Two databases collecting hundreds of millions of compromised credentials—usernames and passwords stolen by attackers or leaked to the Web—were exposed this week in separate incidents.
Microsoft has released the latest edition of its twice-annual Security Intelligence Report, its survey of the security landscape and threats around the world. The survey has a ton of data about what malware is infecting people, which parts of the world are seeing more attacks, and more.
The OpenSSL cryptographic library is used to provide Secure-Socket Layer (SSL) and Transport Layer Security (TLS) in many popular web sites. These include Twitter, GitHub, Yahoo, Tumblr, Steam, and DropBox.
OpenSSL isn't just used in web sites. OpenVPN, an open-source virtual private network, and older versions of the secure login and terminal program OpenSSH, use OpenSSL.
A precocious youth has won a $10,000 bug bounty from Facebook after he figured out a way to delete other users' comments from Instagram's servers, Mashable reports.
A hacker-group affiliated to Islamic State (Isis) has claimed to have planted a mole in the Ministry of Defence and is threatening to leak secret British intelligence data. The group, which goes by the name Islamic State Hacking Division, had earlier published an anti-drone warfare document, in which it had listed US Air Force drone pilots – believed to be involved in air strikes against terrorists in Iraq and Syria – as potential targets of the militants.