Stories by Jeremy Kirk

Google+

Drupal releases patch for severe SQL injection flaw

Drupal has released a patch for a highly critical flaw in its content management system, which could allow rogue code to run.

FBI warns of cyberattacks linked to China

The U.S. Federal Bureau of Investigation issued a warning to companies and organizations on Wednesday of cyberattacks by people linked with the Chinese government.

Facebook doubles reward for bug reports in advertising code

Facebook is doubling the rewards it will pay for security vulnerabilities related to code that runs its advertising system, the company said Wednesday.

Security experts warn of 'POODLE' attack against SSL 3.0

Google researchers have found a severe flaw in an obsolete but still used encryption software, which could be exploited to steal sensitive data.

Security vendors claim progress against Chinese group that hacked Google

A group of security companies say a collaborative effort has helped counter several hacking tools used by a China-based group most known for provoking strong condemnation from Google four years ago.

YouTube served malicious advertisements, Trend Micro says

Malicious advertisements, some of which were displayed on YouTube, redirected more than 113,000 people in the U.S. to harmful websites in just a month, Trend Micro said Tuesday.

'Hurricane Panda' hackers used Microsoft zero-day, CrowdStrike says

One of the zero-day flaws patched by Microsoft on Tuesday had been used for some time by a group with suspected Chinese government ties that targets technology companies, CrowdStrike's chief executive said.

1

Cisco advises users to lock down WebEx to prevent snooping

Cisco has warned customers to lock down WebEx after a security researcher and journalist found many big-name companies left some online meetings open for anyone to join.

Hong Kong democracy activist websites compromised

Four websites promoting democracy in Hong Kong have been rigged to deliver malicious software, according to a Washington, D.C.-based security company.

Dairy Queen stores hit by 'Backoff' malware, payment card data stolen

Dairy Queen said Thursday the "Backoff" point-of-sale malware infected systems at 395 of its stores, stealing payment card data.

Russian faces more charges in point-of-sale hacking case

A Russian man accused of hacking point-of-sale systems in the U.S. is facing additional charges following a revised indictment returned by a grand jury on Thursday, the U.S. Department of Justice said.

Four-digit passcodes remain a weak point in iOS 8 data encryption

The strength of Apple's revised encryption scheme in iOS 8 hinges on users choosing a strong passcode or password, which they rarely do, according to a Princeton University fellow.

Russian cybercrime group compromised half a million computers

A mistake by a suspected Russian-speaking cybercriminal group allowed a security vendor to peep on a campaign that stole login credentials for hundreds of thousands of online bank accounts.

Belkin says router outages should be resolved

Belkin said Tuesday afternoon it had fixed an issue that caused some of its Wi-Fi routers to disconnect from the Internet.

AT&T fired employee who improperly accessed customer accounts

AT&T fired an employee who improperly accessed about 1,600 customer accounts and could have viewed customers' Social Security and driver's license numbers.