eBay hack could result in social engineering schemes

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

You’ve probably heard by now that eBay is the latest victim of a massive data breach. The popular site has asked users to reset their passwords as a precautionary measure, but the data that matters most is already compromised, and there is nothing you can do to “reset” it.

Details are still sketchy—sort of standard operating procedure for data breach incidents. What we know is that the breach occurred between February and early March, but was just recently discovered. eBay claims that email addresses, encrypted passwords, names, addresses, telephone numbers, and user’s birth dates were compromised.

Read more »

1

Why a larger Surface Pro makes more sense

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Microsoft is hosting a media event in New York tomorrow, ostensibly to unveil new models of its Surface tablet line. Most of the speculation suggests Microsoft will announce some sort of “Surface Mini,” but a larger “Surface XL”—or something to that effect—would be much more useful.

I speak from experience. Most of the time, I’m working from the comfort of my home office and the Surface 2 is locked in its docking station, connected to a 29-inch ultrawide monitor, full keyboard, and wireless touchpad. In that scenario, the Surface Pro 2 functions as a PC, and the fact that it’s a tablet is largely irrelevant.

surface pro 2

The Surface Pro 2 is good, but when working on the road a slightly larger Surface model might come in handy.

Read more »

7

Attack of the clones: detect fake antimalware with these tips

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Security researchers have been stressing the dramatic rise in mobile malware for a few years now—which naturally leads to more users downloading and using some sort of mobile antimalware app. But now even malware protection has become a risk: last month the popular Virus Shield Android app was outed as fraud, and this week Kaspersky announced the discovery of a pair of fake apps using its name in the Google and Windows Phone app stores.

This shouldn't be surprising. When cybercriminals find an attack vector that works, it doesn’t take long for copycats to come along with knockoffs.

securityshowdown primary

Beware: That security app you're downloading might actually be malware.

Read more »

4

FCC puts first nail in the coffin of net neutrality

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

The FCC has voted to start the formal process of establishing new “Net Neutrality” rules. More accurately, the FCC has begun the process of killing the concept of net neutrality in favor of a system that lets broadband providers make money from both sides and charge companies for faster, priority delivery of Internet content.

Tom Wheeler, the FCC Chairman and former telecom lobbyist, pushed forward with a vote to begin the formal consideration process in spite of a backlash against his proposal. The rules are not yet in place—today’s vote simply begins a four-month period for public comment providing an opportunity for supporters and opponents to weigh in before the FCC moves forward to actually implement the new rules.

tomwheeler2 300x300

FCC Chairman Tom Wheeler pushes ahead with contentious "net neutrality" plan.

Read more »

0

ShareFile to add storage options, iPhone app, and more

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Thousands of Citrix customers and partners took over the Anaheim Convention Center this week for Citrix Synergy 2014. The annual event is a platform for Citrix to make big announcements and reveal new products and features, such as those it unveiled for ShareFile, its data storage and file sharing platform.

For starters, Citrix announced the ShareFile StorageZone Connectors SDK. ShareFile already has connectors for Microsoft SharePoint and network fileshares, but the new SDK will enable an IT department or third-party provider to develop connectors to link ShareFile with various data storage solutions. Citrix showed off connectors for Alfresco, Documentum, and Filenet.

Citrix also shared new ShareFile Personal Cloud Connectors. These connectors tie ShareFile to popular cloud storage platforms like Box, Dropbox, Google Drive, and Microsoft’s OneDrive. Citrix described a scenario where these connectors could be used to consolidate data to a central point where it can be more easily managed and secured. IT can enable the ShareFile Personal Cloud Connectors for a defined period of time to provide users an opportunity to seamlessly move data from their personal cloud accounts into ShareFile.

Read more »

0

Report: Phishing scams increasingly using mobile apps to bait victims

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

When it comes down to it, spam and phishing scams rely primarily on exploiting trust. If the attacker can find a way to make the message appear to be from a known source, the odds that a user will take the bait are much higher. This has led to malware infections that access your contacts and send out infected emails on your behalf to everyone you know, and those same basic techniques have been adapted for instant messaging, social networks, and even SMS text messaging. According to a new report from Kaspersky Lab, Mobile apps are the new frontier.

pcw

Kaspersky Lab identified spam and phishing attacks using mobile apps like WhatsApp.

“Gadgets have become popular even among those who had little interaction with computers and are less familiar with computer security," Darya Gudkova, head of the content analysis and research department for Kasperky Lab, said in an email.  "This opens up new vectors of attacks for spammers and phishers.

Read more »

2

IE zero day is the first sign of the XPocalypse

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Well, it took a bit longer than many security experts expected, but the first big security threat for Windows XP users has arrived. The zero day vulnerability will be quickly patched by Microsoft—for supported platforms at least. That means that this will be the first of many open wounds for Windows XP—known vulnerabilities left exposed because the OS is no longer supported by Microsoft.

Security vendor FireEye notified Microsoft about exploits detected in the wild being used against Internet Explorer. The attack in question is specific to IE 9, 10, and 11, but according to Microsoft the underlying vulnerability exists in all versions of Internet Explorer, as well as all supported versions of the Windows operating system other than Server Core. The attack also seems to rely on having Adobe Flash installed.

Microsoft describes some mitigating factors in its security advisory. For example, most versions of Windows Server run in a restricted mode called Enhanced Security Configuration that guards against this threat. The default configuration for Microsoft Outlook, Outlook Express, and Windows Mail is to open HTML messages in the restricted zone, which disables ActiveX controls and reduces the risk. Microsoft also points out that successful exploitation only allows the attacker to access the system or run code in the context of the current user, so systems where the user has fewer rights and privileges are at less risk.

Read more »

25