Naked Security - Sophos

Encrypted? Check. Strong passphrase? Check. Mailing them together? Oops.

Chester Wisniewski — Sat, 04 Feb 2012 00:30:27 +0000

Encryption only helps secure your data when the keys are a secret, a lesson learned the hard way by Ernst and Young and Regions Financial.

Is Google Bouncer going to bounce all malware from the Android Market?

Vanja Svajcer — Fri, 03 Feb 2012 15:20:21 +0000

Google has pleasantly surprised the mobile malware research community when it announced yesterday that Android apps are analysed for malicious behavior before being allowed onto the Android Market, but is it all good news? Vanja Svajcer, Sophos Principal Researcher, investigates.

US attacks Iran and Saudi Arabia? Malware spreads via Facebook status updates

Graham Cluley — Fri, 03 Feb 2012 15:03:08 +0000

A fake CNN webpage is being linked to from Facebook users' status updates, claiming that World War III has begun. But the real story is the malware waiting to infect your computer.

Anonymous spies on FBI / UK Police hacking investigation conference call

Graham Cluley — Fri, 03 Feb 2012 12:23:44 +0000

A recording of a confidential conference call between the FBI and UK law enforcement officers at the Metropolitan Police has been released by Anonymous on the internet.

DMARC: Microsoft, Facebook and Google unite to fight phishing - but will it work?

Paul Ducklin — Thu, 02 Feb 2012 23:28:10 +0000

If the newswires are to be believed, the death of spam is imminent. Again! The saviour this time round is DMARC, which is backed by Microsoft, Google, Facebook, PayPal, LinkedIn, Bank Of America and more. Find out what it's all about.

Android Counterclank is (not) malware

Vanja Svajcer — Thu, 02 Feb 2012 17:29:12 +0000

Despite the stint of very cold weather in Europe, Android malware scene is warming up. Vanja Svajcer finds an intriguing case for the difference of opinions on the classification of certain Android apps present in Google Android market.

VeriSign admits it was hacked repeatedly in 2010, staff didn't tell senior management

Graham Cluley — Thu, 02 Feb 2012 17:08:51 +0000

Internet giant VeriSign was admitted it was hacked repeatedly during 2010, but its IT staff only informed senior management in September 2011.

Over 1000 email addresses exposed by Metropolitan Police blunder

Anna Brading — Thu, 02 Feb 2012 16:28:10 +0000

1136 victims of crime have had their email addresses inadvertently shared with one another, according to reports.

Don't get slammed by Super Bowl scams

Lisa Vaas — Thu, 02 Feb 2012 14:40:17 +0000

The countdown to first kickoff in Super Bowl XLVI on February 5 has begun, and scams for knock-off team jerseys, counterfeit memorabilia, and fake YouTube videos will be sure to hammer our defenses.

Mac FileVault 2's full disk encryption can be broken in less than 40 minutes

Joshua Long — Thu, 02 Feb 2012 14:17:24 +0000

A company claims it can bypass Apple's FileVault 2 disk encryption "in minutes," as well as volumes encrypted with TrueCrypt.