Top 10 Stories

Graham Cluley: The notorious Syrian Electronic Army (SEA) claimed another scalp overnight, hijacking the Twitter account of the world-famous Barcelona football club.   The Catalan football team’s Twitter account, which has over 11 million fervent fans, was commandeered by the hackers who posted a message in the hours following a victory over Manchester City.

The Guardian: The personal details of a third of all asylum seekers held in Australia – almost 10,000 adults and children – have been inadvertently released by the Department of Immigration and Border Protection in one of the most serious privacy breaches in Australia’s history.   A vast database containing the full names, nationalities, location, arrival date and boat arrival information was revealed on the department’s website, raising serious concerns that thousands of asylum seekers...

The Register: Insecure firmware handling, poor communications practises and API vulnerabilities are among a range of vulnerabilities security company IOActive has identified in Belkin's WeMo home automation systems.     In its advisory, here, IOActive says it's discovered that the systems leak a hard-coded key and password that Belkin uses to sign firmware. This makes it a cinch for an attacker to create firmware that's presented to the user as legitimate.

Wall Street Journal: Target Corp.'s computer security staff raised concerns about vulnerabilities in the retailer's payment card system at least two months before hackers stole 40 million credit and debit card numbers from its servers, people familiar with the matter said.   At least one analyst at the Minneapolis-based retailer wanted to do a more thorough security review of its payment system, a request that at least initially was brushed off, the people said.

Webroot: Cybercriminals continue to populate their botnets, with new infected hosts, through the persistent and systematic spamvertising of tens of thousands of fake emails which impersonate popular and well known brands – all in an attempt to socially engineer prospective victims into interacting with the scam.  

Macrumors: Apple has begun rejecting games attempting to take advantage of the popularity of the now-defunct Flappy Bird, a hit game that developer Dong Nguyen removed from the App Store earlier in February. Shortly after Flappy Bird was pulled from the App Store, several clones of the original game soared up through the App Store charts, including a game called Flappy Bee, which stole artwork from a different app.  

Techworld: A newly discovered variant of the notorious Zeus banking trojan is disguising a crucial configuration code in a digital photo, a technique known as steganography. Zeus is one of the most effective tools to steal online banking details, hijacking login details as a person accesses his account and masking secret transfers in the background.    

Softpedia: The hackers that breached and defaced the websites of several casinos owned by Las Vegas Sands Corp last week have published a video to demonstrate that they’ve stolen 828 Gb of files from the company’s systems. The data apparently stolen by the hacktivsts hasn’t been published online. They’ve only made the video to show that it’s stored on a local hard drive.

The Intercept: Top-secret documents from the National Security Agency and its British counterpart reveal for the first time how the governments of the United States and the United Kingdom targeted WikiLeaks and other activist groups with tactics ranging from covert surveillance to prosecution.   The efforts – detailed in documents provided previously by NSA whistleblower Edward Snowden – included a broad campaign of international pressure aimed not only at WikiLeaks founder Julian Assange, but at what the...

CSO: Employees using software-as-a-service (SaaS) cloud applications have so many credentials to keep track of that they're far more likely than non-cloud users to compromise their passwords through insecure storage, a recent survey by service and solutions provider Softchoice has found. In a survey of 1000 US and Canadian employees, The Blackstone Group asked workers about their technology and security habits, and found that 36 per cent of employees who were using SaaS applications for work...