Security

Security news, analysis, research, how-to, opinion, and video.

cybersecurity
Exiting the computing business

Massive malvertising campaign hits Yahoo, AOL and other sites

Malicious advertisements made their way last week to almost two dozen popular websites and used browser-based exploits to infect computers with CryptoWall.

shutterstock ransomware man pointing gun out of computer

Android ransomware 'Koler' turns into a worm, spreads via SMS

A malicious Android app that takes over the screen of devices and extorts money from users with fake notifications from law enforcement agencies was recently updated with a component that allows it to spread via text message spam.

Tim Cook

Apple CEO Tim Cook meets with Chinese official after iCloud attack

Just after Apple's iCloud service faced a hacking attack from China, Apple CEO Tim Cook met with a Chinese official to discuss protecting users' privacy.

Apple: Internet Explorer? Never heard of it

Apple on Tuesday told browser users to pay attention to warnings of insecure digital certificates after reports of a "man-in-the-middle" attack against iCloud.com in China was revealed earlier in the week.

Implantable heart device

DHS investigates 24 potentially deadly cyber flaws in medical devices

DHS is investigating 24 potentially deadly cybersecurity flaws in medical devices like infusion pumps, implantable heart devices, medical imaging equipment and hospital networking systems.

ddos symantec

Symantec sees rise in high-traffic DDoS attacks

A type of distributed denial-of-service attack, DNS amplification, has risen sharply, according to new research from Symantec.

internet of things iot stock

Industry can head off IoT privacy rules

The Internet of Things is raising a host of concerns over the control of data that could lead to government regulation, but tech companies can rein in those worries on their own if they act fast, a former White House technology...

Insider Threats – how they affect US companies

Insider Threats – how they affect US companies

In the second post of the Insider Threat series, we looked at basic definitions of insider threat incidents and their impact on organizations. Now we will have a closer look at how malicious insider threat actions affect companies in...

Binary data cloud.

China attacks push Apple to warn users of iCloud threats

Apple warned users about attacks on its iCloud website, after monitoring groups said China tried to intercept customer information from the service.

Exclamation point on screen.

Microsoft warns of Windows zero-day; hackers serve exploits in PowerPoint files

Microsoft warned users Tuesday that cyber criminals are exploiting a zero-day flaw using malicious PowerPoint documents sent as email attachments.

fido alliance u2f usb authentication oct 2014

Google extends two-factor authentication with physical USB keys

Google is letting users protect their accounts against password compromises by adding support for two-factor authentication based on physical USB keys.

staples store

Staples confirms data breach investigation

Investigative journalist Brian Krebs reported that multiple banking sources were seeing a pattern of credit and debit card fraud. The common thread between each case were purchases made at Staples Inc. stores in the Northeastern U.S.

transparent curtain

HTTPA: New tech transforms transparency into privacy

Privacy by obscurity is dead; long live privacy by transparency

Unlocked circuit board / security threat

Flash vulnerability exploited in large-scale attacks

If you haven't updated your Flash Player with the fixes released Oct. 14, you may be vulnerable to new attacks using a commercial exploit kit called Fiesta, security researchers warn.

keep calm

Keep calm and plug the holes

Panicked reactions are no way to cope with zero-day vulnerabilities. We all should know that there’s always another one just around the corner.

Man-in-the-middle attack on Chinese iCloud users

Chinese Big Brother launches nationwide attack on iCloud

Since the iPhone 6 launched in China, Chinese authorities have been staging a man-in-the-middle attack, via a self-signed digital certificate, so when Chinese users connect to iCloud.com, they are instead redirected to a spoofed...

Researcher creates proof-of-concept worm for network-attached storage devices

Network-attached storage (NAS) devices are riddled with vulnerabilities that can put the security of sensitive data and networks at risk, a researcher has found. To prove his point, he has created a proof-of-concept worm that can...

Fish meets phish. Guess who wins?

This university's IT department regularly sends out warnings about scammers and phishing, since some students and faculty fall prey every semester. But not everyone gets the idea.

Load More