Stories by Jeremy Kirk

Google+

Telegram dimisses claim of a flaw in its secure messaging application

Telegram, a messaging application that markets itself as a secure communication tool, doesn't handle encrypted conversations securely, according to the founder of a mobile security company.

Android malware fakes phone shutdown to steal data

Next time you turn off your Android phone, you might want take the battery out just to be certain.

Revenge porn site operator faces at least two years in prison

Hunter Moore, the infamous creator of a website that published nude photos of people that had been pilfered from their email accounts, pleaded guilty on Wednesday to two counts in federal court.

Swedish man pleads guilty to peddling Blackshades malware

A Swedish man pleaded guilty Wednesday to peddling one of the most prevalent spying programs called Blackshades that was widely used by the criminal underground.

Tens of thousands of home routers at risk with duplicate SSH keys

A setup mistake has apparently left hundreds of thousands of home routers running the SSH (Secure Shell) remote access tool with identical private and public keys.

Israel targeted by malware packaged with pornographic video

Israeli institutions have been targeted by an Arab-speaking hacker group that sought to extract sensitive documents, according to Trend Micro.

Equation cyberspies use unrivaled, NSA-style techniques to hit Iran, Russia

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia.

Cybercriminal gang plunders up to $1 billion from banks over two years

A still-active cybercriminal gang has stolen up to a $1 billion from banks in at least 25 countries over the last two years, infiltrating networks with malware and spying on employees' computers to facilitate large wire transfers, Kaspersky Lab said Sunday.

Many PayPal lookalike phishing websites taken offline

PayPal has worked to shut down a handful of phishing websites that sought to steal people's login credentials by appearing to be the company's real website, according to a security company.

Researcher releases 10 million usernames, passwords from data breaches

A researcher has released 10 million usernames and passwords collected from data breaches over the last decade, a step he worries could be a legally murky but one that will help security research.

To avert another Heartbleed, group narrows list of projects in need of support

A group dedicated to averting another Heartbleed-style vulnerability is narrowing down a list of critical open source projects that will receive its funding and support.

Box fixes flaw in Mac desktop Sync app

Online file storage and sharing service Box has patched the Mac version of its desktop app after a developer found it exposed potentially sensitive bits of data, including API keys, internal user IDs, URLs and passwords.

US health insurer Anthem discloses customer and employee data breach

Anthem, one of the largest U.S. health insurers, said Wednesday one of its IT systems was breached, resulting in the loss of customer and employee information including income data.

Adobe starts patching latest Flash flaw

Adobe Systems has started distributing an update for the latest Flash security flaw, which is already being exploited in malicious advertising attacks.

US top developer of risky mobile applications

A new report identifies the U.S. as the top developer of malicious and privacy-intruding applications, a finding that contrasts with conventional wisdom that often places the problem squarely in Asia.