Stories by Jeremy Kirk


Mobile apps could be abused to make expensive phone calls

By Jeremy Kirk | 22 August, 2014 14:43

A security precaution skipped in mobile applications such as Facebook's Messenger could be abused to make an expensive phone call at a victim's expense, a developer contends.

Retired US airport body scanners fail to spot guns, knives

By Jeremy Kirk | 21 August, 2014 13:18

A type of body scanner in wide use across U.S. airports through last year fails to spot well-concealed weapons including guns and knives, computer security researchers contend.

The UPS Store says malware found on systems of 51 stores

By Jeremy Kirk | 21 August, 2014 10:00

The UPS Store said Wednesday that malicious software was found on the systems of 51 of its franchises in 24 U.S. states, although no fraud has been detected yet.

'Reveton' ransomware upgraded with powerful password stealer

By Jeremy Kirk | 20 August, 2014 13:22

A type of malware called Reveton, which falsely warns users they've broken the law and demands payment of a fine, has been upgraded with powerful password stealing functions, according to Avast.

Many Chrome browser extensions do sneaky things

By Jeremy Kirk | 20 August, 2014 11:01

An analysis by security researchers of 48,000 extensions for Google's Chrome browser uncovered many that are used for fraud and data theft, actions that are mostly undetectable to regular users.

Facebook says most outbound email is encrypted now

By Jeremy Kirk | 20 August, 2014 03:03

Nearly all of Facebook's outbound notification emails are now encrypted while traveling the Internet, a collaborative feat that comes from the technology industry's push to thwart the NSA's spying programs.

Symantec folds nine Norton products into one service

By Jeremy Kirk | 19 August, 2014 11:27

Symantec will consolidate its cluttered Norton line of security software, folding nine products into one online service that can be used across desktop computers and mobile devices.

The biggest iPhone security risk could be connecting one to a computer

By Jeremy Kirk | 14 August, 2014 15:21 | 2 Comments

Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it's far from perfect.

Malware is less concerned about virtual machines

By Jeremy Kirk | 13 August, 2014 11:55

Many malicious software programs used to make a quick exit on virtual machines, a tactic designed to avoid a security check. But that isn't the case anymore, according Symantec research.

Study finds firmware plagued by poor encryption and backdoors

By Jeremy Kirk | 12 August, 2014 12:06

The first large-scale analysis of a fundamental type of software known as firmware has revealed poor security practices that could present opportunities for hackers probing the "Internet of Things."

Emerging networking technology used by Apple, Cisco will frustrate firewalls

By Jeremy Kirk | 08 August, 2014 11:57

Today's security software is ineffective against an emerging networking technology already in use by Apple for its Siri voice-recognition software, according to research presented at the Black Hat hacking conference this week.

Google lowers search ranking of websites that don't use encryption

By Jeremy Kirk | 07 August, 2014 16:30

Websites that aren't encrypting connections with their visitors may get a lower ranking on Google's search engine, a step the company said it is taking to promote better online security practices.

US federal agencies halt background checks by contractor after cyberattack

By Jeremy Kirk | 07 August, 2014 12:26

Two U.S. federal agencies have halted background checks with a contractor that said Wednesday its networks had been breached in a cyberattack suspected to have been coordinated by an unnamed country.

OpenSSL, critical encryption component, gets nine software fixes

By Jeremy Kirk | 07 August, 2014 11:35

Nine software fixes were released Wednesday for OpenSSL, a critical encryption component for exchanging data on the web, although none of the problems are as severe as the "Heartbleed" issue found in April.

Symantec patches privilege escalation flaws in Endpoint Protection

By Jeremy Kirk | 06 August, 2014 16:34

Symantec has released a patch for privilege escalation flaws in its Endpoint Protection product, and the company which found the issues released the exploit code on Tuesday.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Enterprise Security Suite

Comprehensive protection from your internet gateway to your mail and file servers, desktops, laptops, and mobile devices, fully integrated and centrally managed.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.