Security

A detailed analysis by cybersecurity experts from the University of Maryland found that website administrators nationwide tasked with patching security holes exploited by the Heartbleed bug may not have done enough.

First disclosed in April 2014, Heartbleed presents a serious vulnerability to the popular OpenSSL (Secure Sockets Layer) software, allowing anyone on the Internet to read the memory of systems that are compromised by the malicious bug.

Microsoft is offering a bumper crop of security patches next week as part of its traditional Patch Tuesday fix fiesta.

A total of 16 patches are on the way this month, five of which are labelled 'Critical'. All five affect Windows and one also involves Internet Explorer.

L33tdawg: So what else is new?

The WireLurker malware that may have infected hundreds of thousands of Mac OS and iOS devices is exactly similar to a proof-of-concept attack Apple was warned about at the beginning of this year, according to the researcher who first publicly described such attacks.

People Power knows that you probably have a nice assortment of outdated (but still decently functional) iOS devices at home. And if they're just taking up space anyway, you might as well find a clever way to repurpose them.

So it developed Presence, an app designed to quickly convert your backup iPhone, iPad or iPod Touch into a quasi-security-camera.

iOS 8 has been technically jailbroken since October 22, but it’s taken weeks to get it polished enough for Cydia, the jailbreak alternative to the App Store.

Now that things are “stable enough,” Cydia creator Jay Freeman has flipped the switch to start allowing the sale of iOS 8 tweaks and themes.

A group of Chinese hackers called Pangu made and released the iOS 8 jailbreak last month, but it was a rather crude implementation that required bug fixes and updates to make it safe for users beyond the most experienced jailbreakers.

Just in time for the holiday season, phishers have devised a more efficient way to get unwary online shoppers to part with their personal data and financial account information.

The new technique, dubbed Operation Huyao by the security researchers at Trend Micro who discovered it, basically lessens the time and effort needed for attackers to mount a phishing campaign while also making such attacks harder to spot.

With the maturity of China's quantum information science and technology, an advanced network that is considered unhackable and will provide the most secure encryption technology is ready to commercialise in China, according to Pan Jianwei, a quantum scientist and professor at the University of Science and Technology of China, Xinhua reported on Tuesday.

 The Electronic Frontier Foundation or EFF, a non-profit digital rights group, has investigated the security of various messaging apps and created a new Secure Messaging Scorecard, ranking messaging apps and tools like iMessage, FaceTime, BlackBerry Messenger, Skype, Snapchat, and more, based on seven different factors:

2014 has seen a veritable glut of security-minded gadgets on crowdfunding sites like Kickstarter, all of them looking to add some sort of sensor tech into your living room. One of the latest examples is Point, an app-enabled smoke detector with additional sensors capable of monitoring things like temperature spikes, humidity levels, and unusual noises.

Don't feel insecure about your lack of a heavy technical background, CISOs, because the most successful CISOs are those with a business background, said Kris Lovejoy, general manager of IBM Security Services, at an IBM security leadership forum Wednesday.

Lovejoy provided a preview of research IBM conducted about the state of the CISO; the full report will be released next month. Among the findings: Most CISOs report into IT (and the CIO) "because that's where the money is," while others are reporting to their CEO, chief operating officer, or chief administrative officer.