Heartbleed Attack Targeted Enterprise VPN
Attack spotted using the OpenSSL Heartbleed bug to steal session tokens and bypass two-factor authentication.
DarkReading (April 21, 2014)
Heartbleed: A Password Manager Reality Check
Is a password manager an effective defense against vulnerabilities like Heartbleed, or just another way to lose data to hackers?
DarkReading (April 18, 2014)
Microsoft Delays Enterprise Windows 8.1 Support Doomsday
Responding to criticism, Microsoft gives businesses until August to adopt Windows 8.1 Update and continue receiving security updates. Consumers still face May 13 deadline.
DarkReading (April 17, 2014)
White House Details Zero-Day Bug Policy
NSA denies prior knowledge of the Heartbleed vulnerability, but the White House reserves the right to withhold zero-day exploit information in some cases involving security or law enforcement.
DarkReading (April 15, 2014)
Akamai Withdraws Proposed Heartbleed Patch
As researchers demonstrate OpenSSL bug exploits that retrieve private keys, Akamai rescinds a patch suggestion for the SSL/TLS library after a security researcher punches holes in it.
DarkReading (April 14, 2014)
'Thingularity' Triggers Security Warnings
The Internet of Things is creating 50 billion Internet-connected devices. Who is going to keep them updated and secure?
DarkReading (March 28, 2014)
Android Apps Hide Crypto-Currency Mining Malware
Apps downloaded by millions from Google Play and Spanish software forums include hidden altcoin-mining software. But criminals aren't getting rich quickly.
DarkReading (March 27, 2014)
Cybercrime Black Markets Grow Up
Cybercrime forums selling advanced attacks on demand are outpacing businesses' ability to defend themselves, new study from RAND finds.
InformationWeek (March 26, 2014)
Symantec Fires CEO In Surprise Move
Analysts question security and storage giant's turnaround after the board fires its second CEO in two years.
InformationWeek (March 21, 2014)
Will Target Face FTC Probe?
Retailer's security practices remain under scrutiny as regulators ponder FTC investigation. Meanwhile, Sony options rights to Hollywood cyber-thriller based on breach story.
InformationWeek (March 20, 2014)
Samsung Galaxy Security Alert: Android Backdoor Discovered
Samsung's flavor of Android has a backdoor that can be remotely exploited by attackers, Android developers warn.
InformationWeek (March 13, 2014)
Experian ID Theft Exposed 200M Consumer Records
ID theft ring sold access to database with 200 million consumers' private data to 1,300 criminals.
InformationWeek (March 11, 2014)
Mt. Gox Chief Stole 100,000 Bitcoins, Hackers Claim
Cryptocurrency aficionados' ire stoked by leaked accounts showing 100,000 bitcoins remain missing.
InformationWeek (March 10, 2014)
Target CIO's Resignation: 7 Questions
After the data breach, why didn't the buck stop with PCI assessors or CEO? Search for accountability reveals flawed system, much finger-pointing.
InformationWeek (March 6, 2014)
Fresh Target Breach Cards Hitting Black Market
A Bitcoin-powered marketplace is selling stolen card data in small batches, offering card validity guarantees, an RSA presentation reveals.
InformationWeek (February 28, 2014)
Bitcoin, Meet Darwin: Crypto Currency's Future
First-movers rarely survive, but some experts see a real future for government-issued crypto currency.
InformationWeek (March 12, 2014)
Target Breach: Why Smartcards Won’t Stop Hackers
"Chip and PIN" smartcard adoption in the United States is long overdue. But the security improvement wouldn't have stopped Target’s BlackPOS malware attackers.
InformationWeek (January 24, 2014)
Microsoft Delays Windows XP Antivirus Doomsday
Security Essentials for XP gets 15-month extension, but some antivirus vendors promise updates through 2017 and beyond.
InformationWeek (January 16, 2014)
Is Mob-Busting RICO Overkill For Combating Cybercrime?
The milestone conviction of 22-year-old David Camez for his participation in a Russian-run "carder" forum raises legitimate questions about the role of RICO in taking down cybercrime.
InformationWeek (December 17, 2013)
Energy Department Breach Years In Making, Investigators Say
July data breach that affected up to 150,000 employees traces back to a string of managerial and technical failures, investigators conclude.
InformationWeek (December 16, 2013)
Hardware Hacker Demos Zombie Drone Hijacker
The SkyJack drone automatically seeks out and hijacks other nearby Parrot drones. Will this mean trouble for Amazon's planned drone delivery fleet?
InformationWeek (December 04, 2013)
NSA Surveillance Infected 50,000 PCs With Malware
Leaked document details agency's "implants," satellite intercepts, joint CIA eavesdropping operations, and embassy-based monitoring programs abroad.
InformationWeek (November 25, 2013)
Twitter Two-Factor Lockout: One User's Horror Story
Is the security payoff from using Twitter's two-factor authentication system worth the risk of losing account access?
InformationWeek (October 29, 2013)
Chinese Antivirus Firm NQ Called 'Massive Fraud'
Mobile anti-malware software developer NQ Mobile denies charges that it inflates its market share and makes spyware.
InformationWeek (October 25, 2013)
Experian Breach Fallout: ID Theft Nightmares Continue
Data brokers amassing gigantic data stores of people's valuable personal information are too big to not fail. Why are consumers getting stuck with the mess?
InformationWeek (October 25, 2013)
Browser Fingerprinting: 9 Facts
Tracking technology that can identify individual identities and devices is improving faster than consumers might realize, warn privacy researchers.
InformationWeek (October 24, 2013)
Forget Captcha, Try Inkblots
Researchers propose using an inkblot-matching scheme, dubbed Gotcha, to defeat dictionary-based hacks of the Captcha system.
InformationWeek (October 17, 2013)
Stratfor Hacker: FBI Entrapment Shaped My Case
Hacker Jeremy Hammond asks for leniency before sentencing, citing the role of FBI informant Sabu in his case. How far can the FBI go with suspected computer criminals?
InformationWeek (October 04, 2013)
Can You Hack A Heartbeat?
Nymi biometric wristband promises to let you unlock everything from cars to hotel rooms without a PIN or password. It authenticates you using heart rhythms.
InformationWeek (September 04, 2013)
Exclusive: Anatomy Of A Brokerage IT Meltdown
Regulators last year issued the SEC's first-ever privacy fine against broker-dealer GunnAllen for failing to protect customer data. But former IT staffers say regulators didn’t seem to know half of this cautionary tale of outsourcing and oversight gone wrong.
InformationWeek (October 08, 2012)