Encryption

Cat-themed mobile ransomware steals SMS messages, encrypts files

What’s up pussycat? Well, Android ransomware actually…

David Bisson reports.


1 min read

Secure email service GhostMail shutting down, in fear of being abused

GhostMail, a site that offered “military encrypted and self-destructing email accounts”, has announced that it is closing down: GhostMail in its current form will be closed down as per 1. of September 2016. Since we started our project, the world has changed for the worse and we do not want to take the risk of


52 sec read

WhatsApp doesn’t properly erase your deleted messages, researcher reveals

iOS security researcher Jonathan Zdziarski claims to have found a worrying weakness in WhatsApp, that could open a door for intelligence agencies and other prying eyes to snoop upon your private conversations, even after they have been “deleted” from the app.

Read more in my article for the Hot for Security blog.


0 sec read

Would you risk running a VPN in the United Arab Emirates?

Those caught could face jail time and substantial fines.


1 min read

MIT researchers unveil new anonymity scheme that could rival Tor

In response to the disclosure of vulnerabilities in Tor’s design, researchers at MIT have created Riffle, a system that allegedly provides better security and uses bandwidth more efficiently.

David Bisson reports.


2 min read

Facebook Messenger gets opt-in end-to-end encryption with Secret Conversations

Facebook has begun to roll out end-to-end encryption for users of Facebook Messenger, following in the footsteps of the likes of WhatsApp.

Read more in my article on the Hot for Security blog.


0 sec read

Ransomware or ransomworm? Beware of ZCryptor!

A new ransomware variant exhibits worm-like behavior, proving itself to be capable of copying itself to removable drives.

David Bisson reports.


1 min read

welivesecurity.com

65 million Tumblr users should probably be careful…

65 million Tumblr users have had their details compromised as a result of a recently-discovered breach dating back to 2013. But it’s not just their passwords that they should be concerned about.

Read more in my article on the We Live Security blog.


0 sec read

LinkedIn’s poor handling of 2012 data breach comes back to haunt it

Four years after LinkedIn’s security was found wanting, and hackers stole a database containing millions of users’ details, the nightmare isn’t over.

Guest contributor Per Thorsheim shares his opinion.


4 min read

Hit by TeslaCrypt ransomware? Here’s the solution

Too often stories about ransomware infections have unhappy endings.

But in the case of TeslaCrypt there’s some very positive news.


48 sec read

Google’s Allo fails to use end-to-end encryption by default

If there is one thing we have learnt over the years, it’s this. Few users ever change the default settings.


1 min read

Jigsaw ransomware takes a .PORNO twist and a new name

The developers of the notorious Jigsaw ransomware have renamed their malicious creation, given it a new file extension, and outfitted it with a new lock screen.

David Bisson reports.


1 min read

Anti-virus products, security devices affected by 7-Zip flaws

Researchers have uncovered two vulnerabilities in 7-Zip that leave various security devices and anti-virus products vulnerable to attack.

David Bisson reports.


1 min read

Ka-ching! The data breach threat that targets retailers

Criminals like to lurk in the shadows and silently steal money and information when it suits them.

Guest contributor David Share reports.


1 min read

I’m so glad I don’t have a Filofax

Like a complete wombat, I left my smartphone in a taxi on Wednesday night.

But I didn’t need to panic…


1 min read

tripwire.com

Opera browser gets a free VPN – but you’ll need more than this to stay safe online

The desktop edition of the Opera web browser is getting a free, built-in VPN offering users a more secure and private browsing experience.

But can you trust it?

Read my article on the Tripwire State of Security blog.


0 sec read