Link list

How you could steal money from Instagram, Microsoft and Google with help from a premium rate phone number

Researcher Arne Swinnen found an ingenious way to make money from the likes of Google, Microsoft and Instagram – getting their two-factor authentication registration schemes to call a premium rate phone number: “They all offer services to supply users with a token via a computer-voiced phone call, but neglected to properly verify whether supplied phone


32 sec read

Ubuntu Forums hacked (again)

Canonical, the company behind Ubuntu, has warned that there has been a security breach on the Ubuntu Forums site, resulting in the theft of two million members’ usernames, IP addresses, and email addresses: At 20:33 UTC on 14th July 2016, Canonical’s IS team were notified by a member of the Ubuntu Forums Council that someone


39 sec read

Be careful in your inbox. Massive Locky ransomware campaign underway

F-Secure is warning computer users about a significant increase in sightings of the Locky ransomware, typically spammed out posing as invoices or profiles for positions at your company. Here is how researcher Päivi Tynninen described the scale of the malware campaign: Yesterday, Tuesday, we saw two new campaigns with a totally different magnitude: more than


33 sec read

Couldn’t care less about Pokémon Go? Get this Chrome extension

Chrome users may be interested in a new browser extension called PokeGone: Remove Pokemon from the Internet! Sick and tired of hearing about Pokemon? PokeGone will take care of that! This extension will stop your eyes from seeing grown adults raving on about Pokemon – simple as. Remove all traces of Pokemon from the internet


21 sec read

Here’s the very best advice on what you should do with Adobe Flash

On Tuesday, Adobe released a critical update patching over 50 security holes in its Flash Player plugin. Security blogger Brian Krebs says it better than me: It’s bad enough that hackers are constantly finding and exploiting zero-day flaws in Flash Player before Adobe even knows about the bugs. The bigger issue is that Flash is


43 sec read

Android users warned of malicious Pokémon Go app

Security researchers at Proofpoint have discovered a malicious Pokémon Go app that installs a backdoor on Android devices: Proofpoint researchers discovered an infected Android version of the newly released mobile game Pokemon GO. This specific APK was modified to include the malicious remote access tool (RAT) called DroidJack (also known as SandroRAT), which would virtually


45 sec read

Apple devices held for ransom, amid massive iCloud account hack rumours

Steve Ragan of CSO Online: “On July 1, Alanna Coca noticed her iPad had started beeping. When she opened the cover, the lock screen had a message displaying a phrase in Russian – “Dlya polucheniya parolya, napshite na email” – followed by a Gmail address.” “Roughly translated, the phrase was telling her that in order


59 sec read

US government tells Symantec and Norton Antivirus users to apply security patches immediately

Google security researcher Tavis Ormandy has uncovered critical vulnerabilities in a range of Symantec and Norton Antivirus products, which could be exploited by malicious hackers to launch attacks. Here’s the skinny from the United States Computer Emergency Readiness Team (US-CERT): The large number of products affected (24 products), across multiple platforms (OSX, Windows, and Linux),


56 sec read

Big news in the anti-virus industry. Avast to acquire AVG for $1.3 billion

Two of Europe’s most famous anti-virus companies, famous for their free product editions and founded in what was at the time Czechoslovakia, are looking to become one. How much money is on the table from Avast to acquire AVG? A tidy $1.3 billion. Here is what Avast CEO Vince Steckler has to say: “Under an


56 sec read

NASA spacecraft has its Twitter hacked by someone’s butt

Popular Science reports: NASA’s Kepler spacecraft looks for Earth-like planets orbiting other stars. This morning, Kepler’s Twitter account got hacked… and showed its 569,000 followers a moon. The hacker(s?) pinned a tweet displaying a red underwear-clad butt, which has since been deleted, but not before showing up on the NASA homepage. Sadly, it’s not unusual


27 sec read

Hackers should beware bogus UPS couriers bearing handcuffs…

Alexander J Martin of The Register describes the arrest of British student Lauri Love, who allegedly hacked the FBI and NSA, and is wanted for extradition by the United States: Lauri Love was arrested on suspicion of offences under the Computer Misuse Act 1990 early in the evening of 25 October 2013, when a National


54 sec read

Oculus chief latest social media hack victim

BBC News reports: The chief executive of Facebook-owned virtual reality company Oculus, Brendan Iribe, has become the latest in a string of company bosses to have their social media accounts hacked. The Oculus boss had his Twitter account compromised, but it is now restored. Brendan. Take your bloody stupid virtual reality goggles off and see


37 sec read

Not using Adobe’s PDF reader doesn’t mean you’re avoiding PDF malware

Something like 400 million people use Foxit’s PDF reader. And as a dozen vulnerabilities have been found in the software, one hopes that 400 million people are checking they have updated their copy. ThreatPost has the details about the vulnerabilities found in builds 7.3.4.311 and earlier of Foxit Reader and Foxit PhantomPDF: To exploit the


48 sec read

Microsoft rethinks Windows 10 upgrade push following complaints

Dave Lee at BBC News reports: In recent months, in an apparent bid to accelerate adoption of Windows 10, Microsoft altered the way it asked users if they wanted to upgrade. It gave the Windows 10 update “recommended” status, normally reserved for critical security updates. If when prompted to update to Windows 10 users clicked


52 sec read

Unwanted Windows 10 update wins woman $10,000 from Microsoft

The Seattle Times reports: A few days after Microsoft released Windows 10 to the public last year, Teri Goldstein’s computer started trying to download and install the new operating system. The update, which she says she didn’t authorize, failed. Instead, the computer she uses to run her Sausalito, Calif., travel-agency business slowed to a crawl.


44 sec read

Automated bots bombard EU referendum petition with fake signatures

BBC News reports: An online petition calling for a second EU referendum has been hijacked by automated bots adding false signatures. Posts on the 4chan message board indicated that some users had scripted programs to automatically sign the petition. Thousands of signatures appeared to have come from people in Vatican City and Antarctica. The House


46 sec read