Week in review: Securing networks in the IoT era, and taking control of Android app permissions
Here’s an overview of some of last week’s most interesting news, podcasts, interviews and articles: Breaking the security of physical devices In this podcast …
Bitcoin-themed phishing campaign creates quite a stir
The latest massive email phishing campaign targeting Bitcoin users has had an unexpected click-through rate. The spam campaign came in two waves, and of the 12,000 messages …
Sneak attack through smartphone shared memory
A weakness believed to exist in Android, Windows and iOS operating systems could be used to obtain personal information from unsuspecting users, research at the University of …
Control Android app permissions with NativeWrap
Tired with using mobile apps that demand unneeded permissions that open the door to data collection and worse? Researchers from North Carolina State University have come up …
Extracting encryption keys by measuring computers’ electric potential
A group of researchers from Technion and Tel Aviv University have demonstrated new and unexpected ways to retrieve decryption keys from computers. Their research is …
Worldwide infosec spending to grow in 2014
Worldwide spending on information security will reach $71.1 billion in 2014, an increase of 7.9 percent over 2013, with the data loss prevention segment recording the fastest …
Critical Delphi and C++Builder VCL library bug found
A buffer overflow vulnerability that could be exploited to execute malicious code has been discovered in the Visual Component Library (VCL) library of Embarcadero’s …
Most popular Android apps open users to MITM attacks
An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be …
Most Facebook email notifications are now encrypted
95% of Facebook’s notification emails are now encrypted with both Perfect Forward Secrecy and strict certificate validation, Michael Adkins, a Messaging Integrity …
51 UPS stores hit with PoS malware
UPS Stores, a subsidiary of UPS, has discovered malware on systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States. …
NIST vetting guide helps in testing mobile apps
While many mobile device apps such as a calendar or collaboration tools are very handy and can improve productivity, they can also introduce vulnerabilities that can put …
Reveton ransomware now comes with password stealers
The Reveton screen-locking ransomware is still with us, and it’s evolving. According to Avast researchers, the latest generation of the malware also includes information …