Security news, analysis, research, how-to, opinion, and video.

data breach thinkstock
Phishing for passwords.


Facebook, Yahoo prevent use of recycled email addresses to hijack accounts

A new mechanism helps email servers determine if a message was intended for a recycled account's previous owner

Akamai sees record-setting spikes in DDoS attacks

The size and volume of DDoS attack exploded in the past year, with a 389% increase in average attack bandwidth between the third quarter of 2013 and the third quarter of 2014, according to Akamai Technologies.

Abandoned subdomains pose a security risk for businesses

Many companies that set up subdomains for use with external services, but then stop using those services, could be leaving open a loophole attackers can exploit.

xiaomi mi 4 vs last gen

Phone maker Xiaomi moves data outside China over privacy concerns

Chinese smartphone maker Xiaomi is moving customer data and its Internet platforms to servers outside China, only months after the company apologized over privacy concerns.

healthcare security hp

Regulation on cloud security may spur SaaS use in health care

Governments may need to tighten the regulatory screws on SaaS vendors to make them more transparent and forthcoming about their security practices.

Apple to end SSL 3.0 support for push notifications this month

Apple will stop support on Oct. 29 for for SSL 3.0, which was found to contain a severe vulnerability.

cybersecurity lock touch worker man

Microsoft misses Windows bug, hackers slip past patch

Microsoft patched one bug in Windows last week, but missed another that hackers continue to exploit.

Exiting the computing business

IBM’s chip business sale gets national security scrutiny

IBM's plan to transfer its semiconductor manufacturing business to GlobalFoundries faces a government review over national security implications.

Massive malvertising campaign hits Yahoo, AOL and other sites

Malicious advertisements made their way last week to almost two dozen popular websites and used browser-based exploits to infect computers with CryptoWall.

shutterstock ransomware man pointing gun out of computer

Android ransomware 'Koler' turns into a worm, spreads via SMS

A malicious Android app that takes over the screen of devices and extorts money from users with fake notifications from law enforcement agencies was recently updated with a component that allows it to spread via text message spam.

Tim Cook

Apple CEO Tim Cook meets with Chinese official after iCloud attack

Just after Apple's iCloud service faced a hacking attack from China, Apple CEO Tim Cook met with a Chinese official to discuss protecting users' privacy.

Apple: Internet Explorer? Never heard of it

Apple on Tuesday told browser users to pay attention to warnings of insecure digital certificates after reports of a "man-in-the-middle" attack against in China was revealed earlier in the week.

Implantable heart device

DHS investigates 24 potentially deadly cyber flaws in medical devices

DHS is investigating 24 potentially deadly cybersecurity flaws in medical devices like infusion pumps, implantable heart devices, medical imaging equipment and hospital networking systems.

ddos symantec

Symantec sees rise in high-traffic DDoS attacks

A type of distributed denial-of-service attack, DNS amplification, has risen sharply, according to new research from Symantec.

internet of things iot stock

Industry can head off IoT privacy rules

The Internet of Things is raising a host of concerns over the control of data that could lead to government regulation, but tech companies can rein in those worries on their own if they act fast, a former White House technology...

Insider Threats – how they affect US companies

Insider Threats – how they affect US companies

In the second post of the Insider Threat series, we looked at basic definitions of insider threat incidents and their impact on organizations. Now we will have a closer look at how malicious insider threat actions affect companies in...

Binary data cloud.

China attacks push Apple to warn users of iCloud threats

Apple warned users about attacks on its iCloud website, after monitoring groups said China tried to intercept customer information from the service.

Exclamation point on screen.

Microsoft warns of Windows zero-day; hackers serve exploits in PowerPoint files

Microsoft warned users Tuesday that cyber criminals are exploiting a zero-day flaw using malicious PowerPoint documents sent as email attachments.

Load More