Study: IRS exposing Social Security numbers online

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

This tax season you may have more to worry about than how much you owe. A new study from Identity Finder finds the IRS is not properly protecting social security numbers in some tax returns.

Personal tax returns are not public, but the tax returns of non-profit organizations are public domain. Identify Finder used the OCR (optical character recognition) module of its Sensitive Data Manager software to analyze nearly four million publicly available tax return image or PDF files ranging from 2001 to 2012.

The research revealed an alarming failure to safeguard sensitive data. Identity Finder uncovered an estimated 630,000 Social Security numbers exposed online in form 990 tax returns.

Read more »

0

Study: 6 out of 10 Android apps a security concern

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Security vendors have been preaching about the impending doom of mobile malware for a few years now. Each year seems to see a dramatic spike in detected malware over the previous year, but users are starting to get a bit cynical about the coming mobile malware apocalypse. A new report from Webroot once again highlights an increase in mobile malware and also sheds light on how iOS compares to Android.

The Webroot Threat Research team analyzed nearly six million mobile applications, and hundreds of thousands of mobile infections between 2011 and 2013 to compile the Webroot Mobile Threat Report. It also reviewed data from around 125,000 customers who activated Webroot’s Lost Device Protection (LDP) feature.

Webroot found that Android poses a greater security risk than iOS. Webroot identified a 384 percent increase in total threats to Android devices over 2012, and found more than 40 percent of the Android apps analyzed were classified as either malicious, suspicious, or unwanted.

Read more »

5

Lookout study: hackers target mobile attacks by region

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Mobile devices are prime targets for for cyber criminals, and a report by mobile security company Lookout reveals some surprising data about how they plot their attacks.

Lookout collected data from more than 50 million users between January and December of 2013. It analyzed the information and broke it down by region and type of attack to get a picture of mobile attack trends. The results are weighted to normalize the differences between life cycles of users in different regions.

What stood out is that attackers adapt attack behavior to target regions where the attack is more likely to maximize profit while minimizing potential detection.

Read more »

0

One tweak can make your Windows PC virtually invulnerable

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Microsoft published 147 vulnerabilities in 2013 that were rated as Critical. Critical, however, is a relative term, and there is one simple thing anyone can do that would guard against almost every single Critical vulnerability according to a new report from Avecto.

In its 2013 Microsoft Vulnerabilities Study, Avecto found that you could mitigate almost every single Critical vulnerability simply by removing administrator rights. The exact number was 92 percent, but that brings the number of serious threats from 147 down to around 12.

Avecto also determined this would circumvent 91 percent of the Critical flaws in Office, and 100 percent—as in every single Critical vulnerability—of those that impact Internet Explorer.

Read more »

10

Report finds iOS apps riskier than Android apps

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

How many apps do you have on your smartphone or tablet right now? Well, take that number, and multiply it by 0.9. That’s about how many of your apps are a potential security concern according to a new study from Appthority.

The Appthority Reputation Report for Winter 2014 was compiled using data from the cloud-based Appthority App Risk Management Service. Appthority performed static, dynamic, and behavioral app analysis of 400 paid and free apps spanning iOS and Android to assess the relative security and risky behavior of the most popular apps.

Appthority found that 95 percent of the top 200 free apps on iOS and Android exhibit at least one risky behavior. That number drops to 80 percent for paid apps—an improvement, but four out of five paid apps exhibiting risky behavior is hardly something to cheer about. Appthority also discovered that iOS apps are riskier overall than Android apps—91 percent contain risky behavior as opposed to 83 percent on Android.

Read more »

8

Yahoo Mail hack teaches a valuable lesson

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Yahoo Mail was hacked. Details are sketchy in terms of just how many Yahoo Mail accounts have been compromised. Yahoo suggests that the attackers most likely gained access to the data through a third-party database outside of Yahoo control. Regardless of how the compromise occurred, there is a lesson to be learned here…again.

Hacks happen, but If you've followed basic security practices and aren’t using the same login credentials for multiple sites and services, a compromised Yahoo Mail shouldn't put anything at risk other than your Yahoo Mail account. 

Passwords lose their efficacy if you just use the same one for every site and service.

Read more »

16

Retailer data breach trend not likely to end soon

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Three major retail chains have recently admitted being victims of massive data breaches that compromised sensitive data from over 100 million customers. Sadly, though, Target, Nieman-Marcus, and Michael’s are just the beginning of a trend that isn’t likely to fade away any time soon.

Verizon's annual Data Breach Investigations Report (DBIR) from May of 2013 found that 24 percent of the confirmed data breaches in 2012 affected the retail and restaurant sector—second only to the financial sector. In all, there were 156 confirmed data breaches in the retail and food services industries. 

In all three of the recent high-profile cases, attackers were apparently able to plant malware on point-of-sale (PoS) systems to gather credit card information from unsuspecting shoppers. The Target breach affected as many as 110 million customers, Nieman Marcus 1.1 million, and the scope of the Michael’s breach is still a work in progress. There’s a very good chance other retailers have been compromised as well and just haven’t discovered it yet.

Read more »

0