Google breach may have led to sensitive data leaks

U.S. officials are concluding that the 2010 hacks into Google's servers may have ended with Chinese hackers getting ahold of sensitive data, according to The Washington Post.

Current and former government officials told the Post that the hackers were able to access information on U.S. intelligence, as well as find out which possible Chinese spies government officials may have been targeting.

In January 2010, Google shocked the security community by being one of the first tech companies to disclose that it and other companies had been hit by attacks that originated in China. The Web giant said … Read more

Future Firefox takes tougher stance on mixed content

Mozilla is taking steps to lock down mixed content Web sites for Firefox in an update Friday to Firefox 23 Aurora.

In Firefox 23 Aurora, the pre-beta version of the browser for Windows, Mac, and Linux, Mozilla will block by default mixed active content. Mixed content is a term that refers to a Web site secured with HTTPS that loads some of its content, such as images or scripts, from standard HTTP sources, and can lead to eavesdroppers and man-in-the-middle attacks.

Mixed active content describes things like scripts because they can actively change how you interact with the site. Mixed … Read more

Google security: You (still) are the weakest link

SAN FRANCISCO--Two of Google's top Chrome and Google Apps security experts confessed that the problem of passwords will continue to plague the people who use them and computer security for the foreseeable future.

On the second day of the company's I/O conference here on Thursday, Eran Feigenbaum, the director of security for Google Apps, suggested that people follow three recommendations to stay safer online.

"You should turn on two-step verification, make sure [the browser] is up to date, and make sure your password recovery options are set," the six-year veteran of Google said.

His colleague, … Read more

Google Glass spurs privacy questions from Congress

Several members of Congress sent a letter to Google to ask about privacy concerns related to Google Glass, including how the company will prevent Glass from unintentionally collecting data without user consent.

"Because Google Glass has not yet been released and we are uncertain of Google's plans to incorporate privacy protections into the device, there are still a number of unanswered questions that we share," the Bi-Partisan Privacy Caucus, led by Rep. Joe Barton (R-Texas) wrote in a letter to Google CEO Larry Page.

Eight members of Congress signed the letter, and they want information from Google … Read more

New Mac spyware found in the Oslo Freedom Forum

F-secure is reporting on new malware found for OS X, which appears to be a backdoor application that so far is known to take screenshots of the user's computer and then attempt to upload them to remote servers. The malware is being called OSX/KitM.A.

It's a small application called macs.app and was found on the Mac of an African activist who was a member of of the Oslo Freedom Forum. When installed, the application is appended to the current Mac user's log-in items so it runs whenever the affected user account is logged in. … Read more

LulzSec case in U.K. brings sentences for 4 men

LONDON -- Four members of the LulzSec hacking group were sentenced in court Thursday after pleading guilty to various computer hacking-related charges.

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, were all sentenced together with Ryan Cleary, 21, over a two-day hearing at Southwark Crown Court, London.

Each member of the LulzSec hacktivist group admitted to various hacking charges, including taking down corporate and government Web sites between February and September 2011.

Presiding Judge Deborah Taylor sentenced Ackroyd to 30 months -- serving half -- and Davis 24 months in a Young Offenders institution, serving at least 12 … Read more

Apple, Samsung, others urged to help thwart mobile phone thefts

Apple and other mobile phone vendors are being asked to amp up the fight against cell phone theft.

In a series of letters sent today to the heads of Apple, Samsung, Google, Motorola, and Microsoft, New York State Attorney General Eric Schneiderman requested information on what they're doing to make their phones more safe and secure from thieves. Schneiderman also urged the companies to work with his office to devise ways to cut down on the lure of cell phones to criminals.

The attorney general pointed to a rise in the theft of phones and other mobile devices in … Read more

Bloomberg: Yes, reporters had access to client data

Reporters at Bloomberg had the ability to view the log-in history and certain other account details of the company's clients.

In a mea culpa posted today, Bloomberg News editor in chief Matthew Winkler fessed up to the practice, revealing that reporters had access to Bloomberg terminals through which they could see a user's log-in history and find out when the account was created.

The terminals are computer systems used by both Bloomberg and its subscribers to access the latest financial news and stock quotes and to exchange messages over the firm's secure network.

Reporters also could see &… Read more

Microsoft warns of new Trojan hijacking Facebook accounts

Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts

First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, Microsoft noted in a security bulletin late Friday.

Once downloaded, the Trojan monitors whether the infected computer is logged into a Facebook account and attempts to download a config file that will includes a list of commands for the browser extension. The malware can then perform a variety of Facebook actions, including … Read more