Don't-Miss Stories

drupal logo

Drupal users: Assume your site was hacked if you didn't apply Oct. 15 patch immediately

Drupal site owners who failed to rapidly deploy a recent critical patch were advised to restore their sites from backups

Rogue Tor 'exit node' server added malware to legitimate downloads

The server used a technique to append malware to legitimate code.

target

The 'Backoff' malware used in retail data breaches is spreading

A rising number of devices are connecting to Backoff-related infrastructure, Damballa says.

Sophisticated phishing attacks launched against Outlook Web App users

The group targeted military agencies, embassies, defense contractors and media organizations, researchers from Trend Micro said

adobe logo

After uproar, Adobe begins encrypting user data collected from Digital Editions app

The company was criticized for sending data about content to its servers in plain text

poodle attack

Apple ending SSL 3.0 push notifications in wake of severe POODLE vulnerability

Apple is one of many companies moving to shut down SSL 3.0 for good.

Twitter brings log-in via phone number to wider app landscape with 'Fabric' platform

The tool provides an alternative to traditional social sign-in

windows10 logo

Windows 10 to get two-factor authentication built-in

The new OS will feature enhancements in areas like identity protection, data security and malware resistance

securityshowdown primary

Microsoft discloses severe Office zero-day flaw, publishes quick fix

Attacks are under way using PowerPoint file, the company said

Flash vulnerability being exploited in large-scale attacks, mere days after patch

The Fiesta exploit kit bundles an exploit for the CVE-2014-0569 vulnerability in Flash Player, researchers found