Security

Security news, trends, analysis and practical advice

06 bank accounts atm

p1200591

Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the CIA were patched years ago, according to Apple.

Google Play

Google Play faces cat-and-mouse game with Android malware

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store -- where software is vetted – is perhaps the best advice. But that doesn’t mean Google Play is perfect.

Digital Key encryption

To punish Symantec, Google may distrust a third of the web's SSL certificates

Google plans to remove the extended validation (EV) status of any such certificates issued by Symantec and force the company to replace all of its customers' certificates.

FBI

FBI director floats international framework on encrypted data access

The FBI director James Comey is suggesting an international approach to solving the encryption debate. He proposes that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

161214 apple newyork

Leaked iCloud credentials came from third parties, Apple says

The iCloud credentials that the Turkish Crime Family hacker group claims to have weren't obtained through a breach of the Apple's services.

android security

Most Android devices lack latest security patches

Nearly three-quarters of Android devices on the five biggest U.S. carriers are running on security patches that are at least two months old, putting them at greater risk of being hacked.

android security danger

Google: Half of Android devices haven’t been patched in a year or more

Google acknowledged that half of all Android devices had not received a security update in the past year, but the company is working to streamline the patching process.

21394517746 9a77570fae o

Newly leaked documents show low-level CIA Mac and iPhone hacks

The CIA has had tools to infect Apple Mac computers by connecting malicious Thunderbolt Ethernet adapters to them since 2012, according to new documents purported to be from the agency and published by WikiLeaks.

FCC building in Washington

Senate votes to kill FCC's broadband privacy rules

The U.S. Senate has voted to kill broadband provider privacy regulations prohibiting them from selling customers' web-browsing histories and other data without permission.

NSA headquarters

Snowden's ex-boss offers advice on stopping insider threats

Steven Bay, a former defense contractor, knows a thing or two about insider threats. For a brief period, he was the boss of Edward Snowden, the famous leaker who stole sensitive files from the National Security Agency.

20160511 iotworld buddy lego city

Look before you leap: 4 hard truths about IoT

The internet of things still looks promising, with forecasts for billions of devices to solve all sorts of problems. But as promising as the technology is, it has shortcomings.

code programming software bugs cybersecurity

LastPass fixes serious password leak flaws

Developers of the popular LastPass password manager rushed to push out a fix to solve a serious vulnerability that could have allowed attackers to steal users' passwords or execute malicious code on their computers.

05 passwords

iPhone, Mac owners: How to stymie hackers extorting Apple, threatening to wipe devices

Hackers claiming to have hundreds of millions of iCloud credentials have threatened to wipe date from iPhones, iPads and Macs.

p1200736

Google cites progress in Android security, but patching issues linger

The chances of you installing malware on your Android phone is incredibly small, according to Google.

p1200588

Hackers demand $150K ransom, threaten to wipe millions of Apple devices

A group of hackers is threatening to wipe millions of iOS devices in two weeks if Apple doesn't pay them $150,000.

surveillance, spying, cameras, IP cameras

U.S. lawmakers question police use of facial recognition tech

U.S. lawmakers plan to introduce legislation to limit the FBI's and other law enforcement use of facial recognition technology after concerns about the mass collection of photographs in police databases.

woman on tablet with broken lock

Password-stealing flaws in LastPass Chrome and Firefox extensions

Critical vulnerabilities in the Chrome extension and Firefox add-on for LastPass could be exploited to steal passwords and remotely execute code.

video

Security Sessions: Where is VC security funding going?

In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild sits down with Jeff Fagnan from Accomplice, a venture capital and private equity firm in Cambridge, Mass. The two discuss the current state of VC funding...

Load More