Things to Think About Before Using Mobile Banking

Security flaws in banking apps are not the only problem

By Mark Huffman, ConsumerAffairs.com

Banks are increasingly urging customers to use mobile banking, to enjoy the convenience of accessing their accounts with their smartphones. But before jumping on the mobile banking bandwagon, there are dangers to consider.

"Trade securities, transfer funds between eligible accounts and get a single view of your Bank of America banking plus Merrill Edge investment accounts in one place," Bank of America says on its website. "You can also access a full range of investment products, analysis and market insights."

Bank of America and other financial institutions do provide security features and advanced encryption technology, which is good. But is it enough to provide protection against identity theft and other financial crimes? A number of researchers, including Paul O'Farrell of the Identity Theft Council, have warned some mobile banking apps have security flaws.

We've seen how hackers have generally been able to compromise PCs. Smartphones usually have less security than computers, though there are many new mobile security products coming to market. But what if you lose your smartphone?

Read the entire article here.

Apple: Jailbreaking Could Knock Out Transmission Towers

By JEREMY KIRK of IDG News Service\London Bureau

Apple has told the U.S. Copyright Office that modifying the iPhone's operating system could crash a mobile phone network's transmission towers or allow people to avoid paying for phone calls.

The claims are Apple's contribution to the Copyright Office's regular review of the U.S. Digital Millennium Copyright Act (DMCA), a law that forbids the circumvention of copy control mechanisms.

Apple says that modification of the phone's software, a process known as jailbreaking, could lead to major network disruptions. Jailbreaking gets around the copyright control features that prohibit, for example, the installation of applications unapproved by Apple.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.

Researcher reveals massive 'professional thieving' botnet

A nasty piece of malware that's infected up to a million PCs is stealing financial information from consumers and businesses at an alarming rate, a noted botnet researcher said today.

By Gregg Keizer, ComputerWorld

A ferocious piece of malware that's infected up to a million PCs is stealing a "tremendous" amount of financial information from consumers and businesses that log on to their bank, stock broker, credit card, insurance, job hunting and favorite e-shopping sites, a noted botnet researcher said today.

"Clampi is the most professional thieving pieces of malware I've ever seen," said Joe Stewart, director of malware research for SecureWorks' counter-threat unit. "We know of few others that are this sophisticated and wide-ranging. It's having a real impact on users."

The Clampi Trojan horse has infected anywhere between 100,000 and 1 million Windows PCs, said Stewart -- "We don't have a good way of counting at this point," he acknowledged -- and targets the user credentials of 4,500 Web sites.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.

Microsoft rushes patches to fix 'big deal' programming flaw

Developers who used the buggy code 'library' must redo software, update customers

By Gregg Keizer, ComputerWorld

As promised, Microsoft Corp. today patched six vulnerabilities in Internet Explorer and Visual Studio with the first "out-of-cycle" update since last October, when it plugged a hole that the Conficker worm later used to run rampant.

Microsoft has been working on the Visual Studio bugs, and coordinating with third-party developers who may have crafted vulnerable software using Visual Studio, since early 2008.

As some had speculated, Microsoft rushed the patches to users this week to preempt a presentation slated for tomorrow at Black Hat by several security researchers. The researchers plan to demonstrate a way for attackers to bypass the "kill-bit" defenses that Microsoft frequently deploys as a stop-gap measure for fixing bugs.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.

Erin Andrews 'Nude Video' May Install Computer Virus

Searching online for that nude video of ESPN reporter Erin Andrews? Better not, say computer security specialists.

Crafty hackers have created a fake CNN Web page housing what purports to be the video of the glamorous sports reporter undressing — but when you click on it, you're asked to download a specialized video player, which is full of digital nastiness to infect your computer.

Macintosh users are not immune to this one — in fact, the hacker software detects what kind of computer you're using and dumps an even nastier Trojan horse onto Macs than it does PCs.

FOR COMPLETE STORY, PLEASE CLICK HERE.



~Sandy G.