Security

Microsoft has signed up to an international standard for protecting customer privacy with online data. Among other measures, Microsoft promises to tell customers when the government demands access to their data. The company has followed ISO standard ... number 27018, which are guidelines set forth by the International Organization for Standardization. It's an attempt to set internationally recognized rules and regulations for the way "personally identifiable information" is handled in cloud services, and where data is stored or processed online rather than on the user's own computer ... (view more)

The US government has been accused of embedding spyware directly onto hard drives using secret manufacturer information. Russian security software manufacturer Kaspersky Lab made the claims, and stem from its efforts to find and eliminate malicious ... software. Kaspersky says officials appear to have only used the spyware to target specific, foreign-based individuals. Kaspersky says that the spyware is part of an operation controlled by the National Security Agency (NSA) , under the name Equation Group. It claims the NSA figured out how to put spying software in the firmware of hard drives made ... (view more)

Chinese spies have reportedly infected the Forbes website in order to steal data from staff at defense and finance organizations. The attack is unlike most attacks on large websites, as the motive was for intelligence, rather than profit. The Forbes ... website attack reportedly took place in November 2014, with the security gap plugged by approximately three days later. To propagate the attack, hackers replaced a legitimate file on the web server used for the "Thought of the Day" feature, which appeared on every page of the Forbes website. The malicious file was then automatically ... (view more)

The Federal Trade Commission (FTC) has warned that the boom in Internet-connected home gadgets could increase security risks significantly. It's put together consumer advice and says it will work on applying the law to this new area of tech. The FTC ... has published a report on the " Internet of Things ". That's something of a vague term, but the commission defines it as any physical object that can connect to the Internet. Today, the Internet of Things doesn't simply apply to computer and smart phones -- it also applies to billions of other objects, including cameras, home ... (view more)

Microsoft has publicly lashed out at Google for revealing a severe security flaw in Windows 8.1 before it was able to release a fix. The public disclosure has reawakened a longstanding dispute about how to go about reporting security flaws. Comments ... on Google's website suggest that the same bug also affects Windows 7 Professional 64bit, with Service Pack 1; if true, it's equally likely the bug also affects other earlier versions of the Windows operating system, including Windows XP, which is no longer supported by Microsoft and will therefore remain unpatched. The bug involves the way ... (view more)

To many, the use of fingerprint readers as a way of password protection may represent the future of high-tech security. But a hacker has recently demonstrated that it's really not that difficult to bypass the security system -- all it takes, in ... fact, is a high-quality digital image. There's no denying that fingerprint passwords are becoming more and more common. They can be used to access PCs and thumb drives, but are becoming most prevalent in the smartphone world, where a quick dab of the finger gives one access to their mobile device. It seems like the perfect security system; ... (view more)

A survey of 2,000 households in the United Kingdom has revealed that few people take their WiFi network's security seriously enough. In fact, the security software firm behind the study, Avast, says our approach to home WiFi security is comparable ... to attitudes towards PC security in the 1990s -- which is not very good at all. Weak WiFi Passwords a Serious Problem Avast's survey revealed a number of alarming issues. First, the company found that more than 50 per cent of all home routers have little or no protection, making them easy to hack. In far too many cases, Avast found people ... (view more)

Have you ever received a suspicious phone call from someone claiming to work for Microsoft's technical support department ? Late last week Microsoft announced that it had sued two technical support companies alleged to have infringed on several ... Microsoft trademarks. According to the firm, these companies called people at home offering support for non-existent problems with the Windows operating system. Microsoft says many people were tricked by the scheme and paid the scammers money for their assistance. Scammers Claim to Represent Microsoft "Defendants have utilized the Microsoft ... (view more)

A new report from security firm ESET finds that the TorrentLocker ransomware scam has now encrypted an estimated 285 million files. Unfortunately, ESET security experts don't see the rate of infections dropping off any time soon. A TorrentLocker ... infection, like other ransomware schemes (such as CryptoWall or CryptoLocker ), usually takes place when a victim downloads a malicious file. Although the name TorrentLocker might suggest infections come through the way of torrents (a file typically used for file sharing), it does not; in fact, most TorrentLocker infections come through email. ... (view more)

A new report suggests that hackers took aim at twice as many businesses in 2014 when compared to the previous year. The report comes from Russian security company Kaspersky Lab; its Global Research and Analysis Team says it detected seven major ... advanced persistent threats (or APTs) over the past twelve months, resulting in approximately 4,400 attacks targeting private sector organizations in an estimated 55 countries. Kaspersky researchers say that's more than double the roughly 1,800 corporations targeted by cybercriminals in 2013 . Sophisticated Attacks May Be Supported by National ... (view more)