Don't-Miss Security Stories

ssl secure browser lock

Obama administration backs disclosing software vulnerabilities in most cases

The administration said information may be withheld for national security and law enforcement needs.

AT&T hacker Weev released from prison after appeals court overturns conviction

A federal appeals court has ruled that the venue for Auernheimer's prosecution wasn't appropriate

PCWorld News

Akamai admits its OpenSSL patch was faulty, reissues keys

Researcher Willem Pinckaers found a hole in Akamai's OpenSSL code tweak, used for a decade, in 15 minutes

heartbleed 1200x700

Tests confirm Heartbleed bug can expose server's private key

CloudFlare said its challenge shows how dangerous is the OpenSSL bug.

Report: NSA secretly exploited devastating Heartbleed bug for years (Update: NSA denies)

News of the Heartbleed bug has brought the Web to its knees, and Bloomberg says the NSA has been exploiting it for at least two years.

Malware virus

U.S. charges nine with distributing Zeus malware

Two defendants face arraignment in federal court Friday, charged with distributing the malware that helped siphon millions of dollars from U.S. accounts.

shutterstock 127890317

HP report: 80 percent of app vulnerabilities are really your fault

HP's 2013 Cyber Risk Report found most security risks result from configuration errors rather than flaws in the application itself.

heartbleed bug

Don't overlook URL fetching agents when fixing Heartbleed flaw on servers, researchers say

TLS clients are also vulnerable to Heartbleed memory leaking attacks, including server-side applications that fetch user-supplied URLs

In Heartbleed's wake, Comodo cranks out fresh SSL certificates

Comodo's chief technology officer warns it is still very early in the remediation process

heartbleed bug

Website operators will have a hard time dealing with the Heartbleed vulnerability

Patching the vulnerable OpenSSL software is just the first step, security experts say

whatsapplogo

FTC clears Facebook's WhatsApp deal, but warns on data collection

The FTC opened the way for Facebook to complete its WhatsApp acquisition, but urged caution in how they deal with user data. And if they don't...

counterfeit android apps1

Google amps up fight against malicious apps with enhanced Android security

A small number of people could see warnings with the new system, Google said.

US agencies: Sharing cyberthreat info isn't an antitrust violation

A policy statement from the DOJ and FTC is aimed at giving companies assurance about sharing with each other.

badfacebook

Facebook faces class action suit in Canada over interception of private messages

The social networking company is alleged to have intercepted private messages to harvest data.

Security update for BlackBerry 10 OS fixes remote code execution vulnerability

The vulnerability can be exploited via Wi-Fi when developer mode is active or via a computer USB connection, the manufacturer said