Apple’s iPhone is more vulnerable to phishing attacks than users might realise because it can obscure the true addresses of the websites that phone owners are visiting. Read more
Normally in the business of making others embarrassed, Nick Denton’s Gawker Media empire had some awkward explaining to do itself on Monday after hackers breached the database containing hundreds of thousands of usernames and passwords that people used to comment on the sites in the network.
Gawker executives, who had initially denied the breach, were forced to reverse course and apologise after the hackers posted a large batch of the passwords online. The intruders also took Gawker’s own source code and perused internal chats and employee e-mails, which in turn provided log-in credentials for Google Apps, taking a similar trajectory to the 2009 electronic break-in at Twitter that unearthed sensitive financial information. Read more
A researcher on Thursday posted software tools that he said would enable widespread eavesdropping on calls made over GSM networks with less than $2,000 worth of equipment.
Speaking at the second day of the Black Hat technology security conference in Las Vegas, researcher Karsten Nohl, who had previously reported that he had cracked GSM encryption, said he was distributing the tools free in order to pressure carriers to make fairly simple changes to fix the vulnerability. Read more
More than a hundred innocuous-looking wallpaper applications for Android handsets have been harvesting users’ phone numbers and SIM card information and sending them off to a Website based in China, researchers said Wednesday at the Black Hat tech security conference in Las Vegas.
The wallpapers–background pictures of ponies, basketball scenes and the like–have been downloaded more than a million times, the researchers said in highlighting growing concern about potential for malicious applications on Android, Apple’s iPhone and other smartphones that are rapidly gaining popularity. Read more