News

Latest Firefox version adds protection against rogue SSL certificates

By Jeremy Kirk | 03 September, 2014 12:04

Mozilla has added a defense in its latest version of Firefox that would help prevent hackers from intercepting data intended for major online services.

One more time: Use two-factor authentication on iCloud, even if there's a waiting period

By Susie Ochs | 03 September, 2014 08:28

Celebrities probably aren't used to proving they are who they say they are. People recognize them wherever they go. Your online accounts should not treat you like a celebrity.

US Home Depot breach could potentially be as big as Target's

By Jaikumar Vijayan | 03 September, 2014 06:21

In what could turn out to be another huge data breach, Home Depot on Tuesday confirmed that it is investigating a potential compromise of credit card and debit card data belonging to an unspecified number of customers.

Home Depot investigates possible payment data breach

By Zach Miners | 03 September, 2014 05:59

Home Depot said Tuesday it was investigating a possible breach of its systems holding customer payment information tied to credit and debit cards.

"Outraged" Apple issues update on celebrity cellphone nude photo breach

By Bob Brown | 03 September, 2014 05:42

Apple has issued a statement regarding the hacking of dozens of celebrities' cellphones that exploded over the weekend as actual and fake nude photos spread across the Internet. Apple says its iCloud service was not breached.

Apple says iCloud flaw not at root of celebrity photo hack

By Dan Moren | 03 September, 2014 05:22

Addressing a widespread hack of celebrities' photos, Apple on Tuesday issued an update on its investigation into the incident and said that it was continuing to work with law enforcement on the matter.

Apple blames leaked nude celebrity photos on 'targeted attack'

By Zach Miners | 03 September, 2014 05:17

A targeted attack focused on user names, passwords and security questions of Apple accounts gave hackers access to nude photos of celebrities that were then leaked over the weekend on the Internet, the company said Tuesday.

Hackers make drive-by download attacks stealthier with fileless infections

By Lucian Constantin | 03 September, 2014 04:17

Cybercriminals are increasingly infecting computers with malware that resides only in memory in order to make their attacks harder to detect.

Are your calls being intercepted? 17 fake cell towers discovered in one month

By Darlene Storm | 03 September, 2014 02:25

You wouldn't likely know if you are under cell phone surveillance, but you would if you were about to make a call and your phone displayed an unencrypted connection warning that states, "Caution: The mobile network's standard encryption has been turned off, possibly by a rogue base station (IMSI Catcher'). Unencrypted calls not recommended."

NIST issues Best Practices on how to best use Secure Shell software

By Ellen Messmer | 03 September, 2014 02:23

The Secure Shell (SSH) protocol and software suite is used by millions of system administrators to log into application and service accounts on remote servers using authentication methods that include passwords, tokens, digital certificates and public keys. But when improperly managed, SSH keys can be used by attackers to penetrate the organization's IT infrastructure.

Meet Tox, an open, privacy-focused Skype replacement

By Ian Paul | 03 September, 2014 00:56

The website 4Chan is infamous for birthing Anonymous--and more recently the major alleged iCloud hack that exposed the private photos of several celebrities. But some who frequent 4Chan, it seems, have nobler intentions.

Industrial software website used in watering hole attack

By Steve Ragan | 02 September, 2014 22:54

AlienVault Labs has discovered a watering hole attack that's using a framework developed for reconnaissance as the primary infection vector.

North Korea using foreign bases to launch cyberattacks, says HP

By John E. Dunn | 02 September, 2014 22:47

The Democratic People's Republic of North Korea (DPRK) is a country with almost no conventional Internet presence and yet it has among the most active cyberwarfare footprints of any nation on earth and appears obsessed with expanding its operations, HP has concluded after reviewing evidence from a range of third-party sources.

Namecheap says accounts compromised in hacking incident

By Jeremy Kirk | 02 September, 2014 12:54

Hosting provider, Namecheap, said on Monday that hackers compromised some of its users' accounts, likely using a recently disclosed list of 1.2 billion usernames and passwords compiled by Russian hackers.

Why hackers may be stealing your credit card numbers for years

By Jeremy Kirk | 02 September, 2014 11:06

While conducting a penetration test of a major Canadian retailer, Rob VandenBrink bought something from the store. He later found his own credit card number buried in its systems, a major worry.

After celeb hack, Apple patches password guessing weakness in iCloud

By Liam Tung | 02 September, 2014 09:44

On Monday Apple fixed a serious flaw in its iCloud service that could have been used by hackers to nab private celebrity pics leaked this week.

iCloud flaw may have allowed nude celebrity photos to leak

By Nick Mediati | 02 September, 2014 06:47

A funny thing happened on the Internet on Sunday as a cache of nude photos of Kate Upton, Jennifer Lawrence, and other big-name stars made their way onto 4chan, as BuzzFeed notes. Reports indicate that this leak may have been the result of a hacker (or hackers) taking advantage of a flaw in Apple's iCloud service.

East Midlands Ambulance Service loses patient data again

By Antony Savvas | 02 September, 2014 04:08

The East Midlands Ambulance Service has lost a data storage device containing 42,000 patient report forms - the second time it has lost sensitive patient data in three years.

Reconnaissance code on industrial software site points to watering hole attack

By Lucian Constantin | 02 September, 2014 02:39

Attackers deploy Web-based reconnaissance tool to gather information about potential targets in different industries

Europol launches international cybercrime task force

By Loek Essers | 02 September, 2014 00:47

Europol launched a cybercrime task force Monday to fight online crime in the EU and other countries.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Security and Compliance Solutions

Manage and visualize the security and compliance of VMware, physical, and hybrid-cloud infrastructure from the RSA Archer eGRC Platform.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.