You can do What???? From an Android Phone????

Hijacking airplanes with an Android phone

So it appears that there is valid concern by the airlines when they make their customers turn off their phones during take off and landing.  A security researcher- who is also a pilot- has been able to take advantage of two different technologies used by airlines by creating an app for his Android phone. 

This has happened in almost every major industry- auto, power, telco, airlines, trains... they each rely on sophisticated technology that is probably not fully understood (protocols, wireless, network connectivity, storage, and features) or the engineers are guilty of thinking "no one but us engineers will ever be able to understand our technology”. It's the same story with each industry and no one seems to learn the lessons from the software industry or what has happened in other industries. Everyone acts as if they are in their own silos with their heads in the sand, mistakenly believing that nothing bad can happen to them. As a nation, we have been relatively lucky thus far (though Iran's nuclear industry cannot really claim that thanks to the Stuxnet malware), and hopefully we can continue to blindly stumble forward and keep ahead of truly motivated attackers/terrorists/script kiddies/hacktivists/foreign nations by sheer luck… or else something really bad is going to happen to something important- for example, the power grid, the communication infrastructure, satellite navigation, or even oil refineries.

From the “I’m Not Surprised” File Folder

Mobile phone apps view private data more than necessary, says French study

The mobile application industry is still in its infancy, with many mobile application developers still unsure of the capabilities of their own creations.  Mobile device users are happily downloading applications with little regard while being completely ignorant to the sensitive data and/or resources those applications are gaining access to.  Unfortunately, no mobile device creators (Apple, Google, etc.) are doing a very good job of communicating to their customers how to protect their personal information.

New Technologies Lead to New Attacks

New Wave of Call Center Fraud

With each new technology that takes the world by storm (Facebook, Skype, Twitter, etc.), there will be criminals who attempt to take advantage of that functionality to gain access to data or money that isn’t theirs.  This forces organizations that are common targets (financial, ecommerce, healthcare, etc.) to stay on their toes as attackers continually change their tactics used for theft.