Don't-Miss Security Stories

150817 google marshmallow 04

Android malware steals one-time passcodes to hijack accounts protected by two-factor authentication

One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec.

why stolen laptops still cause data breaches

Why stolen laptops still cause data breaches, and what's being done to stop them

It just takes one lost laptop to ruin a company's security. Some firms have solid plans for managing the risk. Does yours?

security code big data cyberespionage

EFF says Cisco shouldn't get off the hook for torture in China

Cisco Systems built a security system for the Chinese government knowing it would be used to track and persecute members of the Falun Gong religious group, according to the Electronic Frontier Foundation technology rights group.

Data Scientist

New remote access Trojan Trochilus used in cyberespionage operations

A cyberespionage group was found using a new remote access Trojan dubbed Trochilus whose detection rate was very low among antivirus products.

security code big data cyberespionage

Europol tracks DD4BC cyber-extortion gang to Bosnia

The DD4BC gang has demanded bitcoin in return for not divulging information or disrupting online services.

Firefox

Mozilla's Persona login system to shut down November 30

Mozilla's login system Persona will be shut down on Nov. 30 as its usage is low and has not grown over the last two years.

Padlock

Trend Micro flaw could have allowed attacker to steal all your passwords

A discovery by a well-known Google security researcher provides further proof how antivirus programs designed to shield computers from attacks can sometimes provide a doorway for hackers.

clock

Microsemi builds better security into network time appliance

To make timekeeping more reliable, Microsemi is releasing two appliances it says are hardened against attacks and have better redundancy if other services such as GPS aren't working.

drupal7

Drupal to secure its update process with HTTPS

Developers of the popular Drupal content management system are working to secure the software's update mechanism after a researcher found weaknesses in it.

Data Scientist

Malware alone didn't cause Ukraine power station outage

A new study of a cyberattack last month against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers.

White House to meet Silicon Valley tech firms on combating radicalization

A team of senior White House officials plans to meet with Silicon Valley tech leaders on Friday to discuss ways the two can work together in combating radicalization and extremism.

150108 josh earnest

White House hopes for 'common ground' in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways the two can work together to combat extremism and radicalization.

Mozilla Firefox browser

Unlike Mozilla, Google anticipated SHA-1 errors caused by HTTPS traffic inspection systems

Unlike Mozilla, Google plans to ban only SHA-1 certificates that were issued after Jan. 1 by public certificate authorities, not self-generated ones too.

android security danger

Google banishes 13 militant, malware-sporting apps from the Play Store

The 'Brain Trust' malware family not only gains root access to your device, but can assign five-star reviews to its infected apps.

security hacker code cyberespionage

Antivirus software could make your company more vulnerable

Cyberespionage groups could easily exploit vulnerabilities in antivirus programs to break into corporate networks, according to vulnerability researchers who have analyzed such products in recent years.

Tim

FBI, NSA seek tech firms' help in war on terror at Silicon Valley meeting

It's no secret that the U.S. government wants the tech industry's help in waging its war on terror. What has been a secret, up till now, is the exact agenda of a meeting between technology executives and government officials, to be held in Silicon Valley on Friday.