Stories by Jon Gold

Fake Android anti-virus app taken down

By Jon Gold | 08 April, 2014 02:17

Virus Shield, by developer Deviant Solutions, was a handsome, apparently easy-to-use security app for Android devices. For $4, the app promised hassle-free, ad-free security for Android users, without impacting battery life or performance. And, mostly, Virus Shield delivered - no ads, no fuss.

Emerging nations want uncensored Internet access, Pew survey shows

By Jon Gold | 19 March, 2014 14:55

A study released today by the Pew Research Center shows that majorities in 22 of 24 developing nations surveyed want their access to the Internet to be free of government censorship, including 70%+ majorities in half of the countries that were included.

Major security flaw threatens Linux users

By Jon Gold | 05 March, 2014 00:36

A source code mistake in the GnuTLS library – an open-source software building block used in a large number of different Linux distributions to handle secure Internet connections – could prove a serious threat to the privacy of Linux users, as developers rush to patch the vulnerability.

Nokia in hot water over Finland privacy flap

By Jon Gold | 25 February, 2014 20:59

Finnish mobile phone manufacturer Nokia is under fire today over revelations that its Lumia line of Windows Phone-powered handsets sent personal data – including information from phones used by senior members of Finland's government – to Microsoft servers in the U.S., according to a report in the Helsinki Times.

DARPA shows off clearinghouse site for open-source code and information

By Jon Gold | 05 February, 2014 00:32

The Defense Advanced Research Projects Agency debuted a new website dedicated to sharing open-source data and publications today, calling it the DARPA Open Catalog.

Reddit, Mozilla, EFF to hold day of protest, activism in memory of Aaron Swartz

By Jon Gold | 10 January, 2014 21:01

A broad coalition of well-known organizations announced today that it will stage an online protest against wide-ranging government surveillance of Internet users on Feb. 11, in memory of activist Aaron Swartz.

Tech titans urge surveillance reform

By Jon Gold | 10 December, 2013 18:04

An industry consortium featuring some of the biggest names in technology – including Google, Microsoft, Facebook and Reddit – is urging the Obama Administration to support a major overhaul of laws governing electronic surveillance.

Foundation exec slams Microsoft for 'meaningless' security pledge

By Jon Gold | 06 December, 2013 17:17

The Free Software Foundation on Thursday attacked Microsoft for "meaningless" public statements on privacy and security, claiming that Windows is "fundamentally insecure."

Georgia Tech researcher flags flaw in open-source vets health system

By Jon Gold | 04 December, 2013 17:23

An academic exercise by a security researcher blossomed into a live-fire infosec emergency last month, after a major vulnerability was found in a central U.S. government healthcare database system.

Million-dollar robbery rocks Bitcoin exchange

By Jon Gold | 25 November, 2013 23:02

Bitcoin Internet Payment Services, a Denmark-based exchange billing itself as Europe's biggest, was robbed of bitcoins worth more than $1 million in a theft that took place over the course of the past several days.

Android Roundup: Samsung takes its medicine in astroturfing, defective phone flap

By Jon Gold | 25 October, 2013 20:14

Samsung made a lot of headlines this week, though probably not for the reasons it would like.

Firefox community roiled by Java crackdown

By Jon Gold | 22 October, 2013 20:28

The Firefox web browser will, henceforth, require users to manually activate Java objects on sites that they visit, Mozilla has confirmed. The change is aimed at improving security and moving away from a dependence on proprietary plug-ins, but critics say it will cause untold headaches for developers, admins and less-technical end-users.

Google among ad networks doing business with shady injector services

By Jon Gold | 25 September, 2013 16:12

Rogue web plug-ins that inject their own content over the top of legitimate ads are still in widespread use by unscrupulous advertisers – and Google, Yahoo and other major networks are keeping them in business, according to a recent study.

Tesla's Model S vulnerable to hackers, kind of

By Jon Gold | 27 August, 2013 22:02

It's the curse of the connected car – once it's linked to the Internet, it's, well, on the Internet. In the case of the Tesla Model S, this means that malicious hackers could, in theory, control some functions of the vehicle and even track it without the owner's knowledge.

In Pictures: The 9 ugliest allegations of China-based IP theft

By Jon Gold | 14 August, 2013 08:28

IP theft continues to be a threat to businesses’ bottom lines – and a major issue for Sino-American relations.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Email Security and Data Protection

Encrypt your sensitive email

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.