Award-winning security news, opinion, advice and research from Sophos.
BitLocker hacked? Disk encryption – and why you still need it [VIDEO]
Microsoft Windows 7 patch warns of coming patchocalypse
Sacked IT guy annihilates 23 of his ex-employer’s AWS servers
Spycam sex videos of 1,600 motel guests sold to paying subscribers
RT @Sophos: #ICYMI: "Facebook has admitted that it has found many places – hundreds of millions of places, maybe – where it saved users’ pa…
RT @Sophos: More on the #Facebook password debacle: "It’s perfectly possible that no passwords at all fell into the hands of any crooks as…
RT @Sophos: We break down what you need to know about the latest Facebook password debacle, plus tips on securing your account: https://t.c…
Scammer pleads guilty to fleecing Facebook and Google of $121m
⚠️ 0-day alert! Patch now. ⚠️ If you use the Social Warfare plugin on your Wordpress website, please read this thread...
A researcher has published a new and relatively simple way that Windows BitLocker encryption keys can be sniffed in less secure configurations as they travel from Trusted Platform Modules (TPMs) during boot.
A security researcher has discovered a high-severity bug in a popular PHP library that could enable attackers to run remote code on web servers.
Change your Facebook password now!
Opera announced on Wednesday that it’s added its free Virtual Private Network (VPN) service to its Android browser app …again.
In December, the FBI seized the domains of 15 of the world’s biggest “booters” (websites that sell distributed denial-of-service, or DDoS, services) – a crackdown that’s led to an 85% decrease in the average size of DDoS attacks on a year-on-year basis.
We’ll be doing a Facebook Live in 30 minutes on disk encryption - is it worth it? Should I use it on my home laptop? Join us on our Facebook page:
Researcher finds new way to sniff Windows BitLocker encryption keys
Flaw in popular PDF creation library enabled remote code execution
Opera brings back free VPN service to its Android browser
FBI crackdown on DDoS-for-hire sites led to 85% slash in attack sizes
Microsoft has said it plans to patch a new class of Windows security bug discovered by a Google Project Zero researcher despite finding no conclusive evidence that it poses a threat to users.
No sooner has Netflix made an interactive TV show than people are pulling apart its privacy implications and fretting about its potential to leak private information. #Bandersnatch
Hackers set off over 30 emergency sirens in Tornedo Alley, Texas.
It’s been on the to-do list for a while, but Mozilla announced yesterday that with the release of Firefox 66 for desktop and Firefox for Android this week, media autoplay of video or audio is now blocked on websites by default.
Epic Games, the company behind online gaming phenomenon Fortnite, is at the centre of a privacy storm after players noticed that it was gathering data from their Steam accounts and storing it on their computers without permission.
Elsevier – publisher of scientific journals such as The Lancet – has left its users’ passwords and email addresses lying around online. Our advice is to reset your password and if you’ve used the same password elsewhere, change that too.
In a new twist, extortionists are claiming to be corrupt a law enforcement official who has seen you viewing illegal content such as child pornography.
Ep. 024 – Sextortion, malicious adverts and randomness [PODCAST]
Google researcher discovers new type of Windows security weakness
Researchers fret over Netflix interactive TV traffic snooping
Hacked tornado warning systems leave Texans in the dark
Elsevier exposes users’ emails and passwords online
Due to a server migration error around 50 million songs have been erased from MySpace. That includes everything uploaded to the site prior to 2015.
A hacker using the identity ‘Gnosticplayers’ has topped up one of the largest data breaches ever publicised by offering for sale 26 million records stolen from another six online companies.
The judge ruled that there was prima facie evidence that Six4Three had plotted to “commit a crime or fraud” by leaking the Facebook emails in violation of an earlier court order.
A security researcher has found a way to tinker with Windows’ core settings while persuading users to accept the changes, it emerged this week – and Microsoft has no intention of patching the issue.
Kiddle or Kidrex are not reinventing the search engine wheel but the idea is to offer a layer of safety to protect children from inappropriate content online.
CIA bribery scam – crooks offer to erase child abuse evidence for $10,000
Due to a server migration error around 50 million songs have been erased from MySpace. That includes everything uploaded to the site prior to 2015.
What are your views on ‘child-friendly’ search engines like Kiddle and Kidrex?
Microsoft won’t patch Windows registry warning problem
Gargantuan Gnosticplayers breach swells to 863 million records
Court: Embarrassing leaks of internal Facebook emails are fishy
Epic in hot water over Steam-scraping code
MySpace loses 50 million songs in server migration
Child-friendly search engines: How safe is Kiddle?
The US Government is working on an electronic voting system that it hopes will prevent people from tinkering with voting machines at the polls.
Intel released a slew of patches last week, fixing a range of vulnerabilities that could allow attackers to execute their own code on affected devices.
Users of Google’s cloud-based suite of productivity apps could now be asked to authenticate using Google’s Prompt system or security token. #2FA
Update WordPress to version 5.1.1 to protect yourself from a recently patched vulnerability.
🗞️Your top stories from the last week: Citrix admits attackers breached its network, Google says update “right this minute” and John Oliver bombards the FCC with anti-robocall robocall campaign. Read all stories here:
© 2009 creamsocial