By
admin on Thursday, July 29th, 2010 |
No Comments
A developer of Android apps has been accused of using their apps to steal information from more than one million smartphone users.
John Hering and Kevin MaHaffey, of mobile security firm Lookout, told the Black Hat security conference in Las Vegas that they discovered that a wallpaper app developed by Jackeey Wallpaper (who have created over 70 different applications for the Google Android mobile operating system) secretly transmitted affected phones’ numbers, subscriber identifiers, and voicemail numbers to a server in Shenzen, China.
Over a million people are believed to have downloaded the app – which Sophos has not yet seen – from the Android Market (Google’s equivalent to the Apple iPhone AppStore).
This isn’t the first time that the Android smartphone operating system has been targeted by malware, of course.
One of the challenges that owners of smartphones running… Read the rest
By
admin on Thursday, July 29th, 2010 |
No Comments
In a security bulletin, the developers of TYPO3 have announced that they have found and closed a number of critical vulnerabilities in the TYPO3 content management system. The holes include XSS, SQL injection, redirection and arbitrary code execution vulnerabilities.
TYPO3 administrators are advised to upgrade to versions 4.1.14, 4.2.13, 4.3.4 or 4.4.1, where the issues are fixed. These releases are available from the TYPO3 web site.
See also:
(djwm)
Read the original:
Critical vulnerabilities in TYPO3
By
admin on Thursday, July 29th, 2010 |
No Comments
Network World - Google likes to boast that more than 2 million businesses run Google Apps, but IT pros harbor concerns about security in the cloud and the limited functionality presented by Google tools such as Gmail and Google Docs.
Cloud computing was one of the main topics tackled this week at the Burton Group Catalyst conference in San Diego, but interviews with attendees suggest that Google and other cloud providers have a ways to go in convincing tech pros that their security model is robust.
Google Apps vs. Microsoft Office
Still, the same technology pros are impressed by Google’s Web-based collaboration capabilities, even though Google Apps lacks some of the advanced functionality found in Microsoft Office.
“My wife and I use [Google Docs] for everything from budgeting to vacation planning. It actually works great,” says Jonathan LaChance, the global network and
… Read the rest
By
admin on Thursday, July 29th, 2010 |
No Comments
There’s a privacy problem with Internet Explorer, the same one that Apple just fixed in its Safari browser update on Tuesday. When a user visits a Web site, even if it’s a site they’ve never been to and never entered personal data into, site can gain access to their first name, last name, work place, city, state, and email address.
That means the privacy problem largely persists for Internet users as a whole, despite Apple’s move to fix it. “Safari is 4 percent of the Web,” said Jeremiah Grossman, founder and CTO of WhiteHat Security. “IE 6 and 7, if you consider those together, they make up one third of the Web.” In a talk on Thursday at the annual Black Hat USA security conference held in Las Vegas, Nevada, Grossman will walk through examples of what he’s found in Safari, Internet Explorer
… Read the rest
By
admin on Thursday, July 29th, 2010 |
No Comments
Have you seen the headlines? They’re pretty scary-looking.
Here’s just a handful – although there were hundreds more to choose from:
“A fifth of Facebook users names ‘leaked’ to file-sharers”, Techwatch
“Details from 100 million Facebook profiles posted online”, Network World
“Details of 100m Facebook users collected and published”, BBC News Online
“100 million Facebook accounts exposed”, V3
At first glance these headlines might appear frightening. But there’s one thing you need to know. All of this information was already available to anyone on the internet.
What’s happened is that a security consultant called Ron Bowes wrote some scripts to harvest publicly-available information from the profiles of Facebook users who had left their profiles open for anyone to view.
In total he managed to scrape the names and urls of some 100 million Facebook users (about 20% of their population), and posted the database of… Read the rest
