Nothing lasts forever. We expect that we'll get years of use out of our cars, refrigerators, and mattresses but that eventually they'll need to be replaced, usually with newer, better models. We’ve now reached that point with Windows XP PCs.
But as the clock winds down on Windows XP support, there is a growing clamor from many Windows XP users. They’re pretty sure Microsoft is just trying to squeeze money out of them by “forcing” them to upgrade their operating system or buy a whole new PC.
Each time there’s a high-profile data breach, security experts exhort the same best practices: Create unique logins for every service you use, use complex passwords, vigilantly comb your credit card statements for anomalies. The advice is sound. Unfortunately, it obscures the fact that the safety of your personal information is ultimately in the hands of companies you share it with.
Identity theft is changing. Customer databases are a treasure trove of personal information and much more efficient for hackers to target than individuals. In this new landscape, the guidelines security experts—and journalists like me—espouse are really just damage-control measures that minimize the impact of a successful attack after the fact, but do absolutely nothing to protect your personal data or financial information from the attack itself.
Malware has been around for more than 40 years, but according to a report from Panda Security 20 percent of all of the malware that's ever existed was created in 2013. That’s the equivalent of 30 million new malware threats in one year, or about 82,000 per day.
Given that context, you should probably consider yourself lucky your devices aren’t constantly compromised. Even if you got infected by one malware attack per month, it would still mean you were spared from 99.9999 percent of all the possible new threats. Your antimalware must be doing something right.
Everything may seem happy and shiny as you flit about the Internet, surfing from Facebook to Netflix, and popping in every now and then to check your email. But just as there are dark alleys in a city, though, there is a seedy underside to the Internet as well. According to a new report from McAfee, the “Dark Web” has matured into a dangerous underground marketplace for cybercriminals.
While you’re busy buying the DVD of 12 Years a Slave from Amazon, cyber crooks are doing some shopping as well. They’re buying off-the-shelf, plug-and-play exploit kits from the booming cybercrime-as-a-service industry, or selling stolen personal information and credit card details to other online thieves. The Dark Web works a lot like the normal Web by facilitating innovation and commerce—it’s just more nefarious.
The McAfee Labs Threat Report Q4 2013 notes that recent attacks have been unprecedented in terms of the number of records stolen, and McAfee researchers point out just how efficiently and effectively the malware industry was in serving its customers. “The attackers purchased off-the-shelf point-of-sale malware, they made straightforward modifications so they could target their attacks, and it’s likely they both tested their target’s defenses and evaded those defenses using purchased software.”
It’s no secret that Android is the target for almost all identified mobile malware. Generally speaking, though, if you stick to the official Google Play store your odds of downloading something nefarious are significantly lower than when you download apps from a third-party app store. That isn’t always the case, though, as AVAST claims to have discovered an app in the Google Play app store designed to steal your money.
The app is called Cámara Visión Nocturna—which is Spanish for “night vision camera”—and the name seems ironically apropos for an app engineered to rob you blind. As I write this, it’s still available for download.
Between email, Web pages, books and other texts, we each read thousands of words a day. A company called Spritz has spent the last few years in stealth mode, developing a technology to help us read even more, in less time.
Spritz—which is both the name of the technology and the verb for using it—streams text on your screen one word at a time, which, the company claims, allows your brain to comprehend it much more quickly and easily. Their trademarked tagline is “Reading Reimagined,” and after playing with the technology a bit I have to agree.
You may have heard that the NSA has been spying on just about everyone, everywhere without regard for whether or not they are an actual threat to national security. The allegation that RSA accepted a payment of $10 million in exchange for cooperating with the NSA led some to boycott the recent RSA Conference, or participate in the TrustyCon counter-conference that was hosted around the corner. As it turns out, though, most IT professionals don’t seem all that concerned with the activities of the NSA.
AppRiver conducted a survey of the attendees at the RSA Conference. AppRiver’s Fred Touchette describes in a blog post how the boycott and the apparent success of TrustyCon piqued his interest about where government hacking ranks on the overall threat landscape for IT professionals.