Don't-Miss Security Stories


Dell's security-shattering PC root certificate debacle: What you need to know

In an attempt to provide a more streamlined remote support experience, Dell installed a self-signed root certificate and corresponding private key on its customers' computers, exposing users' encrypted communications to potential spying.

credit cards

As China moves to payment cards, cybercriminals follow

As China increasingly embraces payment cards over cash, Trend Micro is seeing an uptick in cybercriminal activity aimed at card fraud.

Dell PCs root certificate security error widens as researchers dig deeper

The fallout from a serious security mistake made by Dell is widening, as security experts find more issues of concern.

Dell's XPS 13 with LG TV

Dell installs self-signed root certificate on laptops, endangering users' privacy

Users are reporting that some Dell laptops sold recently come preloaded with a self-signed root digital certificate that lets attackers sniff traffic to any secure website.

Windows user account control

Nasty adware program blocks security products with simple Windows UAC trick

A well-known adware program called Vonteera prevents users from installing antivirus products by artificially blacklisting their digital certificates in Windows.

hardware security embedded circuit board integrated controller

Many routers, modems, and other devices ship without adequate security tests

An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them.

hardware security embedded circuit board integrated controller

Some Starwood hotels hit with credit card-stealing malware

The infection affected point-of-sale systems at 54 Starwood-owned hotels and resorts since late last year.

20151109 dojo device

Smart home security could come from a glowing rock next year

Home IoT security startup Dojo-Labs thinks it can reduce the complexity of a home full of connected devices to three colors: red, orange, and green.

Apple brings down apps, mainly Chinese ones, with malware

Hacking group that hit South Korea may be at it again with new target

A hacking group that crippled South Korean banks, government websites and news agencies in early 2013 may be active again, Palo Alto Networks said Wednesday.


Damballa finds tools related to the malware that hit Sony

Security company Damballa said it has found two utilities that are closely related to capabilities seen in the destructive malware that hit Sony Pictures Entertainment last year.

FBI CISO Arlette Hart

The US government wants in on the public cloud, but needs more transparency

The US federal government is trying to move more into the cloud, but service providers' lack of transparency is harming adoption, according to Arlette Hart, the FBI's chief information security officer.


Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.

amazon logo

How to protect your Amazon account with two-factor authentication

Amazon quietly added two-factor authentication as a security option for account holders in recent weeks. Here's how to activate it.

Security online

Adobe patches flaws in ColdFusion, LiveCycle Data Services and Premiere Clip

Adobe fixed important vulnerabilities in its ColdFusion application server, LiveCycle Data Services framework and Premiere Clip iOS app.

NSA headquarters

In wake of Paris attacks, legislation aims to extend NSA program

A U.S. senator plans to introduce legislation that would delay the end of the bulk collection of phone metadata by the National Security Agency to Jan. 31, 2017, in the wake of renewed security concerns after the terror attacks last Friday in Paris.