Stories by Jeremy Kirk


Until the Tails privacy tool is patched, here's how to stay safe

By Jeremy Kirk | 28 July, 2014 11:24

Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.

New guide aims to remove the drama of reporting software flaws

By Jeremy Kirk | 25 July, 2014 15:36

Handling a software flaw can be messy, both for a security researcher who found it and for the company it affects. But a new set of guidelines aims to make that interaction less mysterious and confrontational.

Firm says vulnerability in Tails contained in I2P component

By Jeremy Kirk | 24 July, 2014 10:30

A vulnerability broker published a video demonstrating one of several flaws it has found in the privacy-focused Tails operating system, which is used by those seeking to make their Web browser harder to trace.

SQL injection flaw in Wall Street Journal database led to breach

By Jeremy Kirk | 23 July, 2014 20:34

A vulnerability in a web-based graphics system led to a breach of The Wall Street Journal's network by a hacker, the newspaper acknowledged late Tuesday.

Zero-day flaws in Tails aren't for sale, vulnerability broker says

By Jeremy Kirk | 23 July, 2014 12:27

A company that specializes in selling information on software vulnerabilities has reignited a debate over the handling of such information, especially when it pertains to privacy-focused tools.

Virtru launches business email encryption service for Google Apps

By Jeremy Kirk | 22 July, 2014 21:34

Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.

Goodwill Industries investigates suspected payment card breach

By Jeremy Kirk | 22 July, 2014 13:43

Goodwill Industries International said on Monday that federal authorities are investigating a possible payment card breach at its US-based retail outlets.

Black Hat presentation on TOR suddenly cancelled

By Jeremy Kirk | 22 July, 2014 12:59

A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month.

Stealthy Web tracking tools pose increasing privacy risks to users

By Jeremy Kirk | 22 July, 2014 11:27

Three stealthy tracking mechanisms designed to avoid weaknesses in browser cookies pose potential privacy risks to Internet users, a new research paper has concluded.

Aloha point-of-sale terminal, sold on eBay, yields security surprises

By Jeremy Kirk | 18 July, 2014 14:15

Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal -- a brand of computerized cash register widely used in the hospitality industry -- on eBay for US$200.

The 'Rickmote' shows no mercy when it finds someone using Chromecast

By Jeremy Kirk | 17 July, 2014 13:14

Google's online media streaming tool, Chromecast, can be "Rickrolled" with a single click of entertainer Rick Astley's mug shot.

EA dismisses claim its Origin software spies on users

By Jeremy Kirk | 15 July, 2014 16:54

Gamemaker Electronic Arts dismissed a rumor on Tuesday that its download client called Origin secretly collects data from users' computers.

Critical design flaw in Active Directory could allow for a password change

By Jeremy Kirk | 15 July, 2014 16:53

Microsoft's widely used software for brokering network access has a critical design flaw, an Israeli security firm said, but Microsoft contends the issue has been long-known and defenses are in place.

LastPass discloses now-fixed vulnerabilities ahead of security conference

By Jeremy Kirk | 14 July, 2014 12:34

Popular password manager LastPass said it fixed two vulnerabilities that were found last year. The disclosure comes just ahead of a security conference where a research paper describing the problems is due to be presented.

Gmail users on iOS at risk of data interception

By Jeremy Kirk | 11 July, 2014 13:33

Apple users accessing Gmail on mobile devices could be at risk of having their data intercepted, a mobile security company said Thursday.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Trust Authority

Reduce complexity and increase trust for public cloud service providers and their customers.

Latest Jobs
Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.