Phone Fraud | Monetary Loss
How a Polite Welsh Lady is Racking up Phone Fraud Losses for Businesses Of the many channels targeted by fraudsters, the call centre is perhaps the most popular. In fact, 61% of fraud losses from account takeovers involve it, according to research by Aite Group. The reason is obvious. More often than not, phone defences […]
Illinois Legislature Considers First of Its Kind Geolocation Privacy Law
The state of Illinois is about to put into law a bill making it illegal to track a user’s location via their phone without the consent of the user. The Illinois Geolocation Privacy Protection Act (HB 3449) was passed by the senate and house in Illinois and is expected to be signed by Gov. Bruce Rauner […]
Android Ransomware Threatens to Leak Victim Data
The attacker community is continuing to expand the variety of ransomware strains it creates, including a recent variant that doesn’t encrypt victims’ files but instead threatens to send personal data and photos to their contacts. Researchers at McAfee discovered this ransomware variant buried within a couple of apps in the Google Play app store recently. […]
Makers of ME Doc Software Say They’ve Closed Backdoor Used By NotPetya
The makers of the M.E. Doc software that has been at the center of the NotPetya malware story say they have produced an updated version of the application that does not include the backdoor that had been slipped in by attackers several months ago. “M.E.Doc has created an update that will ensure safe work in the […]
Google Adds New Anti-Phishing Feature to G Suite
Google is rolling out a new security feature for enterprises customers of its G Suite hosted apps that allows administrators to choose exactly which apps have access to user data. The feature is designed as a barrier against phishing attacks, many of which try to fool or confuse users into giving attackers access to sensitive […]
Free Wildcard Certificates Coming From Let’s Encrypt
Let’s Encrypt, the certificate authority that provides free digital certificates for site owners, plans to expand its service soon by offering wildcard certificates, as well, beginning in January. The move is designed to enable site owners to secure their main domain, along with as many subdomains as they own, with just one certificate. Normal certificates are tied to […]
New Attack Recovers Satellite Phone Crypto Key in Fraction of a Second
A team of researchers from China has developed a new attack on one of the ciphers used to secure the communications of satellite phones that enables them to recover a 64-bit key in a fraction of a second under some circumstances. The work focuses on the GMR-2 cipher used in Inmarsat satellite phones and the attack […]
Google Patches Broadpwn Flaw in July Android Update
Google has released its monthly set of Android patches for July, a release that includes fixes for many, many remote-code execution vulnerabilities, the highlight of which is a serious bug in some Broadcom chipsets that affects a lot of Android devices, as well as some iPhones. That vulnerability, which is known as Broadpwn, will be detailed […]
Ukrainian Police Seize Servers in NotPetya Investigation
UPDATE–Police in Ukraine have confiscated several servers from the software company that develops the M.E. Doc accounting software that is believed to have been an unwitting part of the distribution process for the NotPetya ransomware. Soon after the emergence of NotPetya last week, security researchers from several organizations zeroed in on the update mechanism for the […]