Don't-Miss Security Stories


Linux Foundation's security checklist can help sysadmins harden workstations

The Linux Foundation published a list of security recommendations for hardening Linux workstations used by systems administrators.

Qualcomm Snapdragon Smart Protect interface

Qualcomm's Snapdragon 820 processor gets technology to secure Android phones

Qualcomm is promising to improve security and privacy on high-end smartphones with Snapdragon Smart Protect, which uses on-device machine learning to help detect zero-day malware.


'KeyRaider' iOS malware targets jailbroken devices

Credentials for more than 225,000 Apple accounts have been stolen by sophisticated malware that targets modified iOS devices, according to Palo Alto Networks.

Russian-speaking hackers breach 97 websites, many of them dating ones

Russian-speaking hackers have breached 97 websites, mostly dating-related, and stolen login credentials, putting hundreds of thousands of users at risk.

Microsoft may offer some Windows 10 patch notes to enterprises

Windows 10 Enterprise has been installed in about 1.5 million business devices in less than a month. Now Microsoft is considering how to best offer patch information to users of its new OS.


US agency to seek consensus on divisive, volatile topic of security vulnerability disclosures

The U.S. National Telecommunications and Information Administration will host a series of discussions about the best way to disclose cybersecurity vulnerabilities.

A new version of the sophisticated Duqu malware is used for spying

Researchers find many more modules of Regin spying tool

Security researchers from Symantec have identified 49 more modules of the sophisticated Regin cyberespionage platform that many believe is used by the U.S. National Security Agency and its close allies.

no flash

Chrome will start freezing non-vital Flash elements on web pages soon

Google will stop some Flash content from automatically playing starting Sept. 1, a move it decided on earlier this year to improve browser performance.

Security in cloud computing

BitTorrent patches flaw that could amplify distributed denial-of-service attacks

BitTorrent fixed a vulnerability that would have allowed attackers to hijack BitTorrent applications used by hundreds of millions of users in order to amplify distributed denial-of-service (DDoS) attacks.

Researchers find holes in routers supplied by ISPs

Some routers vulnerable to remote hacking due to hard-coded admin credentials

Several DSL routers from different manufacturers contain a guessable hard-coded password that allows accessing the devices with a hidden administrator account.

Tor security concerns prompt largest dark market to suspend operations

Administrators of Agora, the largest online black marketplace operating on the Tor anonymity network, decided to temporarily suspend the website because of possible attacks based on recent methods of exposing Tor Hidden Services.

AT&T Wi-Fi hotspot reportedly stuffs extra ads into Web pages

Stanford computer scientist Jonathan Mayer was recently Web browsing at a U.S. airport when he reportedly noticed there were too many online advertisements.


US agency tells electric utilities to shore up authentication

A new U.S. National Institute of Standards and Technology guide for electric utilities offers ways they can shore up their cybersecurity efforts.

150817 google marshmallow 03

Certifi-gate flaw in Android remote support tool exploited by screen recording app

An application hosted in Google Play until yesterday took advantage for months of a flaw in the TeamViewer remote support tool for Android in order to enable screen recording on older devices.

Vinton Cerf Heidelberg Laureate Forum

'Sometimes I'm terrified' of the Internet of Things, says father of the Internet

Vint Cerf is known as a "father of the Internet," and like any good parent, he worries about his offspring -- most recently, the IoT.