A fake Android anti-virus application managed to fool many customersÂ into buying it, even though it didn't really have any anti-virus features. The $3.99 quickly rose through the ranks, reaching the top of the Google Play Store sales charts before Android Police discovered the truth behind it. The application was removed from the store once the fraud had been uncovered, but the fact still remained that more than 10,000 users purchased it - The Guardian saysÂ more than 30,000 buyers were duped. However it looks like Google has taken the issue into its own hands and it's making amends to those affected. Android Police reports that Google is now refunding those Android devices users that purchased Virus Shield, and throwing on top
A search engine for the Dark Web has been launched in beta to provide easier access to marketplaces selling illegal drugs and hacking tools and services.
1 day ago Why Security Auditors' (GAO) Recommendations Can't Be Implemented (See especially Pescatore note after the story) (April 17, 2014)SANS Newsbites View Synopsis+1
Gregory Wilshusen, director of information security at the US Government Accountability Office (GAO), says he understands why government agencies do not always implement his recommendations.......
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.
Melissa Andrews, a resident of Canada, is a cyber security "cop" for Payza, an international e-commerce payment platform operating in 97 countries. Her job, described by the company's public relations firm as "the worst security job on the Internet," is to protect the public from illegal, and many times revolting, content, by shutting the sites down and alerting authorities about criminal activity. She spoke with CSO this week about her job and why she is proud of what she does.
1 day ago ERP In The CloudIT Toolbox Blogs View Synopsis+1
As cloud computing continues to grow, more and more companies are moving their ERP systems into the cloud. There are several reasons for this, including cost and convenience. While ERP in the cloud represents only a small portion of ERP installations, that number is growing.
Cloud computing achieves economies of scale by sharing resources among ERP implementations. With a
Security problems like it's 1995
If you've been getting a lot of spam from AOL emails recently it's not because you've fallen into a time rift and it's the nineties all over again - the company has confirmed that it has been under an intensive spoofing attack.
Good essay:To repeat, Heartbleed is a common mode failure. We would not know about it were it not open source (Good). That it is open source has been shown to be no talisman against error (Sad). Because errors are statistical while exploitation is not, either errors must be stamped out (which can only result in dampening the rate of innovation and rewarding corporate bigness) or that which is relied upon must be field upgradable (Real Politik). If the device is field upgradable, then it pays to regularly exercise that upgradability both to keep in fighting trim and to make the opponent suffer from the rapidity with which you change his target.
The whole thing is worth reading.
Triple-handshake flaw stalks Macs and iThings
Apple has squashed a significant security bug in its SSL engine for iOS and OS X as part of a slew of patches for iThings and Macs.
Right, shipmate, identify yourself. LOL? What's your meaning?
Security researchers claim to have uncovered myriad security problems with satellite communication systems. But while major manufacturer Iridium said the security weaknesses identified by security researchers at IOActive were in hand, Thuraya, another satellite comms service, has criticised the report as inaccurate.