Stories by Jeremy Kirk

Google+

Chinese hacker group among first to target networks isolated from Internet

An otherwise unremarkable hacking group likely aligned with China appears to be one of the first to have targeted so-called air-gapped networks that are not directly connected to the Internet, according to FireEye.

White Lodging Services confirms second payment card breach

A large hotel management company has confirmed a second payment card breach in less than 14 months, underscoring the difficulties businesses are having with data thieves.

Encryption startup Vera locks down transferred documents

In Silicon Valley, the recruiting game is extremely competitive, according to Ron Harrison, founder of Jivaro Professional Headhunters, a specialist in placing technology candidates.

FBI says supposed ISIS sympathizers exploiting WordPress plugins

The Federal Bureau of Investigation warned on Tuesday that attackers claiming to be sympathetic to the extremist group ISIS are targeting websites that have vulnerable WordPress plugins.

SingTel acquires TrustWave for managed security services

SingTel will acquire TrustWave Holdings, the largest U.S. independent provider of managed security services, for $810 million, the companies said on Tuesday.

Linux Australia breached, personal details leaked

The open-source and free software user group Linux Australia said personal information for attendees of two conferences it hosts may have been leaked after malware was found on one of its servers.

Wider use of HTTPS could have prevented attack against GitHub

The unique attack method used to disrupt the code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption, the Electronic Frontier Foundation (EFF) said Wednesday.

EFF questions US government's software flaw disclosure policy

It's not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation.

GitHub recovering from massive DDoS attacks

Software development platform GitHub said it was still experiencing intermittent outages from the largest cyberattack in its history but had halted most of the attack traffic.

An SDN vulnerability forced OpenDaylight to focus on security

Open-source software projects are often well intended, but security can take a back seat to making the code work.

Facebook's Like button can still easily be gamed

Facebook's Like button is a pervasive feature of the Web, a way to gauge the popularity of a website or piece of content. But researchers have found it's easy to inflate the numbers, undermining its value as an accurate measure of popularity.

Egyptian company says rogue Google SSL certificates were a mistake

An Egyptian company that created unauthorized digital certificates for several Google domains said Wednesday it made a mistake and acted quickly when the error became known.

Zero day, Web browser vulnerabilities spike in 2014

The number of zero-day and Web browser vulnerabilities shot up in 2014, but overall software vendors are patching faster.

Android flaw puts personal data at risk for millions

Nearly half of Android devices are vulnerable to an attack that could replace a legitimate app with malicious software that can collect sensitive data from a phone.

Security startup records a year's network data

A security startup has developed a platform that gives security professionals a much larger picture of what has happened on their network, even if they might have missed the initial signs of an intrusion.