Security and spyware

Facebook starts pushing out new privacy settings

Facebook has started dribbling out the latest changes to its ever-changing privacy controls.

New privacy notifications and menus are now greeting members as they log in to the social network, according to The Next Web. Facebook users in New Zealand seem to be the first on the list to have received these updates.

Based on screenshots published by TNW, members receive a new message alerting them to the changes and explaining how they can block specific users.

A privacy shortcut menu is now part of the main toolbar at the top of your Facebook page. Previously, you'd have to … Read more

Twitter SMS bug lets hackers tweet via other users' accounts

Twitter users who post tweets to their feeds via SMS could be vulnerable to a security flaw, according to a security consultant.

Jonathan Rudenberg yesterday posted to his blog an SMS vulnerability he discovered in Twitter that allows anyone who has knowledge of someone's mobile number to post tweets to that person's feed.

In order for the vulnerability to be exploited, victims must have SMS tweeting authorized on their accounts. From there, the would-be poster needs only to spoof their actual mobile number through an SMS gateway -- something Rudenberg says can be done very easily -- and … Read more

Military judge sets terms for possible Manning plea

Bradley Manning, the U.S. Army private accused of sharing documents with WikiLeaks that were eventually released on the Internet, is now one step closer to handling some of the claims brought against him.

Military judge Col. Denise Lind today accepted the language used to describe seven charges to which Manning could plead guilty. The charges include Manning willfully sending videos, war logs, and other classified materials to WikiLeaks.

The Associated Press was first to report on the ruling.

To be clear, Col. Lind's ruling does not imply that Manning willl offer a guilty plea. Instead, the ruling approves … Read more

U.S. accused of cyberattack on French government

The United States has been charged with launching a cyberattack against France -- a claim the U.S. government has categorically denied.

According to L'Express, a French news outlet, sources with knowledge of a cyberattack that occurred in May have said the U.S. was behind the attack. The news outlet claims that the attack occurred a few days before the country's presidential election and targeted "the team of [former French President] Nicolas Sarkozy."

L'Express' sources say the hackers worked their way through Sarkozy's team to attack his closest advisers. In order to climb … Read more

China cyber-espionage threatens U.S., advisory group warns

Congress needs to take action to deflect the growing threat of Chinese cyber-espionage against the U.S., a U.S. commission recommends in a new report.

Released today, the 500-page annual report to Congress by the U.S.-China Economic and Security Review Commission details various security issues concerning China. But the commission expressed particular fear over the country's ongoing cyberwarfare efforts.

Calling China the "most threatening actor in cyberspace," the report found that in 2012, Chinese state-sponsored hackers continued to target computers systems run by the U.S. government and military as well those maintained in … Read more

Skype disables password resets due to e-mail security flaw

Update, 10:25 a.m. PT: Skype has since resolved the security issue and reinstated the password reset page.

Skype is investigating a security problem that allows someone to take over a user's account by resetting the account password.

The VoIP service provider best known for video calls confirmed in its blog today that it has taken down its password reset page as it probes the issue:

We have had reports of a new security vulnerability issue. As a precautionary step we have temporarily disabled password reset as we continue to investigate the issue further. We apologize for the … Read more

Ransomware a growing menace, says Symantec

Cybercriminals gangs are creating a surge in ransomware, says a new report from Symantec.

Ransomware is a type of malware best described as an online extortion racket. Malware locks or disables your PC in some way and then demands payment in the form of a "fine" to render your PC usable again. Like most scams, the ransomware message claims to come from a legitimate organization, such as the government or a public corporation, to try to convince victims that they did something wrong to incur the fine.

But paying the fine does nothing since the initial malware remains … Read more

Ally Financial sees 'unusual traffic,' cyberattack fears abound

Ally Financial is experiencing some odd traffic issues that have prompted some to wonder if there's more there than meets the eye.

In a statement to CNET today, an Ally Financial spokeswoman confirmed that the company has witnessed some unusual activity across its site, but so far, no major issues have erupted.

"Ally has seen some unusual traffic on our Web site, which we continue to monitor; however, we have not experienced the type of disruption that has been associated with the denial of service attacks," the spokeswoman told CNET in an e-mailed statement. "There has … Read more

Hacker wins $60,000 prize for breaking into Google Chrome

Hack into Google Chrome, and you could win $60,000, at least if you do it through Google's Pwnium 2 competition.

That's just what happened to a hacker dubbed Pinkie Pie, who won the award on Tuesday by exploiting a security hole in Chrome.

In an effort to shore up its browser's defenses, Google holds the competition to challenge hackers to hack their way through Chrome's security to find previously unknown holes. Tuesday's Pwnium 2 contest was held at the Hack in the Box 2012 event in Kuala Lumpur, Malaysia.

"We're happy to … Read more