Don't-Miss Security Stories

microsoft oopsie

Microsoft accidentally releases Windows 7 'test' patch, freaks out users

If you run Windows 7 and saw an unknown patch this morning that seemingly disappeared, relax. It was a Microsoft error.

login prompt security screen

Dyreza malware steals IT supply chain credentials

New versions of the Dyreza computer Trojan are configured to steal credentials for order fulfillment, warehousing, inventory management, ecommerce and other IT and supply chain services.

UCSF Medical Center at Mission Bay MRI

Thousands of medical devices are vulnerable to hacking, security researchers say

Thousands of medical devices, including MRI scanners, x-ray machines and drug infusion pumps, are vulnerable to hacking, creating significant health risks for patients, security researchers said this week.

angry linux

A Linux botnet is launching crippling DDoS attacks in excess of 150Gbps

The security response team from Akamai Technologies have observed multiple attacks originating from a Linux botnet recently that have ranged from a few gigabits per second to over 150.

thinkstockphotos 161719626

Newly found TrueCrypt flaw allows full system compromise

James Forshaw, a member of Google's Project Zero team, has recently discovered two serious vulnerabilities in the driver that the TrueCrypt full disk encryption program installs on Windows systems.

Security in cloud computing

After pushing malware, ad networks also used for DDoS

Experts believe a recent large-scale distributed denial-of-service attack was launched through malicious ads displayed on mobile devices.

The Blackphone 2 front and back

Silent Circle's privacy-centric Blackphone 2 launches with full Play Store support

The Blackphone 2 is designed to meet the management and security needs of enterprises, while not alienating workers who will end up using it for their personal affairs as well.

victim of identity theft

One in every 14 Americans fell victim to identity theft last year

A total of 17.6 million people were victims of identity theft in the United States in 2014, the majority of it aimed at credit cards and bank accounts, the Department of Justice said Sunday.

Digital Key

Cookie handling in browsers can break HTTPS security

Man-in-the-middle attackers can inject cookies over HTTP connections in order to extract information from encrypted HTTPS traffic.

10 weird and wild cutting-edge security threats

These ten threats, bugs, and vulnerabilities serve as reminders that computer security goes well beyond the PC.

angry peasants mob farmers pitchforks

Boycott tech companies supporting CISA, privacy group urges

Fight For the Future's message is simple: if a company supports CISA, it should be avoided.

atm cash machine money

New malware program infects ATMs, dispenses cash on command

A new malware program called GreenDispenser infects automated teller machines (ATMs) and allows attackers to extract cash on command.


Windows Vista/7/8 update prevents some old CD-ROM games from running

Citing security issues, Microsoft disables Safedisc DRM. But users can make old games work again at their own risk.

freefromransomware primary

Ransomware pushers up their game against small businesses

File encrypting ransomware creators are increasingly focusing their attention on small and medium-sized businesses because they're more likely to pay up the ransom fees.

Mobile security

Apple lists 25 apps impacted by XcodeGhost

Apple has identified 25 iOS apps on its stores that used a rogue version of its Xcode development tool.