Security

Voice messages from parents to children through a 'smart' cuddly toy could be compromised. The security risk is a combination of a flaw by the designers and poor security practices by users. The issue involves CloudPets, a range of $40 toys designed ... to help working parents stay in touch with their kids. The parent can leave a voice message via a phone app at any time and it will then be sent over the Internet and Bluetooth and played back through a speaker in the toy. The child can then press the toy's paw to record and send a reply. The problem is that while delivering messages ... (view more)

An unfortunate error has led to a massive leak of confidential data online. It's led to calls from users to review their passwords and change the most sensitive ones. The leak involves Cloudflare, which ironically is a security company. It offers a ... service by which it acts a little like a gatekeeper for websites, passing on valid requests for data and blocking those designed to cause disruption. In particular, it combats denial of service attacks (DoS) that aim to bring a website down by sheer weight of incoming traffic - usually bogus traffic. As part of Cloudflare's operations, it ... (view more)

Chrome browser users have been warned to watch out for a sneaky malware attack. The trick involves a bogus on-screen message that claims the user needs to download a missing font. The people responsible are using hacked websites on the WordPress ... platform to operate the scam. They've altered the page so that the text appears to have been corrupted and is made up largely of symbols such as black diamonds and question marks. The page then displays an on-screen message that's carefully designed to look like a genuine Chrome error message, complete with the correct logos, shapes and even ... (view more)

Researchers have found a way to track web users even if they switch web browsers. It could improve security but also weaken online privacy. The researchers at Lehigh University in Pennsylvania were trying to find ways of improving fingerprinting. ... That's a way to attempt to identify an individual user (or at least their computer) without relying on single identifiers such as login details, browser cookies, or an IP address. Instead, fingerprinting involves taking multiple pieces of information provided by a user's browser such as the browser name, it's version, whether they have an ad blocker ... (view more)

IBM's artificial intelligence system Watson is to lend its hand to security. It will help scour millions of reports to try to learn more about current online threats. The Watson system was originally designed to see if a computer could compete on ... Jeopardy!, the show where contestants are given an answer and have to try to figure out the question. It was considered a challenge for computers because, although they can store a lot of information and process it quickly, they don't always have the human ability to decipher meaning and context. In the event, Watson prevailed against two human ... (view more)

Hackers have forced a hotel to ditch its electronic room key system and return to physical keys. But reports that guests were locked in and out of their room turned out to be overblown. The Seehotel Jaegewirt in Austria has been targeted by at least ... four different attacks on its computer system. The most recent involved the system data being encrypted and the hackers demanding a payment in the virtual currency Bitcoin equivalent to around $1,600. The hotel mentioned the attack in a press release designed to raise awareness and warn other hotels of the need to maintain security. A news agency ... (view more)

Microsoft is to launch a simplified all-in-one tool for keeping track of security in Windows 10. It's based around what Microsoft is calling the "five pillars of protection." The new tool will be called the Windows Defender Security Center. As the ... name suggests, it's a mixture of Security Centre (a longstanding menu in Windows) and Windows Defender, Windows 10's built-in security software which replaces the old Microsoft Security Essentials. It's currently in testing among users who have signed up for 'fast ring updates', but will be introduced to the general public via ... (view more)

Squirrels pose more of a threat to infrastructure than cyber terrorists - or, at least that's what one researcher's project implies. Cris Thomas says he found nearly five million people have been affected by power cuts caused by animals since 2013. ... According to Thomas, that's vastly more damaging than deliberate human actions to disrupt power and communications networks. The surprising claim came at a security conference in Washington and attracted attention given many speeches at such events concentrate on the actions of human hackers, terrorists and state governments in ... (view more)

Stolen Yahoo account details could be changing hands for as little as three-hundredths of a cent according to security researchers. It follows a hack of more than a billion accounts. It's the second Yahoo breach reported this year. Back in September ... the news broke that details of more than 500,000 accounts had been accessed by hackers in 2014. Now Yahoo has confirmed a separate attack in 2013 involved the theft of data for more than a billion accounts, something security experts believe makes it a record breach. It's suggested that the stolen data includes email addresses and passwords, ... (view more)

A new form of ransomware offers victims the chance to escape the release fee by fooling two friends into paying up instead. A security expert likened it to a malware version of a pyramid scheme. Traditionally ransomware involves malware getting onto ... a computer and then encrypting all files, with an on-screen message demanding the victim pay a fee to regain access. It's unknown what proportion of people pay up, but some big organizations such as hospitals and police forces are known to have paid the fee in the past, rather than lose sensitive data or access to control systems. The new ... (view more)