Stories by Jeremy Kirk

Google+

Four-digit passcodes remain a weak point in iOS 8 data encryption

The strength of Apple's revised encryption scheme in iOS 8 hinges on users choosing a strong passcode or password, which they rarely do, according to a Princeton University fellow.

Russian cybercrime group compromised half a million computers

A mistake by a suspected Russian-speaking cybercriminal group allowed a security vendor to peep on a campaign that stole login credentials for hundreds of thousands of online bank accounts.

Belkin says router outages should be resolved

Belkin said Tuesday afternoon it had fixed an issue that caused some of its Wi-Fi routers to disconnect from the Internet.

AT&T fired employee who improperly accessed customer accounts

AT&T fired an employee who improperly accessed about 1,600 customer accounts and could have viewed customers' Social Security and driver's license numbers.

Yahoo says attackers looking for Shellshock found a different bug

Yahoo said Monday it has fixed a bug that was mistaken for the Shellshock flaw, but no user data was affected.

JPMorgan Chase breach affected 83 million customers

Names, addresses, phone numbers and email addresses were compromised in a cyberattack on JPMorgan Chase but no "unusual" fraud has yet been detected.

1

How hackers accidentally sold a pre-release XBox One to the FBI

Earlier this week, an indictment was unsealed outlining a long list of charges against a group of men accused of running a three-year hacking spree that stole intellectual property from gaming companies.

Shellshock attacks target QNAP's network storage, FireEye says

FireEye has detected Shellshock attacks against network-attached storage devices made by Taipei-based QNAP and used by universities and research institutes in Korea, Japan and the U.S.

Malware program targets Hong Kong protesters using Apple devices

A malware program that targets Hong Kong activists using Apple devices has trademarks of being developed by a nation-state, possibly China, according to a security company.

Google triples bug bounty reward range to $US15,000

Google has tripled its maximum reward for finding flaws in its software to US$15,000, a figure the company hopes will deter independent researchers from selling their information on shady markets.

Shellshock flaw could pose risks to payments industry

The "Shellshock" flaw has the potential to pose a risk to the payments industry, but doesn't appear to have caused any problems yet, an official with a consortium run by major credit card companies warned on Tuesday.

EPIC seeks enforcement action over Arizona data breaches

A privacy watchdog filed a complaint with the Federal Trade Commission against a community college district in Arizona that lost the personal data of 2.5 million students and employees in two data breaches.

Apple patches Bash vulnerability in OS X

Apple released a patch Monday for Shellshock, a serious software vulnerability disclosed last week, although the company had said it posed no risk to most users.

Two scenarios that would make OS X vulnerable to the Shellshock bug

Apple's OS X is vulnerable to the Shellshock bug, but it's not that easy for attackers to take advantage of it, according to Intego, which specializes in security software for the operating system.

Malicious advertisements distributed by DoubleClick, Zedo networks

Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.