The Next Web: Last month, Yahoo enabled default HTTPS for all users of its Yahoo Mail service — and now, to support the move, the company announcedthat it has also enabled HTTPS access to Yahoo Contacts and Profile APIs. All developers using the Yahoo Contacts and Profile APIs will need to switch their access protocol to HTTPS by February 27 this year, though the domain name social.yahooapis.com will remain the same.
Read moreDetailsThe Hacker News: Many Smartphone applications support, installation or app data storage to an external SD Card, that can be helpful in saving space on the internal memory, but also vulnerable to hackers. Typically, an app that has permission to read and write data from an SD card has the permission to read all data on that card, including information written by other apps. This means that if you install a malicious application by mistake, it...
Read moreDetailsInfosecurity: Earlier in the week, many consumers experienced a big spike in email spam volume – messages targeting containing financial malware that's familiar from the not-too-distant past. AppRiver, who clocked the increase, said that “this one was quite unlike anything we’ve seen to this point.” In ablog, the company explained that its data center processed 10 to 12 times the normal amount of traffic on Wednesday – mainly due to messages that its analyst team discovered...
Read moreDetailsSC Magazine: A senator has released a report detailing numerous oversights, which have threatened the security of sensitive government data and critical infrastructure operations. On Tuesday, Sen. Tom Coburn, R-Okla., published the 19-page report (PDF), called “The Federal Government's Track Record on Cybersecurity and Critical Infrastructure,” which he prepared along with the Minority Staff of the Homeland Security and Governmental Affairs Committee.
Read moreDetailsSC Magazine: A team of researchers with the University of California in Los Angeles (UCLA) have developed an encoding technology that effectively hides executable program code in plain sight, and without requiring the code to be decrypted before it is run. Preliminary details of the peer-reviewed technique, developed by UCLA Computer Science Professor Amit Sahai and his team of researchers, were announced at a conference late last year, but now Sahai has published a paper detailing...
Read moreDetailsTechcrunch - A new bit of malware, Linkup, is a clever girl. First it takes control of the DNS servers your computer pings to connect to the Internet and, while you’re wondering how to delete it, begins mining bitcoins on the sly. Anti-virus purveyors Emsisoft identified the ransomware in the wild. The program essentially blocks all Internet access, instead throwing up a bogus warning from the Council Of Europe about potential child pornography on your machine.
Read moreDetailsThe Hacker News: According to a recent report 'Spoiled Onions: Exposing Malicious Tor Exit Relays', published by security researchers Phillip Winter and Stefan Lindskog revealed that almost 20 exit relays in the Tor anonymity network that attempted to spy on users’ encrypted traffic using man-in-the-middle techniques.
Read moreDetailsZDNet: Microsoft's efforts to allow foreign customers to move their data to non-U.S. regional datacenters could increase the scope of NSA surveillance, academics and lawyers suggest.
Read moreDetailsPC World - A new exploit that prompted Adobe to release an emergency patch for Flash Player was used in targeted attacks that distributed malware designed to steal log-in credentials for email and other online services, according to researchers from antivirus firm Kaspersky Lab.
Read moreDetailsGCN: The mobile security company Zimperium has released an Intrusion Prevention System app for Android devices that uses artificial intelligence to recognize and block malicious behavior on the mobile devices.
Read moreDetails