Security news, trends, analysis and practical advice

150817 google marshmallow 04

hacker in shadow

Nothing to hide? Artist to 'hack' phones, project dirty secrets as persons' Data Shadow

If you have nothing to hide, then visit artist Mark Farid's Data Shadow installation as he melds data security, mobile privacy and art -- harvesting 'embarrassing' personal info from phones and projecting that data onto a person's...


Apple draws cloudy line on use of root certs in mobile apps

Apple's removal of several apps from its mobile store on Thursday shows the challenges iOS developers can face when app guidelines shift.

browsers ie safari opera chrome firefox

Firefox to drop old-tech plug-ins by end of 2016

Mozilla will follow in Google's footsteps and bar virtually all plug-ins built using a decades-old technology by the end of next year.

internet of things laptop

IoT will become a matter of life or death for security pros

Internet of Things means different things to different people: Self-driving cars, smart cities, connected homes, health and fitness apps, among others. But for security professionals, IoT will become a safety issue.

USB key

LogMeIn is buying password manager LastPass

LogMeIn hopes to bring even more consolidation to the single-sign-on market with the acquisition of password management service LastPass.

Security (3)

U.S. won't seek law to ban encryption

The U.S. administration will not seek legislation at this point to counter the encryption of communications by many technology services and product vendors, but will work on a compromise with industry, a senior U.S. official said...

Apple logo from inside Apple Store in Boston

Apple removes apps from store that could spy on data traffic

Apple on Thursday removed several apps from its store that it said could pose a security risk by exposing a person's Web traffic to untrusted sources.

Privacy (4)

New Calif. law mandates warrants for access to private communications

California Governor Jerry Brown has approved a digital privacy bill that protects people from government access to private electronic communications without a warrant.

NEC drone camera

NEC's surveillance system will detect, track drones

NEC has developed a surveillance system that can spot drones from up to a kilometer away.

NDN hackathon

IP was middle school; named data networking is college

Much of the Named Data Networking (NDN) project codebase is still at the Version zero-dot-something level. But things are nevertheless starting to get real for this architecture designed to blast past today’s host-based and...

SSL padlock icon

The SHA-1 hashing algorithm could succumb to $75K attack

The SHA-1 hashing algorithm, still used to sign almost one in three SSL certificates, can now be attacked for as little as $75,000, and should be urgently retired, researchers say

Cloud Security

Amazon makes it easier to lock down the cloud

Amazon unveiled a pair of services that are designed to make it easier for companies to keep their cloud deployments secure and within the parameters they want.


Journalist convicted of helping Anonymous hack the LA Times

A journalist accused of helping a rogue hacking group briefly take control of the Los Angeles Times website was convicted by a federal jury in California on Wednesday.


Android malware hammers phones with unwanted ads

Android users in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.

samsung pay

Hackers who targeted LoopPay may be looking to track individuals

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday.

Credit card on fire

ACLU: Orwellian Citizen Score, China's credit score system, is a warning for Americans

In China, every citizen is being assigned a credit score that drops if a person buys and plays video games, posts political comments online “without prior permission" or if social media friend does so.

email security

Attackers target Outlook Web Application for domain credentials

Why spend time targeting Active Directory for domain credentials when Outlook Web Application is just as good -- and far easier to compromise?

Droid lineup

Verizon to use mobile supercookie to target AOL ads to customers

In an update to its privacy policy, Verizon has warned its customers that it will use its mobile supercookie to target ads from the AOL network displayed on sites around the Web.

Load More