Google exec urges two-factor authentication in wake of tech reporter hack job
In the wake of a multi-faceted hack of a technology reporter that ended with his smartphone, tablet and notebook wiped of all data, Google's spam chief yesterday urged users to set two-factor authentication on their log-ins.
"I ... advise everyone to turn on Google's two-factor authentication to make your Gmail account safer and less likely to get hacked," said Matt Cutts, the head of Google's Web spam team, in a post to his personal blog Tuesday.
Cutts was reacting to the well-publicized hack of Wired reporter Mat Honan last week. The hackers found an alternate email address by scouting Gmail, used that address -- an Apple-issued one that ended in me.com -- and along with a valid billing address and the last four digits of a credit card, both easily acquired elsewhere, convinced Apple's technical support to give them access to the me.com account. Read more...
Yahoo Mail bugs may be behind Android ‘botnet’ spam, says researcher
Accusations that an Android-based botnet is spewing spam may, in fact, be no such thing, but instead a sign that criminals are exploiting bugs in the Yahoo Mail app for Google's mobile operating system, a security firm said today.
"There's no smoking gun, but my guess is that it's not malware," said Kevin Mahaffrey, co-founder and CTO of San Francisco-based Lookout Security, essentially dismissing the botnet possibility. "It's more likely an issue with the Yahoo Mail app."
Lookout has discovered what Mahaffrey called "potential security issues" in Yahoo's Android app, and reported its findings to the California search company's security team. Read more...
NuCaptcha improves integration of Captcha system
A company that makes a security product designed to thwart problems such as comment spam has added new security and customization features for website owners.
NuCaptcha's self-titled product takes a different approach to the Captcha, which stands for "Completely Automated Public Turing Test to Tell Computers and Humans Apart."
A Captcha is usually a jumbled sequence of text that a person must enter before they can perform some transaction on a website, such as signing up for a new e-mail account or writing a comment on a blog. Read more...
Spam rates hit five-year low, but phishing is on the rise
Thanks to successful botnet shutdowns, the amount of spam oozing through the Internet has dropped considerably over the past year, driving the overall percentage of unwanted email messages to depths unseen since 2006. Phishing, however, is on the rise, according to Symantec's June 2011 "State of Spam & Phishing Report" (PDF).
Spam rates dropped 10 percent from April to May of this year. Between May 2010 and May 2011, spam rates plummeted 70.65 percent, according to Symantec. Those percentages appear a bit less impressive, however, when you consider that spam still made up 72.14 percent of all email messages in the month of May. Still, compared to spam rates of more than 90 percent witnessed repeatedly over the past three years, it's a heartening trend.
Less heartening, however: The overall phishing landscape increased by 6.67 percent between April and May, according to Symantec. Phishing websites built with automated toolkits jumped 24.82 percents, and the number of non-English phishing sites surged 17.73 percent, with Portuguese, French, Italian, and Spanish among the popular languages. Read more...
Hackers step up game, spread malware using Bin Laden bait
Hackers today stepped up their use of Osama Bin Laden's death by shoving malware into PCs when users fall for phony claims of photographs and video, security researchers said today.
"It's not really surprising," said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. "We were expecting to see related malware."
The shift to direct attacks follows Monday's campaigns to push fake security software, dubbed "rogueware," to both Windows and Mac users. Read more...