Profile of Mathew J. Schwartz
News & Commentary Posts: 203
Mathew Schwartz served as the InformationWeek information security reporter from 2010 until mid-2014.
Articles by Mathew J. Schwartz
3/26/2014
Cybercrime forums selling advanced attacks on demand are outpacing businesses' ability to defend themselves, new study from RAND finds.
2/24/2014
Default usernames, weak passwords, and widespread Windows XP Embedded systems are cause for concern, SANS Institute researchers say.
1/3/2014
First, the bad news: Windows XP doomsday, escalating ransomware, botnet-driven attacks, emerging SDN threats. The good news: Threat intelligence goes mainstream.
12/20/2013
The FBI says a Harvard undergrad's decision to access Tor over the university's wireless network helped unmask an alleged sender of bomb threats.
12/16/2013
NSA says it thwarted a nation state's BIOS-bricking malware plot, but info security and privacy experts say the agency is trying to snow the American public.
12/13/2013
July data breach that affected up to 150,000 employees traces back to a string of managerial and technical failures, investigators conclude.
12/11/2013
Leaked NSA documents indicate it uses Google's advertising cookies to track targets for offensive hacking.
12/3/2013
Increased spending on salaries, training, and budgets puts IT in a "sweet spot for employment and investment," says latest Society for Information Management data.
12/2/2013
Need a little extra time off? Ad campaign offers fake virus attack on your computer's screen.
11/25/2013
Leaked document details agency's "implants," satellite intercepts, joint CIA eavesdropping operations, and embassy-based monitoring programs abroad.
11/5/2013
Google sweetens Android with SELinux, plus anti-rootkit technology that makes life difficult for malware -- but also for Android modders.
11/4/2013
N.Y.-based co-founder of anonymous digital currency service that allegedly laundered $6 billion also admits to marriage fraud, repeat child pornography charges.
10/30/2013
WinXP is already an easy target for hackers, and it will get even simpler once Microsoft ends support for the 12-year-old OS in April.
10/28/2013
Is the security payoff from using Twitter's two-factor authentication system worth the risk of losing account access?
10/23/2013
Network Solutions blames blacklisted servers and DNS problems after going down for the third time in as many months on Sunday. Some customers say goodbye.
10/21/2013
Microsoft hasn't released a repair for RT devices bricked by a boot configuration "blue screen of death," but unofficial fix appears to work.
10/14/2013
Variations in how different smartphone accelerometers record data raise concerns that advertisers, intelligence agencies or others could use this information to identify individual devices.
10/8/2013
Google says mobile malware threat is overblown, with problems seen in just 0.001% of Android app downloads.
9/20/2013
Crowd-funded effort also promises erotica, bourbon, bitcoins and whiskey to the first person who can successfully bypass the iPhone 5s Touch ID fingerprint reader.
9/19/2013
Android and iOS exploit expert Charlie Miller says businesses have more pressing security concerns than today's minuscule amount of mobile malware.
9/13/2013
Apple will soon release the iPhone 5s, and hackers plan to test these 6 exploit techniques on the smartphone. Will the fingerprint scanner hold them off?
9/11/2013
Will Apple's fingerprint-based authentication make your iPhone 5s more secure, or will it cause more trouble than it's worth?
9/5/2013
Most mobile devices are stolen at public schools, followed by personal automobiles, and wind up as far away as Mongolia and other farflung places, says study.
8/14/2013
A meme gained steam this week about child stalkers' ability to use GPS-tagged smartphones images posted on social networks. We break down the privacy facts.
8/13/2013
Commonly blacklisted and whitelisted iOS and Android apps include DropBox, Netflix and Angry Birds. Why aren't more companies blacklisting mobile device apps?
8/13/2013
To fight smartphone theft, public officials tell smartphone makers to add remote-deactivation, tracking and recovery features. But manufacturers may not do the job right.
8/9/2013
Watch what you download: Study finds that 22% of the top Android apps in Google's official app store are adware.
8/6/2013
Microsoft warns information security managers to validate access points or risk attackers exploiting weak crypto to steal network credentials, gain access.
7/31/2013
Thumb-scan authentication for your smartphone might sound sexy, but bypasses remain all too easy.
7/29/2013
Victims get hit with a bill of more than $3,000 -- and given just three days to pay -- for what's labeled as an annual subscription fee to an online adult video site.
7/17/2013
Google has patched a vulnerability that attackers could exploit via QR codes to take full control of the wearable Google Glass devices.
7/12/2013
FBI and Homeland Security temporarily slowed attacks by giving U.S. service providers info on Chinese hackers' command-and-control infrastructure.
7/8/2013
Lawsuit accused Google's Disco "group texting" service of having "jammed" cellphones with torrents of unwanted texts.
7/2/2013
Symantec spots privacy leak and Facebook issues patch, saying it was an inadvertent coding error and phone numbers did not go public.
7/1/2013
Secure your Android smartphones and tablets using antivirus, encrypted communications, child locks, password managers and other tools featured in our roundup.
6/28/2013
Facebook rewards U.K. researcher with $20,000 for discovering a mobile device confirmation bug that could be used to take control of any Facebook account.
6/27/2013
Latest version of Android OS rebuffs most malware, says study, but carriers continue to drag their feet on providing upgrades and patches.
6/26/2013
Android devices at risk over vulnerability in backup software that can be exploited to provide root access to LG smartphones.
6/20/2013
PrivacyStar bills itself as first app with ability to block calls and texts, add Caller ID and report abusive callers directly to FTC.
6/7/2013
Android Trojan "Odad.a" rivals Windows malware in the harm it can do to mobile device users, say experts.
6/4/2013
Criminals can move dirty money using digital currency, MoneyPak vouchers, even gold. But it's getting tougher to disguise money trails.
5/21/2013
Guantanamo Bay Naval Base authorities turn off Wi-Fi and social media after Anonymous threatened to shut them down.
5/16/2013
While mobile network operators are creating a global database to track stolen smartphones, some police say that's not enough. New York's Attorney General wants more from smartphone makers.
4/18/2013
FTC should crack down on wireless carriers and smartphone manufacturers that put their customers at risk by failing to update Android devices.
4/17/2013
ACLU urges FTC to let consumers return carrier-supplied Android devices for full refund or exchange within two years if they don't get regular security updates.
3/26/2013
Targeted, data-stealing attack launched via Tibetan activist's email account leads to Chinese server in Los Angeles, says Kaspersky Lab.
3/12/2013
Mobile configuration files used by carriers could be repurposed to steal data and remotely control an iPhone or iPad, security firm warns.
3/8/2013
FTC has filed 8 civil lawsuits against cell phone spammers, accusing them of promoting award scams.
2/14/2013
House revives controversial cybersecurity information-sharing bill, but can CISPA 2.0 address lingering privacy concerns?
12/19/2012
London Fire Brigade moves to allow people to summon rescuers via Twitter, parallels "text to 911" efforts in the United States.
12/18/2012
Mobile networks, banks, energy companies and other critical infrastructure providers could be required to report all breaches to EU authorities.
12/6/2012
More than 90% of mobile device browsers now in use failed safety checks, find Georgia Tech researchers.
12/4/2012
Geotagged photo reveals location of murder suspect John McAfee, on the run from authorities in Belize.
11/30/2012
War of words and hacked websites continues, even as the Palestinian territories receive upgraded state status from the United Nations.
11/27/2012
DDoS attack traffic could overwhelm not just targeted websites, but also every intervening ISP, warns Arbor Networks.
10/31/2012
Mobile app developers that don't post conspicuous online and in-app privacy policies will face $2,500 fine per download.
10/18/2012
A Hadoop intelligence tool stands out as IBM updates its security portfolio to address security issues related to big data, analytics, cloud computing, mainframes, and mobile devices.
9/24/2012
Iranian official says bank attack blame is a smoke screen for the U.S. to continue launching cyber attacks against Iran.
9/13/2012
Blame carriers for slow or nonexistent patches, even as the number of new, malicious Android apps has increased 41 times since last year.
8/23/2012
Legal experts say AT&T violates FCC rules with plan to restrict FaceTime use on its cellular network to premium-plan customers.
8/21/2012
Legislation proposed by the German government would create a new type of copyright requiring any online or offline use of publishers' content to be compensated. Cue debate.
8/15/2012
Appeals court rules law enforcement agencies don't need a warrant to "ping" and track prepaid cellphone locations.
7/25/2012
Can Samsung, HTC, Motorola, and carriers be pressured to stop waiting months before patching known, exploitable vulnerabilities on their Android smartphones and tablets?
7/18/2012
Android 4.1, code-named Jelly Bean, is first OS from Google to correctly randomize memory, making it tougher for attackers to get a foothold.
7/18/2012
Draft NIST guidelines update cell phone and PDA security rules for the Android and iOS era.
7/9/2012
Find And Call app, discovered in both the Apple App Store and Google Play, copied phone address book to a remote server controlled by spammers.
7/5/2012
If true, it's the first time Android devices have been hijacked by malware, turned into botnet nodes, and made to churn out spam.
7/5/2012
Proof-of-concept malware can be used to launch malicious applications, with no warning or rebooting required, computer scientists show.
6/5/2012
Flame's use of spoofed Microsoft security certificates will likely be mimicked by sophisticated malware writers to craft widespread attacks, experts say.
6/1/2012
Flame malware could use Bluetooth to exfiltrate data, record phone conversations, or learn the social network of a target.
5/25/2012
British regulators crack down on Latvian company behind the RuFraud malware scheme that placed 27 fake versions of Android apps, including Angry Birds Space, on Google Play.
5/21/2012
British police train their own forensic specialists to test suspects' mobile devices in the station, saving the time and expense of using specialized forensics labs.
5/11/2012
FBI issues warning to people traveling abroad that free Wi-Fi systems can pose a threat. Learn how to keep systems locked down and safe while traveling.
5/10/2012
Internet Explorer will be only Web browser to have access to core system functionality in Windows RT on ARM-based systems, rivals warn.
5/3/2012
Almost two-thirds of CISOs say their companies' senior execs have increased attention to information security; 60% of advanced security groups call security a regular boardroom topic, IBM study reports.
4/27/2012
Cybersecurity information-sharing bill moves to the Senate, but civil liberty groups vow to continue fighting it tooth and nail.
2/17/2012
Smartphones extend the network perimeter like never before, but also give potential attackers new entry routes. Consider these get-tough strategies.
2/9/2012
Malware grabs rootkit exploit code to obtain temporary access privileges, poses a "serious threat," says researcher.
2/9/2012
When it comes to combating APTs, the odds are against your organization's security team, say security experts such as Bruce Schneier. This type of risk deserves special scrutiny.
2/7/2012
Security expert says Google Bouncer malware checks are a step in the right direction, but not a complete solution. Meanwhile, Google excised more fake apps from the Android Market.
2/6/2012
"Polymorphic" malware, tweaked frequently, sends SMS texts to premium-rate numbers until smartphone owner's account balance is depleted.
2/3/2012
FBI confirms legitimacy of 16-minute call, posted by hacktivists, that discussed sentencing and future arrests of LulzSec and Anonymous participants.
1/30/2012
Apperhand SDK drops a search icon onto the Android desktop
and tracks your device's ID, but so does any adware. Here's what you need to know.
1/26/2012
Mobile provider O2 said it has patched problem that shared phone numbers with websites. But users of the Orange network in Spain report similar issues.
1/25/2012
In the wake of Megaupload, security experts warn businesses that rely on cyberlockers to include service loss in their disaster and continuity planning.
1/23/2012
It took 10 months for hackers to crack iOS 5.0.1. Workplaces that allow bring your own device need to act immediately to avoid potential security risks.
1/17/2012
Two controversial anti-piracy bills, SOPA in the House and PIPA in the Senate, face mounting criticism for going too far to block pirated content.
1/11/2012
After several days of credit card breaches and payback hack attempts, Anonymous chimes in, purportedly releasing access credentials and URLs for Israeli industrial control systems.
1/11/2012
Starting midnight Thursday, ICANN will take applications for new generic top-level domains such as .shoe and .plumber, but some industry groups are voicing fraud and security concerns.
1/10/2012
Microchip embedded in a power supply or other peripheral could help recover forgotten laptop or smartphone passwords.
12/19/2011
The carrier has disabled Carrier IQ's software and reportedly instructed all of its hardware partners to no longer build the software into Sprint handsets.
12/14/2011
Smartphone monitor company details in a report every data point that it can collect, and says it shared no data with law enforcement agencies.
12/13/2011
Fraudulent game apps send and receive expensive premium-rate SMS messages, racking up charges for unsuspecting users.
12/8/2011
Let smartphone users opt into how their devices and related data get tracked, preferably from handsets. Otherwise, carriers and manufacturers will continue to look like they have something to hide.
12/6/2011
Independent studies find CIQ's smartphone monitoring software captures only the info it needs for diagnostics work.
12/5/2011
U.S. and European officials also demand answers about who's using Carrier IQ's smartphone monitoring software and exactly which types of information they're tracking.
12/2/2011
A tale of data collection, cease and desist, wiretap allegations, privacy questions, and potential redemption.
12/1/2011
Some Android phones are more vulnerable to attacks than others, due to pre-installed add-on tools and skins, security researchers say.
11/29/2011
Network diagnostic software vendor issues apology to researcher who discovered its application secretly monitoring smartphone users.
11/29/2011
Two-person development shop created software for secure text and voice communications on Android smartphones.