News
Microsoft is reading Skype messages
Naked Security: “According to Dan Goodin of Ars Technica, the Microsoft-owned Skype ‘regularly scans message contents for signs of fraud, and company managers may log the results indefinitely. … And this can only happen if Microsoft can convert the messages into human-readable form at will.’”
Viber flaw bypasses lock screen to give full access to Androids
Naked Security: “…a new flaw in Viber allows hackers to more easily bypass Androids’ lock screens than these previous finger-twisters.”
Malware hijacks Twitter accounts to send dangerous links
Network World: “Trusteer has found malicious software that leverages Twitter to infect more computers”
Verizon 2013 DBIR: Financial Cybercime and Cyberespionage Dominate Threat Landscape
Security Week: “Large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012, Verizon said in its latest data breach report.”
Pro-Assad Supporters Hijack CBS on Twitter
Security Week: “The Syrian Electronic Army has claimed responsibility for hacking three CBS Twitter feeds, and a San Diego radio station on Sunday. The compromised accounts were used to spread propaganda.”
The Unique Challenges of Controlling Java Exploits
Security Week: “Java has been a very hot topic for security managers this year due to a steady stream of 0-day Java vulnerabilities that have been disclosed, with many of them being exploited in the wild. However, the challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to controlling them.”
Hype: Security’s Four Letter Word
Security Week: “‘Effective Security is about Solving problems, Not Chasing Hype…’”
Many Organizations Not Ready for Data Breach Cleanup, Study Finds
Security Week: “Much like washing the dishes after a good meal, the cleanup after a data breach can get nasty. Unfortunately, many businesses do not seem to be getting it right.”
Bitcoin storage service, Instawallet, suffers database attack
Computer World: “Instawallet, which stored a person’s bitcoins, said it will refund some lower balances”
IRS going against privacy tide on warrantless email search
Computer World: “Internal Revenue Service told CSO it does not use emails to target taxpayers, but the agency did not address the use of subpoenas”
