The thief entered a hotel room by opening its electronic lock using a special device and stole a laptop. Quite naturally, the police found no evidence of a break-in and none of the hotel’s keys were used. The investigation showed that the lock was opened using a special electronic tool. As the result, the police arrested the 27-year-old Matthew Allen Cook, who had been previously convicted for theft. He was caught trying to sell the stolen equipment.

He entered the hotel room using a security flaw in electronic locks made by Onity. Such locks are used in 4 million hotels around the globe.

The vulnerability was presented at the Black Hat Security conference by Cody Brocious, a security expert who used a sub $50 programming device to demonstrate how any hotel room can be easily opened. The vulnerability exists due to the fact that opened unencrypted ports of the lock allow any device to read device management data from its memory.

The manufacturer of electronic locks who obviously underestimated the value of information security, has been refraining from comments so far.

Neil Smith, an IT security expert, found a hidden embedded program in Samsung printers that makes it possible to remotely connect to them, change settings and manage printing. This is a real backdoor created by the manufacturer for the convenience of technical support experts.

Apparently, the company never disclosed the existence of such functionality. The same kind of program was found in Dell printers, which can be attributed to their mutual manufacturing contracts.

This backdoor uses a modified version of the SNMP protocol that is not visible in the list of connections and continues to work even if the user disables SNMP in the printer settings.

Since the information has been made public, emergence of working exploits for this vulnerability is just a matter of time. Obviously, these exploits will not try to intercept documents being printed, but will aim to execute arbitrary unauthorized code with administrator rights in an external network. Samsung believes that it will be able to release a patch before hackers find a way to create an exploit.

By the day after release of Apple’s new iPad 3, hackers had already found three ways to jailbreak the OS of the tablet device. This represented a drop of six days compared to the time necessary for jailbreaking the iPad 2 after launch.

Hackers also dryly noted that out of Apple’s entire device lineup, the best-protected device is also the very cheapest one: the Apple TV 3.1 television appliance.

Why? Most of the features in Apple’s iOS operating system, which is used on all of the company’s mobile devices, are simply discarded and disabled on the Apple TV. This reduces the “area for attack” available to hackers, thus creating significant obstacles for them.

Although the newer version of the Apple TV was ultimately hacked nonetheless, the jailbreak tool did not catch on with users. It is usually the case that Apple gradually updates the operating system with the features that users had hoped to gain through jailbreaking their devices.

As Android, an open source mobile platform, is steadily gaining popularity, more and more applications are released for it. The flipside of this popularity, however, is the emergence of malware modules, backdoor tools and other unexpected and unpleasant “Easter eggs” in regular applications that are often used for collecting more user-related information than necessary and allowed.

Luckily, users now have a decent (and affordable) solution for this problem. A set of two security tools, Privacy Blocker and Privacy Inspector, will help you keep excessively curious programs on your smartphone on a short leash.

Privacy Inspector is a vulnerabilities scanner. It scans the entire system, checks every program installed and reports any suspicious functions they use. A thievish app can be removed at once or “tricked” using the second tool from the set.

Privacy Blocker can also scan your Android OS and show you what programs are requesting data irrelevant to their primary purpose. But that’s not all. Privacy Blocker makes it possible to use suspicious programs if you really need them. However, it will pitch completely useless gibberish to them instead of the information they request, so rest assured that your private information is safe and won’t be sent to third parties.

Companies working in the internet security business have been conducting annual research for several years on data protection in organisations. Their reports show that fro 2008 to 2011 the situation has changed significantly. Theft and leaks of secret information have massively increased.

At the same time hackers are attacking corporate web sites more often, successfully stealing company secrets. There are specific reasons for this.

1. Data is saved on devices difficult to make secure.

With the development of mobile technologies and wireless communication systems employees of large companies are becoming more interested in accessing their work information using mobile devices (telephones, smartphones, tablet computers, laptops). It is extremely difficult to protect such devices from even simple theft, even though they often contain important corporate information.

2. Workplace remote access systems.

These are becoming more popular, and they are much simpler to break into than internal closed corporate networks.

3. Use of cloud services for storing information.

Corporate cloud systems often lack the necessary security and there is a high risk of losing information stored there. In addition such systems are often located outside the reach of company specialists (hosting in other countries), which makes it harder to organise the appropriate security measures.

4. High demand for corporate data.

The significantly increased demand and high cost of such services encourages hackers to attack company networks. Hackers can easily sell stolen marketing statistical data or development codes for new software at a high price.

5. Incorrect response to discovered vulnerabilities.

In many cases companies do not even realise that information has been stolen. Moreover, only half of companies who discover information leaks try to restore and improve their security system. Only 30% turn to network security consultants and experts.

Experts recommend, as a precautionary measure, that companies strictly control the staff members who have access to secret information.

It is necessary that mobile devices are carefully controlled with, at the very least, password protection.

Information on internal computer systems (and also the stored information) should not be given to people who have no relation to the company’s security services.