Stories by Jeremy Kirk

Google+

Internet outages expected to abate as routers are modified, rebooted

A flood of updates to databases inside Internet routers caused intermittent outages on Wednesday and connectivity issues for companies, but experts expect the long-forecasted hiccup to be resolved soon.

Malware is less concerned about virtual machines

Many malicious software programs used to make a quick exit on virtual machines, a tactic designed to avoid a security check. But that isn't the case anymore, according Symantec research.

Study finds firmware plagued by poor encryption and backdoors

The first large-scale analysis of a fundamental type of software known as firmware has revealed poor security practices that could present opportunities for hackers probing the "Internet of Things."

Emerging networking technology used by Apple, Cisco will frustrate firewalls

Today's security software is ineffective against an emerging networking technology already in use by Apple for its Siri voice-recognition software, according to research presented at the Black Hat hacking conference this week.

Google lowers search ranking of websites that don't use encryption

Websites that aren't encrypting connections with their visitors may get a lower ranking on Google's search engine, a step the company said it is taking to promote better online security practices.

US federal agencies halt background checks by contractor after cyberattack

Two U.S. federal agencies have halted background checks with a contractor that said Wednesday its networks had been breached in a cyberattack suspected to have been coordinated by an unnamed country.

OpenSSL, critical encryption component, gets nine software fixes

Nine software fixes were released Wednesday for OpenSSL, a critical encryption component for exchanging data on the web, although none of the problems are as severe as the "Heartbleed" issue found in April.

Symantec patches privilege escalation flaws in Endpoint Protection

Symantec has released a patch for privilege escalation flaws in its Endpoint Protection product, and the company which found the issues released the exploit code on Tuesday.

PayPal's two-factor authentication is easily beaten, researcher says

A security feature offered by PayPal to help prevent accounts from being taken over by hackers can be easily circumvented, an Australian security researcher has found.

Is your Dropcam live feed being watched by someone else?

Dropcam, the popular video monitoring camera, bills itself as "super simple security." But a pair of researchers plan to show at the Defcon hacking conference later this week how having a Dropcam could get a lot more complicated.

Mozilla warns of leaky developer network database

Mozilla's website for developers leaked email addresses and encrypted passwords of registered users for about a month due to a database error, the organization said Friday.

Microsoft security tool EMET 5.0 puts a leash on plugins

The latest release of a Microsoft security tool that's designed to stop exploits lets administrators control when third-party plugins are launched, a long favored route for attackers.

No patch yet for zero day in Symantec Endpoint Protection software driver

A zero-day flaw in a software driver in Symantec's widely used Endpoint Protection product may be tricky to fix.

iPhone gets first free app for encrypting voice calls

An open-source project has released the first free application for the iPhone that scrambles voice calls, which would thwart government surveillance or eavesdropping by hackers.

Zero-day flaws found in Symantec's Endpoint Protection

Symantec's Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.

CIO
ARN
Techworld
CMO