not
Security outfit F-Secure has published its Threat Report for the second half of 2013, which provides a detailed look at the threat landscape as well as trends in malware. It also contains some advice for Windows XP users who aren't planning to upgrade to a newer OS once support ends on April 8, 2014. Whether the decision to stick with XP is based on contractual obligations or other reasons, F-Secure says "all is not lost" for businesses and users who ride it out.
Shares of Symantec tumble after security outfit shows its CEO the door
Security firm Symantec announced that it has terminated Steve Bennett as the company's president and chief executive officer, as well as his resignation from Symantec's board of directors. A special committee has begun the search for a permanent replacement, during which time board member Michael Brown will serve as interim CEO. The decision to let Bennett go didn't sit well with investors, who were caught off guard by his surprise dismissal yesterday.
Perhaps it should be called the world wild web to more accurately reflect a landscape fraught with danger, at least if you're taking an alarmist point of view. Sometimes it's hard not to. To wit, security outfit ESET said its research team, in collaboration with CERT-Bund, the Swedish National Infrastructure for Computing and other leading agencies, uncovered a massive cybercriminal campaign in which a backdoor Trojan was able to hijack more than 25,000 UNIX servers around the world.
Microsoft is making a mistake to hang XP out to dry, Avast says
Avast COO Ondrej Vlcek doesn't think Microsoft is doing Windows users a solid by discontinuing support for Windows XP next month. Vlcek digitally inked a cautionary blog post warning Microsoft that turning its back on XP is a "big mistake" that will have negative repercussions not only for XP users, but for the "whole ecosystem." As it stands, Microsoft is planning to end support for XP on April 8, 2014.
Malware writers didn't take a vacation in 2013. Just the opposite, McAfee noted a sharp rise in ransomware, Android malware, suspicious URLs, and other malicious attempts to steal users' data, which the security firm published in its Threat Report for the fourth quarter of 2013. When combining all of its findings across mobile and desktop, security firm McAfee said it detected 200 new threats every minute, or more than three for every second that passed in 2013.