Do you use Facebook? Hundreds of millions of people use the social network to connect with friends and family, share pictures and videos, play games, and more. What you might not realize is that everything you do on Facebook is tracked and logged.
Facebook also keeps track of your search history. When you use the search bar at the top to see if a specific college buddy is on Facebook so you can re-connect, Facebook remembers that. Facebook also remembers if you search for Kim Kardashian or marijuana.
You can see virtually all of your Facebook actions through the Activity Log, and you can change whether things show up on your Timeline, which audience can see the information (in some cases), or delete the action altogether.
A few days ago—ahead of today’s launch of the new iPhone 5—Apple released the latest version of iOS. Apple initially unveiled iOS 6 earlier this year, and it has spent the past few months trumpeting the 200-plus new and updated features. Secretly, though, there are another 197 reasons to make the switch to iOS 6—and they might be more important than the 200 Apple wants you to focus on.
If you refer to Apple’s iOS 6 site, you will learn about the new Maps app, Siri’s expanded skillset, Facebook integration, Passbook, conducting FaceTime chats over cellular networks and many more exciting reasons why you should want the new iOS. But, if you check out the Apple security advisory released on Wednesday you’ll find out that there are also 197 unpatched flaws and vulnerabilities in iOS 5.
The German government is urging people to abandon Internet Explorer to avoid zero-day attacks currently circulating in the wild. Microsoft is scrambling to develop a patch to address the problem. The dirty secret, though, is the attack relies on Java being present, so Java—not Internet Explorer—is the Achilles heel of this equation.
Java was recently the target of attacks against its own zero-day vulnerabilities. However, it turned out that the vulnerabilities weren’t all that “zero-day.” Security researchers had discovered them and reported them to Oracle months earlier, but Oracle didn’t prioritize fixing the flaws until attackers also discovered them and started exploiting them.
In Oracle’s case, the Java patch created new problems. Oracle addressed the vulnerabilities being targeted by the zero-day attacks, but included a different vulnerability it was already aware of, but hadn’t yet developed a patch for.
The threat of digital predation by a virus, or online scam seems so pervasive these days that you might have just accepted it as an inevitable part of life. When a computer virus ends up draining your bank account, however, this common scourge can hit too close to home. The good news is 97 percent of security breaches can be prevented, and if the worst happens, there are tools available to help you cut your losses and beat cyber-crooks at their own game. With the right software and a few simple techniques, digital fraud, identity theft, and sensitive data loss can be easy to thwart.
Over the past couple of years a new breed of malware has been making headlines. These new attacks are very complex, and seem to be directed at precision targets of national or military significance—suggesting that they’ve been developed by nation-states as cyber weapons. New information suggests that these threats may have been developed much earlier than previously thought, and that some of the malware attacks are still evolving and/or have not yet been discovered.
Stuxnet, Duqu, and Flame all seem to be highly sophisticated malware platforms. A coalition of security researchers has been diligently working to unravel Flame, figure out what makes it tick, and learn more about its origins and purpose. The results of the investigation are intriguing and seem to create as many questions as they answer.
According to the Flame investigation, the developers worked very hard to disguise Flame as a legitimate CMS (Content Management System) platform. The data captured by Flame is heavily encrypted on the server using strong public key cryptography to ensure that only the attackers can access it. Your average malware developers don’t generally go to such lengths to protect the stolen data—supporting the idea that Flame is not your average malware.
It is rare to find a new PC that doesn’t come with additional bells and whistles in addition to the operating system itself. The “bloatware” that PC vendors add on often includes useful tools like third-party security software. It seems, though, that some PCs also come with something more insidious—pre-installed malware.
Microsoft researchers investigating counterfeit software in China were stunned to find that brand new systems being booted for the first time ever were already compromised with botnet malware right out of the box. Microsoft has filed a computer fraud suit against a Web domain registered to a Chinese businessman.
The suit alleges that the Nitol malware on the new PCs points the compromised systems to 3322.org. Microsoft believes the site is a major hub of malware and malicious online activity. Microsoft claims that site in question hosts Nitol, as well as 500 other types of malware. A Washington Post report states that it’s the largest single repository of malicious software ever encountered by Microsoft.
Apple is hosting a major media event today to unveil the iPhone 5. In the days leading up to any iPhone announcement there's always a good deal of heated speculation regarding what features and capabilities the new smartphone will have.
Smartphones and tablets store gigabytes of data. They have banking apps, and apps that access credit card or investment accounts. They connect to email, and social networks. If a mobile device falls into the wrong hands, it's possible that sensitive information and data could be compromised. That's why your smartphones and tablets need to be locked down and protected.
One of the rumors floating around about the iPhone 5 is that it might come with fingerprint scanning technology. If it's true, it would be a game changer for smartphone security.