Is your online identity protected?

The less you reveal about your location such as your IP address the more secure your connection. Take control over the information you allow to be visible on the internet.

A virtual private network (VPN) extends your private network across the Internet. It enables you to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. This means you can protect your data and IP address. You can also “tunnel” around blocked sites and censorship by having a virtual presence in another country.  A Virtual Private Network (VPN) is your first line of defense on the internet.

Current Security News

SuperProf private tutor site massively fails password test, makes accounts super easy to hack

Dunce thumb

Superprof, which claims to be “the world’s largest tutoring network”, has made its newest members’ passwords utterly predictable… leaving them wide open to hackers.

Graham Cluley

Computer security: Processor vulnerability can be exploited to access memory

  1. Computer security: Processor vulnerability can be exploited to access memory  Science Daily
  2. How to Protect Your PC From the Intel Foreshadow Flaws  How-To Geek
  3. Protecting Our Customers through the Lifecycle of Security Threats | Intel Newsroom  Intel Newsroom
  4. Full coverage

computer security news – read more

Apple Mac “zero day” hack lets you sneakily click [OK]

At the recent DEF CON cybersecurity conference in Las Vegas, macOS security researcher Patrick Wardle did something that the responsible disclosure doctrine says is a bit naughty. He “dropped 0day” on …
mac hacker – read more

Sex extortion emails now quoting part of their victim’s phone number

Extortion email thumb

Some computer users are reporting that they have received a new type of extortion email in their inbox, which – in an attempt to scare them into giving in to demands for money – quotes part of their phone number.

But where are the blackmailers getting the phone number from?

Graham Cluley

Apple Mac “zero day” hack lets you sneakily click [OK]

At the recent DEF CON cybersecurity conference in Las Vegas, macOS security researcher Patrick Wardle did something that the responsible disclosure doctrine says is a bit naughty. He “dropped 0day” on …
mac hacker – read more

US rolls back cyberwarfare rules

  1. US rolls back cyberwarfare rules  Naked Security
  2. Trump is rolling back restraints on US cyber warfare, and it could make an attack on other countries more likely  Business Insider
  3. Trump loosens rules around how the US deploys cyber weapons  NEWS.com.au
  4. Full coverage

cyber warfare news – read more

Credit card skimmers now need to fear the Reaper

Enlarge / The SkimReaper, shown here with a sample card-skimming device, can help law enforcement find and shut down card skimming operations. (credit: Sean Gallagher)

BALTIMORE—At the USENIX Security Symposium here today, University of Florida researcher Nolen Scaife presented the results of a research project he undertook with Christian Peeters and Patrick Traynor to effectively detect some types of “skimmers”—maliciously placed devices designed to surreptitiously capture the magnetic stripe data and PIN codes of debit and credit cards as they are inserted into automated teller machines and point-of-sale systems. The researchers developed SkimReaper, a device that can sense when multiple read heads are present—a telltale sign of the presence of a skimmer.

Nolen and his fellow researchers worked with data provided by the New York City Police Department (NYPD) to assess the types of credit-card-skimming gear currently in the wild. They uncovered four broad categories of skimming gear:

  • Overlays—devices that get placed on top of the slot for the ATM or point-of-sale system. They can be modeled to match a specific ATM type’s card slot or, in some cases, overlay an entire device such as a credit card reader at a retail point of sale. Overlays on ATM machines are sometimes accompanied by a keypad that is placed atop the actual keypad to collect PIN data.
  • Deep inserts—skimmers engineered to be jammed deep into the card reader slots themselves. They’re thin enough to fit under the card as it is inserted or drawn in to be read. An emerging version of this is a “smart chip” skimmer that reads EMV transactions passively, squeezed between the card slot and the EMV sensor.
  • Wiretap skimmers—devices that get installed between a terminal and the network they connect to. This suggests there’s a fundamental security problem to begin with.
  • Internal skimmers—devices installed in-line between the card reader of a terminal and the rest of its hardware. These, Scaife said, are more common in gas-pump card readers, where the attacker has a greater chance of being able to gain access to the internals without being discovered.

Overlays and deep inserts are by far the most common types of skimmers—and are increasingly difficult to detect. Police, Scaife noted, often find them only by looking for the cameras used by skimmers to capture PIN numbers, because most of the common detection tips—including trying to shake the card slot to see if it dislodges—are ineffective.

Read 3 remaining paragraphs | Comments

Biz & IT – Ars Technica

The Andromeda botnet still lingers as nations struggle to clean infected PCs

  1. The Andromeda botnet still lingers as nations struggle to clean infected PCs  Digital Trends
  2. Full coverage

botnet – read more

Video Games In Germany Can Now Maybe Kinda Sometimes Have Swastikas

As you likely know, Germany has some very restrictive laws surrounding how and when Nazi iconography can appear in the country. This has resulted in a heavily-policed artistic community, particularly when it comes to video games, which has produced some fairly funny happenings about games accidentally going to Germany chock full of Nazi stuff and other funny happenings in which the game makers make a show of doing as little as possible to get around the law. In the realm of other media, such as movies, the German government has put in place a review process to make sure that the use of Nazi symbols furthers the artistic or historical accuracy of the entertainment. Video games have not had such a review system. And, look, on some level this sort of attempt by Germany to restrict the use of these hateful symbols is understandable. The kind of global embarrassment that comes with committing the worst genocide in history is the sort of thing that leaves a mark. But we’ve also pointed out that these German laws aren’t so much stamping out fascist thought as they are putting the government’s collective head in the sand as some kind of grand virtue signal to the planet.

Which is why it’s at least a tepid step forward that Germany has revised its position and will now allow Nazi iconography in some video games, some of the time, on a case by case basis.

The government has moved from a blanket ban on swastikas and Hitler moustaches to a case-by-case basis, which will be administered by the USK, Germany’s ratings board.

The official release with the news gives the specifics:

When games that depict symbols of unconstitutional organisations are submitted to the USK for an age rating, the USK committees can now assess them on a case-by-case basis to decide whether the ‘social adequacy clause’ (Sozialadäquanzklausel, as laid out in section 86, subsection (3) of the German Criminal Code) applies. In this context, ‘social adequacy’ means that symbols of unconstitutional organisations can be used in games in individual cases, as long as those symbols serve an artistic or scientific purpose, or depict current or historical events.

Again, the big shift here is actually one of cultural importance, which is the German government will now consider video games as an artistic form, which they undoubtedly are. Movies and television have had a similar review process in place for years, but games were left out. And, as the gaming art form continues to gain ground as the preferred entertainment medium, it was impossible for the German government to ignore this forever. So, while it seems odd to declare a victory in which more swastikas will be seen by the German public, this is much more to do with an acknowledgement of culture than cheering on the Third Reich.

Felix Falk, Managing Director of the German Games Industry Association, says:

This new decision is an important step for games in Germany. We have long campaigned for games to finally be permitted to play an equal role in social discourse, without exception. Computer and video games have been recognised as a cultural medium for many years now, and this latest decision consistently cements that recognition in terms of the use of unconstitutional symbols as well.

It remains to be seen whether or not older games like Wolfenstein will resubmit the original forms of its games for inclusion in all of this, but at least the German government will no longer act as though it can pretend that Nazis were never a thing.

Permalink | Comments | Email This Story

Techdirt.

These Android phones have security defects out of the box, researchers say

  1. These Android phones have security defects out of the box, researchers say  The Mercury News
  2. Millions of Android Devices Are Vulnerable Right Out of the Box  WIRED
  3. Many Android devices ship with firmware vulnerabilities, researchers find  The Verge
  4. Full coverage

android security news – read more

Imposter Fortnite Android Apps Are Already Spreading Malware

  1. Imposter Fortnite Android Apps Are Already Spreading Malware  WIRED
  2. Fortnite for Android is a trailblazing risk for mobile banking  App Developer Magazine
  3. How to add two-factor authentication to your Epic Games account for Fortnite  Android Central
  4. Full coverage

android security news – read more

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
The first stop for security news | Threatpost