Top 10 Stories

US News - Obama repeats call for Congress to reform NSA in State of the Union

SCMP - Cybercrimes are the hardest cases to detect and the toughest to crack, the police chief said yesterday, as figures showed technology crimes surged by 70 per cent last year despite the overall crime figure dropping to a 10-year low.

ZDNet - They defaced more than 100 Pakistani websites, apparently in retaliation for the defacement of more than 2,000 Indian sites on the country's Republic Day.

IT World - Behind closed doors, U.S. cloud providers and hosting firms say that customers are asking them to wall off data out of fear of government eavesdropping

Softpedia - Security researchers from Check Point have identified a critical vulnerability affecting websites created on the MediaWiki platform. Several Wiki sites have been impacted, including Wikipedia.org.

Graham Cluley - If you use the Gmail app on your iPhone or iPad, it might be sensible to check your Trash and Spam folders before Valentine’s Day.

ZDNet - Yahoo has moved quickly to squash a bug that could have seen an attacker gain root access to its servers.

IT Security Guru - Windows malware that can infect an Android mobile is real, but requires USB debugging to be enabled. Research by Symantec found that a Trojan named Trojan.Droidpak drops a malicious DLL that downloads a configuration file from a remote server which parses a configuration file in order to download a malicious APK to the compromised device, as well as download necessary tools such as Android Debug Bridge (ADB). The ADB is a...

Troy Hunt - Short answer: you can’t trust the page any more than you can trust any other page served over an insecure connection. The longer answer is that an asset has been embedded into a page loaded over HTTPS, but the reference to the asset is over HTTP. Now remember that SSL is not just about encryption, indeed one of the key value propositions of requesting resources over HTTPS is authenticity.

CSO Online - Despite the relaxing of restrictions on Internet companies receiving government requests for data, the Obama administration and Congress need to go much further in aligning spying operations with privacy rights, advocates say. The Justice Department introduced Monday new rules that tech companies must follow in reporting the number and type of information requests received by the government. While the rules give companies more leeway in so-called transparency reporting, they are not a replacement for a...