Cybersecurity for Messaging Services & App Developers

Russians hacked the White House thanks to a simple phishing attack

April 8, 2015
Man sitting at a computer with the word encrypted on a computer screen in front of him

Russians hacked the White House thanks to a simple phishing attack

READ MORE
Man sitting at a computer with the word encrypted on a computer screen in front of him

I read about a phishing attack on the White House on PandoyDaily today. According to Pando (image above was taken from their blog post: State Department hackers conducted a phishing attack that allowed them to access a White House network that had “real-time non-public information about the president’s schedule,” among ot...

READ MORE
Comment

Spear phishing and how to secure a WebView

April 7, 2015

Spear phishing and how to secure a WebView

READ MORE

While most security reports in the media today talk about mobile malware, one security threat that's not getting as much attention as it deserves is Phishing. Phishing spreads a wide net typically through mass mailing emails that appear to be from reputable sources but actually contain links to bogus websites or that include ...

READ MORE
Comment

Why additional layers of content filtering won’t work in the UK

April 6, 2015

Why additional layers of content filtering won’t work in the UK

READ MORE

Today I wrote a post entitled "Why the UK doesn’t need age verification to stop kids from accessing pornography", to which Bob W. Smagge, who has been involved in the EU initiative to create a Better Internet for Kids for several years, responded. Bob directed me to this post that he wrote on the subject. It's a balanced opin...

READ MORE
Comment

Why the UK doesn’t need age verification to stop kids from accessing pornography

April 6, 2015

Why the UK doesn’t need age verification to stop kids from accessing pornography

READ MORE

I agree with the principals of online age verification and the desire to introduce something that works. This is an area that I've researched over the years. We even held work shops with management from ICM Registry to see if we could come up with something that worked for .XXX websites. In short, we didn't get beyond research....

READ MORE
Comment

Google Safe Browsing API vs MetaCert Security API

April 2, 2015
Google Safe Browsing API message

Google Safe Browsing API vs MetaCert Security API

READ MORE
Google Safe Browsing API message

Until last week, MetaCert was the first and only company in the world to offer a Security API to help developers add a thin but powerful layer of security to their apps. An in-app security layer that protects consumers from malware and phishing attacks as well as unwanted content. Last week, Google announced the availability ...

READ MORE
Comment

Why BT is almost right with its advice about protecting your smartphone and tablet from viruses and malware

March 25, 2015

Why BT is almost right with its advice about protecting your smartphone and tablet from viruses and malware

READ MORE

Another article about mobile malware that fails to talk about the real security threat on mobile today. According to a recent post published by BT: Many malware threats on Windows come from infected web sites, scams spread by email and social engineering tricks - and the same applies to mobile devices. Even so, if you use y...

READ MORE
Comment

Leaking apps, not malware, pose greatest mobile threat to enterprises, says NowSecure CEO

March 20, 2015

Leaking apps, not malware, pose greatest mobile threat to enterprises, says NowSecure CEO

READ MORE

According to Andrew Hoog, CEO of NowSecure: Leaky mobile apps, not mobile malware, pose the greatest mobile threat to the enterprise, according to , a maker of mobile app security testing products. The mobile industry is mostly focused on malware. We think that is a legacy from computers….What we see driving risk in the mob...

READ MORE
Comment

Why we need a WHOIS database for apps

March 12, 2015

Why we need a WHOIS database for apps

READ MORE

In case you don't know what a WHOIS database is, it's a central database where records are kept about domain names. You type in a domain name and the WHOIS database will tell you who owns it, when it was registered, who the technical contacts are etc. It's not entirely accurate and it's not as up to date as it could be. But it'...

READ MORE
Comment

Security company M86 Security Labs inadvertently aids HMRC phishing attack

March 11, 2015

Security company M86 Security Labs inadvertently aids HMRC phishing attack

READ MORE

Web security company M86 Security Labs, which is now part of TrustWave SpiderLabs, is inadvertently helping fraudsters to carry out phishing attacks against HM Revenue & Customs. The spoof emails involved in the ongoing attack look practically the same as many previous HMRC phishing emails — and that's because the conte...

READ MORE
Comment

Kaspersky discovers CAPTCHA-duping Podec malware spread via malicious links

March 11, 2015

Kaspersky discovers CAPTCHA-duping Podec malware spread via malicious links

READ MORE

Kaspersky has just reported details about what it believes is the first malware to successfully outwit the CAPTCHA image recognition system. Podec uses a technique to trick the CAPTCHA it is a person in a bid to infect thousands of Android users and subscribe them to premium-rate services. According to SC Magazine: Infect...

READ MORE
Comment