Don't-Miss Security Stories

PCWorld News

Emergency vBulletin patch fixes dangerous SQL injection vulnerability

Attackers could exploit the flaw to steal information from the databases of websites running vBulletin 5

PCWorld News

Vulnerability exposes some Cisco home wireless devices to hacking

Specially crafted HTTP requests could trigger remote code execution on the affected devices, Cisco said

PCWorld News

Chaos Computer Club bolsters NSA spying complaint with Tor snooping evidence

The Chaos Computer Club wants new evidence to prompt an investigation into mass surveillance of German citizens

PCWorld News

Systems engineer arrested in massive data leak in Japan

At least 7 million names were stolen from the database of education firm Benesse

android malware

There's almost a million fake apps targeting your phone

Trend MIcro finds hundreds of thousands of fake Android apps in trawl of online stores, forums.

malware 0 100257425 orig 100309194 large

SSL Blacklist project exposes certificates used by malware

Researchers launch effort to track SSL certificates used in botnet and malware operations

PCWorld News

Overreliance on the NSA led to weak crypto standard, NIST advisers find

NIST needs to improve its cryptographic expertise in order to challenge advice received from the NSA when developing standards, report says

Google sets up cybercrime-busting task force

After unearthing the Heartbleed flaw, Google sets up a research group dedicated to finding vulnerabilities in Web software.

Critical design flaw in Microsoft's Active Directory could allow password change

Microsoft contends the general issue has been long-known, but Israel-based Aorato has developed a working attack

EA dismisses claim its Origin software spies on gamers

A screenshot posted on Reddit does not represent information collected by Origin, an EA spokeswoman said

PCWorld News

New banking malware 'Kronos' advertised on underground forums

Its creators seek to establish the new threat as a premium commercial alternative to older Trojans like Zeus

Future Java 7 security patches will work on Windows XP despite end of official support

Windows XP users will continues to receive Java 7 security updates until at least April 2015, Oracle says

laspass icon

LastPass discloses now-fixed vulnerabilities ahead of security conference

The company doesn't believe attackers exploited the flaws