Don't-Miss Security Stories

PCWorld News

Montana data breach exposed 1.3 million records

The exposed data included health assessments, prescriptions and diagnoses for some residents

Facial recognition proposal lacks privacy protections, advocate says

A trade group's recommendations for best privacy practices run counter to US values, an ACLU lawyer says

PCWorld News

New Havex malware variants target industrial control system and SCADA users

Attackers compromised ICS/SCADA vendor sites and altered software downloads to distribute the malware, researchers from F-Secure said

Even encrypted Web traffic can reveal highly sensitive information

Merely knowing what pages a person views on a website can hint at their personal life

PCWorld News

AskMen.com website redirects to Caphaw malware, WebSense says

High-traffic websites can potentially expose thousands of visitors to automated attacks

heartbleed primary

Two months later, Heartbleed patching stalls out with 300k servers still vulnerable

A large number of sites are still vulnerable to Heartbleed, but it's unlikely we'll see them get patched anytime soon.

PCWorld News

Exposing hidden domain registrations could hurt innocent users more than criminals

Proxy services to hide details of domain registrants from the Whois database should be allowed, a researcher said

encryption security lock 100052900 large

Google develops BoringSSL, its own 'boring' version of OpenSSL encryption

But fear not: This fork isn't intended to replace OpenSSL.

PCWorld News

Ad network compromise led to rogue page redirects on Reuters site

The Syrian Electronic Army compromised a third-party widget to redirect some Reuters.com visitors to a defacement page

The EFF wants to improve your privacy by making your Wi-Fi public

Could allowing strangers to use your Wi-Fi actually protect your privacy? The EFF thinks so, and plans to make it easier with a new tool.

PCWorld News

Tool aims to help enterprise IT manage 'honeypot' hacker decoys

Developers of the Modern Honey Network want to simplify deployment and monitoring of these threat-intelligence systems

Android 4.4.4 fixes OpenSSL hijacking vulnerability

A new version of Android for Nexus devices is primarily a security update that patches the bundled OpenSSL library

PCWorld News

Alert issued over plain text passwords in some Super Micro motherboards

A scan of the Internet showed more than 31,000 servers are vulnerable