Security news, trends, analysis and practical advice

United Airlines
Data Security

circuit board

Researchers develop astonishing Web-based attack on a computer's DRAM

The rowhammer problem can be exploited using JavaScript over the Web, researchers have found.

Hacking stealing password data

Symantec: Well-heeled hacking group Black Vine behind Anthem breach

Black Vine has been active since 2012 and is behind several hacks targeting different industries.

breach bucket

Closing the data floodgates

The unauthorized disclosure of sensitive and controlled data is a major issue for businesses today. Data loss prevention is a relatively new class of products that attempt to monitor common communication channels for the presence of...

android security danger

Update: Maliciously crafted MKV video files can be used to crash Android phones

A malicious application or Web page could be used to crash Android devices, in some cases persistently, due to a vulnerability in a multimedia processing component.

FaxBigBrother to stop CISA cyber threat and cyber spying bill

#FaxBigBrother to bury Senate under mountains of paper and stop CISA cyber spying bill

Congress can't grasp modern tech, so Operation FaxBigBrother will turn your emails and hashtagged tweets into faxes -- tech they do understand -- and bury Senators under mountains of paper devoted to stopping the CISA cyber spying...

tastic pcb rfid

No building access card? No problem if you have new Def Con tools

RFID card access systems are used by most companies to let people into their buildings. But over the last few years, researchers have shown how these systems can be easily bypassed.

cyberthreat thinkstock

Groups urge Obama to oppose cyberthreat sharing bills

A coalition of digital rights groups and security experts asked President Obama to oppose legislation intended to let businesses share cyberthreat information with each other and with government agencies.

encryption locks security

Google offers users of its Compute Engine their own encryption keys

Google will let enterprise customers of one of its Cloud Platform services lock up their data with their own encryption keys, in case they're concerned about the company snooping on their corporate information.

Obama won't pardon Snowden, despite public support for the idea

President Barack Obama won't pardon NSA leaker Edward Snowden, despite strong public support for the move, the White House said Tuesday.


Xen patches new virtual-machine escape vulnerability

A new vulnerability in emulation code used by the Xen virtualization software can allow attackers to bypass the critical security barrier between virtual machines and the host operating systems they run on.

it security salaries

Cybersecurity job market to suffer severe workforce shortage

Cybersecurity workforce shortage to reach 1.5 million by 2019.


Over 10 million Web surfers possibly exposed to malvertising

The online advertising company that distributed the ads is taking action to stop it.


Privacy and the data toothpaste problem

Two court rulings basically maintain that we can’t expect privacy on the phone or on social media. George Orwell would be proud of the judges.

google drove logo

Google Drive phishing is back -- with obfuscation

If you have a Google account and a stranger sends you a link to a document on Google Drive, think twice before clicking -- it could be a phishing scam designed to harvest your Google credentials


NSA will lose access to 'historical' phone surveillance data Nov. 29

The U.S. National Security Agency will lose access to the bulk telephone records data it has collected at the end of November, the Office of the Director of National Intelligence said.

jamie dimon

What we can learn from JPMorgan’s insider breaches

Another former JPMorgan Chase & Co. (JPMC) employee was recently arrested by the FBI on charges of stealing customer data and trying to sell it. Similar incidents have occurred multiple times at JPMC over the past few years. Upon...

windows 10 logo blue

Microsoft pours out the patches as Windows 10 nears release

Microsoft has been pushing out Windows 10 patches almost daily as it preps for this week's launch of the new operating system.

android security danger

Most Android phones can be hacked with a simple MMS message or multimedia file

Vulnerabilities in the Android multimedia framework allow attackers to remotely compromise devices with ease, a researcher said. The vulnerabilities affect devices running Android versions 2.2 and higher.

Load More