Security news, trends, analysis and practical advice

chocolate chip cookies chocolate chip baked dessert snack hungry treats 000002932349

Scary ghosts haunted scream

Ghost flaw in Linux can be exploited through WordPress, other PHP apps

A critical vulnerability in a core Linux library can be exploited remotely through WordPress and likely other PHP applications to compromise Web servers.

credit cards on silver laptop 000004541249

How three small credit card transactions could reveal your identity

It doesn't take much to identify a person's credit card transactions from among those of a million people, according to findings published in Science.

restoring sanity   reddit

Reddit handed over user info for 58% of government requests

Reddit today went public with its first "transparency report,” telling users of its news and social networking site that it frequently turns down formal subpoenas and legal requests for information in users.

FTC targets operator of revenge-porn site

Federal regulators are clamping down on a website whose operator allegedly deceived women into sending intimate photos of themselves and then charged them to have the images removed.

FBI consultant: Silk Road founder had $16-18M worth of bitcoins on laptop

Ross Ulbricht, accused of masterminding the Silk Road underground online marketplace, had between $16 million and $18 million worth of bitcoins on the laptop he was using when he was arrested.

The end for 1024-bit SSL certificates is near, as Mozilla kills a few more

Within weeks, Mozilla products including its Firefox browser will stop trusting an unknown number of SSL certificates issued using old root CA certificates with 1024-bit RSA keys.

05 privacy

'Parks And Recreation,' Facebook and The New Privacy

Tuesday's episode of Parks And Recreation raises an important question about Facebook and privacy.


Cyberthreat sharing should include privacy protections, advocates say

U.S. lawmakers are being urged to put strict privacy controls in legislation that would encourage companies to share cyberthreat information with government agencies and each other.

Silk Road paid thousands in shake-downs from malicious hackers

When operating outside of the law, you can't rely on the police to protect your illegal enterprise from other criminals.

Parrot AR Drone can be infected with malware for surveillance

Drones infected with malware can drop from the sky or be hijacked for surveillance

A security engineer infected a Parrot AR Drone with Maldrone malware, which creates a persistent backdoor, so an attacker can remotely control the infected drone, cause it to drop from the sky, be hijacked for surveillance, or spread...

full flight airplane passenger cabin transportation 000000583238

EU air passenger database about to take flight, but critics want it grounded

The European Commission is reportedly revving up the engines on a controversial plan to retain passenger flight data across the EU, although a prior attempt got its wings clipped due to privacy concerns.

blackphone2 100248426 orig

Blackphone super-secure communications app had serious flaw

The SilentText secure messaging application bundled with Blackphone had a serious vulnerability that would have allowed attackers to decrypt messages, read contact information, gather location data and even execute malicious code on...

ghost bug nemo pd

GHOST: Most Linux servers have a horrible, horrible vulnerability (in glibc)

Time to patch and reboot. Another nasty open-source security hole. Another silly name. And this one's a doozy: GHOST affects the vast majority of 'stable' Linux servers on the Internet...

'Ghost' flaws poses high risk to Linux distributions

A fault in a widely used component of most Linux distributions could allow an attacker to take remote control of a system with just a malicious email.

U.S. Congress Washington DC

Old arguments may hinder U.S. data breach notification efforts

A drive in Congress to require companies with data breaches to notify affected customers may get bogged down in old arguments.

FTC wants IoT vendors to safeguard privacy

The FTC wants companies developing Internet-of-Things products should adopt best practices to protect the privacy and security of consumers.

DNS hijacking flaw affects D-Link DSL router, possibly other devices

A vulnerability found in a DSL router model from D-Link allows remote hackers to change its DNS settings and hijack users' traffic.

snowden digital

Mass surveillance seen as a danger to fundamental human rights

Mass Internet surveillance endangers fundamental human rights and has not helped to prevent terrorist attacks, a European human rights body concluded.

Load More