Security

Google has temporarily suspended one of the features on its mobile wallet system for smartphones following word the platform has at least two serious security flaws. Google Wallet allows users to make payments using "near-field communications," a ... wireless protocol like Bluetooth, but with a maximum range of just centimeters. Users can hold, tap or swipe their smartphone next to a payment device without having to worry about the signal being intercepted. 'Brute Force' Could Break Code The system can be protected with a PIN (personal identification number) code, to prevent misuse when ... (view more)

Microsoft's online store in India was compromised over the weekend by a group of Chinese hackers calling themselves the "Evil Shadow Team". The hackers were able to extract user IDs and passwords of the site. While many are questioning how the ... hackers were able to breach Microsoft's security system, more troublesome is the realization that the company might not have taken the proper steps to secure the credentials of their customers prior to the attack. Reportedly, Microsoft stored both login IDs and passwords for its users in plain text files, without any encryption system in place to ... (view more)

Hackers have published source code that could be used to hack computers running Symantec's security program PCAnywhere. The move comes after the security firm refused to meet the hackers' demand for $50,000 in ransom. As we reported last month , the ... code behind a range of Symantec products was originally stolen in 2006. It appears most likely the theft came after Indian military officials demanded access to the code before accepting it for official use. Symantec may have learned of the theft only after hackers revealed they had it, earlier this year. Symantec said in January that several ... (view more)

Google developed a service for scanning the Android Market for potentially malicious apps before they can ever get into the hands of would-be users. Called "Bouncer," the service is set to perform security scans on all new applications in addition ... to apps already featured in the Android Market. Google even plans to run scans on individual developer accounts to keep repeat offenders from coming back. Great Demand for Products Like Bouncer Google's release of Bouncer would appear to be well-timed. Last week, security firm Symantec sent out a warning after stumbling upon what they believed to be ... (view more)

Security software company Symantec has sent out a warning about what it believes to be the largest-ever malware campaign launched against Android smartphone owners. Called "Android.Counterclank," the malware was discovered hidden within 13 different ... apps (smartphone applications) released by three different publishers. Of the enticing titles, "Sexy Girls Puzzle" and "Counter Strike Ground Force" were among the most prolific in duping from one to five million people into downloading the infected software through Google's legitimate app marketplace. (Source: computerworld. ... (view more)

Security firm Symantec is urging all Windows users to disable "PCAnywhere" (a remote-control software program) on their systems immediately. The concern to disable the product dates back to 2006, when Symantec's PCAnywhere source code was stolen, ... but has never appeared in the open until now. Symantec says users running old versions of PCAnywhere could have their systems easily hijacked. A security bulletin on their site says that even the latest edition of PCAnywhere (version 12.5) is "at an increased security threat," and have urged customers to disable the software and ... (view more)

The recent shutdown of file-sharing site Megaupload by the U.S. Department of Justice (DoJ) has resulted in a number of phishing attacks, directly targeting fans of the former service. Phishing is a tactic used to acquire legitimate information, ... such as usernames, passwords and credit card numbers, by masquerading as a trustworthy person or organization. Users unknowingly provide their personal data for use in scams and frauds. A classic phishing attack (still used today) might be an email reportedly from a bank (or similar institution), stating that your account has been suspended. The email ... (view more)

You might normally expect hackers to operate in secret, and to communicate through hidden channels. The group behind a notorious social networking virus, however, appears to be actively and publicly posting about the sites which they attack. ... Facebook has apparently tracked down what it believes to be a group of five men responsible for the notorious "Koobface" virus and has publicly named them. So far, the men have not been confirmed as under investigation by law enforcement, nor have they been formally charged. The company says it will publish further details in coming weeks to ... (view more)

Online battles between Saudi and Israeli hackers have moved from credit card hacks to the shutting down of whole websites. The online 'war' began early this month, when a hacker claiming to be from Saudi Arabia published stolen Israeli credit card ... details . The actual location of the hacker, who used the code-name xOmar 0 (and variations, such as OxOmar), remains in dispute, with some experts claiming he is in Mexico. Assertions about the number of compromised credit card accounts also vary from 15,000 to 400,000. Political Leaders Speak Out The credit card attack had political ramifications ... (view more)

A military and security intelligence firm that fell victim to a hacking attack has suffered another embarrassment, even while analysis reveals that hundreds of military and political officials had their digital details exposed by hackers. As ... reported last month , hackers struck Stratfor (or "Strategic Forecasting"), a Texas-based security consulting and analysis firm. They captured details of some 4,000 clients, cheekily using the stolen credit card information to make charitable donations. Stratfor customers recently received an email apparently sent by CEO, George Friedman, asking ... (view more)