Stories by Jeremy Kirk

Google+

SQL injection flaw in Wall Street Journal database led to breach

A vulnerability in a web-based graphics system led to a breach of The Wall Street Journal's network by a hacker, the newspaper acknowledged late Tuesday.

Zero-day flaws in Tails aren't for sale, vulnerability broker says

A company that specializes in selling information on software vulnerabilities has reignited a debate over the handling of such information, especially when it pertains to privacy-focused tools.

Virtru launches business email encryption service for Google Apps

Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.

Goodwill Industries investigates suspected payment card breach

Goodwill Industries International said on Monday that federal authorities are investigating a possible payment card breach at its US-based retail outlets.

Black Hat presentation on TOR suddenly cancelled

A presentation on a low-budget method to unmask users of a popular online privacy tool, TOR, will no longer go ahead at the Black Hat security conference early next month.

Stealthy Web tracking tools pose increasing privacy risks to users

Three stealthy tracking mechanisms designed to avoid weaknesses in browser cookies pose potential privacy risks to Internet users, a new research paper has concluded.

Aloha point-of-sale terminal, sold on eBay, yields security surprises

Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal -- a brand of computerized cash register widely used in the hospitality industry -- on eBay for US$200.

The 'Rickmote' shows no mercy when it finds someone using Chromecast

Google's online media streaming tool, Chromecast, can be "Rickrolled" with a single click of entertainer Rick Astley's mug shot.

Mozilla's JPEG compression slims down file sizes

Mozilla has released an updated version of its JPEG compression tool that shaves down file sizes by 5 percent, a small figure but one that is significant for image-intensive Web services such as Facebook.

EA dismisses claim its Origin software spies on users

Gamemaker Electronic Arts dismissed a rumor on Tuesday that its download client called Origin secretly collects data from users' computers.

Critical design flaw in Active Directory could allow for a password change

Microsoft's widely used software for brokering network access has a critical design flaw, an Israeli security firm said, but Microsoft contends the issue has been long-known and defenses are in place.

LastPass discloses now-fixed vulnerabilities ahead of security conference

Popular password manager LastPass said it fixed two vulnerabilities that were found last year. The disclosure comes just ahead of a security conference where a research paper describing the problems is due to be presented.

Gmail users on iOS at risk of data interception

Apple users accessing Gmail on mobile devices could be at risk of having their data intercepted, a mobile security company said Thursday.

Source code for tiny 'Tinba' banking malware leaked

The source code for an impressively small but capable malware program that targets online bank accounts has been leaked, according to CSIS Security Group of Denmark.

Google blocks bogus digital certificates issued in India

Google has blocked several digital certificates issued in India that could have been used to make bogus websites appear to be run by the Web giant.