Stories by Jeremy Kirk


Zero-day flaws in Tails aren't for sale, vulnerability broker says

By Jeremy Kirk | 23 July, 2014 12:27

A company that specializes in selling information on software vulnerabilities has reignited a debate over the handling of such information, especially when it pertains to privacy-focused tools.

Virtru launches business email encryption service for Google Apps

By Jeremy Kirk | 22 July, 2014 21:34

Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.

Goodwill Industries investigates suspected payment card breach

By Jeremy Kirk | 22 July, 2014 13:43

Goodwill Industries International said on Monday that federal authorities are investigating a possible payment card breach at its US-based retail outlets.

Black Hat presentation on TOR suddenly cancelled

By Jeremy Kirk | 22 July, 2014 12:59

A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month.

Stealthy Web tracking tools pose increasing privacy risks to users

By Jeremy Kirk | 22 July, 2014 11:27

Three stealthy tracking mechanisms designed to avoid weaknesses in browser cookies pose potential privacy risks to Internet users, a new research paper has concluded.

Aloha point-of-sale terminal, sold on eBay, yields security surprises

By Jeremy Kirk | 18 July, 2014 14:15

Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal -- a brand of computerized cash register widely used in the hospitality industry -- on eBay for US$200.

The 'Rickmote' shows no mercy when it finds someone using Chromecast

By Jeremy Kirk | 17 July, 2014 13:14

Google's online media streaming tool, Chromecast, can be "Rickrolled" with a single click of entertainer Rick Astley's mug shot.

EA dismisses claim its Origin software spies on users

By Jeremy Kirk | 15 July, 2014 16:54

Gamemaker Electronic Arts dismissed a rumor on Tuesday that its download client called Origin secretly collects data from users' computers.

Critical design flaw in Active Directory could allow for a password change

By Jeremy Kirk | 15 July, 2014 16:53

Microsoft's widely used software for brokering network access has a critical design flaw, an Israeli security firm said, but Microsoft contends the issue has been long-known and defenses are in place.

LastPass discloses now-fixed vulnerabilities ahead of security conference

By Jeremy Kirk | 14 July, 2014 12:34

Popular password manager LastPass said it fixed two vulnerabilities that were found last year. The disclosure comes just ahead of a security conference where a research paper describing the problems is due to be presented.

Gmail users on iOS at risk of data interception

By Jeremy Kirk | 11 July, 2014 13:33

Apple users accessing Gmail on mobile devices could be at risk of having their data intercepted, a mobile security company said Thursday.

Source code for tiny 'Tinba' banking malware leaked

By Jeremy Kirk | 11 July, 2014 11:14

The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.

Google blocks bogus digital certificates issued in India

By Jeremy Kirk | 09 July, 2014 12:47

Google has blocked several digital certificates issued in India that could have been used to make bogus websites appear to be run by the Web giant.

Facebook kills Lecpetex botnet, which hit 250,000 computers

By Jeremy Kirk | 09 July, 2014 10:43

Facebook said police in Greece made two arrests last week in connection with a little-known spamming botnet called Lecpetex, which used hacked computers to mine the Litecoin virtual currency.

Spamhaus pushes for arrests of alleged DDoS participants

By Jeremy Kirk | 08 July, 2014 10:52

An antispam organization is pushing for quick law enforcement action against five people it alleges took part in one of the largest cyberattacks on record that caused Internet outages throughout Europe early last year.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get powerful mobile security capabilities, and protect the data the various mobile devices inside your organization.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.