Stories by Jared Newman

Facebook's 'Trusted Contacts' lets friends bail you out of a hack attack

By Jared Newman | 02 May, 2013 23:18

Facebook Thursday announced a new security tool called "Trusted Contacts" for users who suspect they've been hacked.

Microsoft adds two-factor authentication to keep accounts secure

By Jared Newman | 17 April, 2013 23:01

If you're an active user of Outlook, SkyDrive, Office Web Apps, or other Microsoft services, you may want to add two-step verification for an extra layer of security.

Facebook, state attorneys general team up for teen privacy PSAs

By Jared Newman | 15 April, 2013 18:16

Although Facebook and government agencies don't always see eye to eye, several state attorneys general are teaming up with the social network on new privacy education resources.

Hack attack by Anonymous vandalises North Korea's Twitter and Flickr accounts

By Jared Newman | 04 April, 2013 23:35

While North Korea has made some serious-sounding threats about military action against the United States and South Korea lately, the country's looking a bit silly after several of its online accounts were hacked.

Can hardware help kill the password? Google thinks so

By Jared Newman | 20 January, 2013 18:12

To help the Internet move on from usernames and passwords, Google wants to put a ring on it.

Facebook Graph Search leaves little privacy and no opting out

By Jared Newman | 19 January, 2013 00:48

Although Facebook's Graph Search isn't available to most users yet, once it rolls out more broadly, there won't be any escaping it.

Privacy leaks are still rampant in kids' apps, FTC reports

By Jared Newman | 10 December, 2012 23:51

Parents beware: Many iPhone and Android apps designed for children are playing fast and loose with privacy, according to the Federal Trade Commission.

Facebook policy change questioned by Irish government

By Jared Newman | 28 November, 2012 19:27

Facebook may modify its plans to share user data with affiliates such as Instagram, thanks to pressure from government regulators in Ireland.

Senate bill to allow warrantless government access to your online services

By Jared Newman | 21 November, 2012 01:26

In a dumbfounding display of politics at work, a U.S. Senate bill that, at one point, would have protected e-mail privacy has gone the opposite way, and would allow government surveillance of online services without a warrant if passed into law.

Facebook moves all users to HTTPS for added security

By Jared Newman | 20 November, 2012 21:27

Just in time for holiday travels, Facebook is moving all users to HTTPS connections to help block attacks over Wi-Fi networks.

Google says government surveillance keeps rising

By Jared Newman | 15 November, 2012 13:51

As Google grows, so too does government surveillance of its users.

'Password' is still the worst password, but watch out for 'ninja'

By Jared Newman | 25 October, 2012 00:31

Although the tech world is always changing, one thing remains the same: A lot of people use terrible passwords.

Google buys browser-based malware scanner VirusTotal

By Jared Newman | 09 September, 2012 15:01

Google has acquired Web-based URL scanner VirusTotal in what may be an effort to improve browser security.

iPhone Flaw Allows SMS Spoofing, Says Hacker

By Jared Newman | 17 August, 2012 22:14

A hacker known for jailbreaking Apple devices claims that the iPhone is vulnerable to text message spoofing, even in the latest beta of iOS 6.

Gauss Malware: What You Need to Know

By Jared Newman | 10 August, 2012 20:58

Another day, another scary computer virus tearing through the Middle East. The latest piece of malware is called Gauss, and it's designed to steal bank account credentials while gathering as much information about the infected machines as possible.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security That Fits

Improve the effectiveness of your security or get unique network threat discovery and remediation

more »

Submit your own security event

Submit your training courses

Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.

Read More
more »