Don't-Miss Security Stories

fireeye soc

FireEye acquires Invotas for faster incident response

FireEye said Monday it has acquired Invotas, a company that develops a platform that helps administrators respond faster to security incidents.

bald eagle

This bird could be a drone's worst enemy

When it comes to the problem of stopping errant drones, there's been a number of high-tech solutions. From radio jamming to laser beams to nets launched by other drones, but a group in The Netherlands is proposing a low-tech solution that's much more elegant.

malicious google play apps

Trojanized Android games hide malicious code inside images

Over 60 Android games hosted on Google Play had Trojan-like functionality that allowed them to download and execute malicious code hidden inside images.

150902 encrypt android

Harvard study refutes 'going dark' argument against encryption

A study from Harvard released Monday largely refutes claims that wider use of encryption in software products will hamper investigations into terrorism and crime.

The Chrome Web Store's main storefront

Google's Chrome Web Store lists malicious Chrome apps ahead of legit extensions

The Chrome Web Store is more interested in pushing Chrome apps than giving users the best search results.

20151005 Cisco headquarters sign

Cisco patches authentication, denial-of-service, NTP flaws in many products

Cisco Systems has released security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls.

HSBC headquarters reception

Attack disrupts HSBC online banking services in the UK on tax deadline

A denial-of-service attack against HSBC in the U.K. left customers unable to access their accounts via the bank's online system.

lg g3 5

LG patches data theft bug affecting millions of Android phones

LG has patched a security flaw in an application preinstalled on millions of its Android G3 smartphones that researchers found could be used to steal a variety of data.

security code big data cyberespionage

OpenSSL patches a severe, but not widespread problem

The OpenSSL project has patched a problem in the cryptographic library but one that likely does not affect many popular applications.

Apple iPhone 5S (1)

Increasingly popular "hot patching" update tool for iOS apps puts users at risk

An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through the official app store's review process, an action that poses security risks for users.

chromex

Google will mark non-encrypted websites with a scarlet letter

Google Chrome can mark unencrypted sites with a red "X," but only as an optional feature for now.

3 virustotal

Google's VirusTotal now identifies suspicious firmware

Google's VirusTotal service has added a new tool that analyzes firmware, the low-level code that bridges a computer's hardware and operating system at startup.

Java logo

Oracle's killing a favorite security hole for attackers: the Java browser plug-in

Next year, the Java browser plug-in, which is frequently the target of Web-based exploits, will be retired by Oracle.

150817 google marshmallow 03

New Android ransomware uses clickjacking to gain admin privileges

A new Android ransomware app called Lockdroid.E is abusing system dialogs to hijack user clicks and grant itself administrator privileges.

The ultra-secure Tails OS beloved by Edward Snowden gets a major upgrade

Tails 2.0 is out with improved features, a new desktop shell, and an easier way for new users to install the OS.