Ask LH: Are Bugs Like Shellshock And Heartbleed Really Serious, Or Just Hype?

Dear Lifehacker, So Shellshock is the newest vulnerability that may “break the internet.” The last time they said that, it was about Heartbleed. Do I really need to be worried about all these bugs and vulnerabilities, or is this stuff tech companies need to care about? Can someone actually use these against me?


In-App iOS Browsers Are Insecure: Use Safari For Sensitive Browsing

iOS: In-app browsers like you find on Twitter or Facebook on iOS are great when you just want to browse content. But Twitterrific developer Craig Hockenberry shows off an exploit that allows any app to grab sensitive data that you type into it.


Office 365 Bounty Will Pay $500 For Security Bugs

“Bug bounty” schemes are one way for software firms to encourage people to tell them about vulnerabilities rather than exploiting them. Microsoft has expanded its own bug bounty scheme to include its online services, kicking off with a minimum payment of $500 for any identified major security bugs in Office 365.


When Does Google Hand Over Your Data To Governments?

Governments around the world want to know a lot about who we are and what we’re doing online and they want communications companies to help them find it. We don’t know a lot about when companies hand over this data, but we do know that it’s becoming increasingly common.


Office Macro Virus Attacks Becoming More Frequent

The resurgence in Office macro viruses shows no sign of slowing up. According to Sophos, attacks using Office’s built-in Visual Basic for Applications (VBA) now account for more than a quarter of all document-based attacks.


Firemonkeys Hack Reminds Us To Patch, Patch, Patch

Over at Kotaku, my colleague Mark has the story of how EA-owned Australian games studio Firemonkeys shut down its forums after they were taken offline by a hacker.


Patch Tuesday: Four On The Floor

Yes, it’s almost the second Tuesday of the month and we’re due another bunch of Microsoft patches. With just four updates scheduled this month, hopefully the experience won’t be too painful.


Yes, Your Users Are Dumb Enough To Fall For Phishing Scams

The safest way to ensure people don’t fall for phishing scams is to block those emails before they arrive. We’re reminded of this via a study by McAfee, which found that 80 per cent of office workers were sucked in by phishing mail.


Microsoft's Upgraded EMET 5.0 Offers More Windows Protection

We recently covered Microsoft’s lesser-known Enhanced Mitigation Experience Toolkit (EMET) that adds protection against malware. Microsoft recently upgraded it to version 5.0 with even more protection against Internet nasties.