Security news, analysis, research, how-to, opinion, and video.

eric holder reuters larry downing

CEO indicted for company's alleged mobile spyware app

The CEO of a Pakistani company has been indicted in the U.S. for selling a product called StealthGenie that buyers could use to monitor calls, texts, videos and other communications on other people's mobile phones, the U.S. Department...

Shellshock flaw poses risks to payments industry

The Shellshock flaw could pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies warned Tuesday.

shellshock bug

Shellshock affects dozens of Cisco and Oracle products

Cisco Systems and Oracle are working to identify networking and other products in their portfolios affected by the critical Shellshock vulnerability.

Germany orders Google to stop illegal user data processing

Google has refused to substantially improve user controls, the government says.

Google triples bug bounty reward range to $15,000

The company says it will break even that ceiling for outstanding reports.

apple privacy

Malware program targets Hong Kong protesters who use Apple devices

A malware program that targets Hong Kong activists using Apple devices looks like it was developed by a nation-state, possibly China, according to Lacoon Mobile Security.

Four charged with stealing Army helicopter training software

The defendants also allegedly stole pre-release games and information on Microsoft's Xbox


Global Internet speeds up, DDoS attacks down

The average global Internet connection speed rose above 4Mbps for the first time.

shellshock bug

Apple patches Bash vulnerability in OS X

The vulnerability posed little risk to most users.

Hacking stealing password data.

EPIC seeks enforcement action over Arizona data breaches

A privacy watchdog filed a complaint with the Federal Trade Commission against a community college district in Arizona that lost the personal data of 2.5 million students and employees in two data breaches.

data breach thinkstock

Second cyberattack hits SuperValu grocery stores' payment systems

SuperValu, the grocery store operator hit by a cyberattack in June and July, has suffered a second attack on its payment processing system, it said Monday.

Smithsonian Channel explanationa of cyber criminals

Report: Crime-as-a-Service tools and anonymization help any idiot be a cyber-criminal

Crime-as-a-Service tools, anonymization, darknets and crypto-currencies cited as in Internet Organized Crime Threat Assessment report as helping anyone become a cybercriminal.


An immature security program is an exciting challenge

After four years of building one company’s security program, our manager feels the need to take on a new challenge.


Two scenarios that would make OS X vulnerable to the Shellshock bug

Apple's OS X is vulnerable to the Shellshock bug, but it's not that easy for attackers to take advantage of it, according to Intego, which specializes in security software for the operating system.

internet of things iot stock

Why the Internet of Things may never happen (Part 2)

The Internet of Things idea of all our stuff seamlessly working together for our benefit is wonderful, but it's never going to happen.

android encryption

FBI director worries about encryption on smartphones

TheFBI is concerned about recent moves by Google and Apple to include encryption on smartphones.

Hacked, unlocked, unsafe.

Data breach that hit Jimmy John's is larger than first thought

Signature Systems says the breach of its point-of-sales system that hit 216 Jimmy John's sandwich shops is 50% larger than originally thought.


Forget passwords -- the Nymi wristband uses your heartbeat for security

Toronto-based Bionym is working on a wearable device that uses a person's heartbeat to authenticate their identity

google logo

Google gets privacy lesson from EU data protection authorities

European Union privacy regulators want Google to make its privacy policies easier to find and understand.

Load More