Stories by Jeremy Kirk

Google+

Two scenarios that would make OS X vulnerable to the Shellshock bug

Apple's OS X is vulnerable to the Shellshock bug, but it's not that easy for attackers to take advantage of it, according to Intego, which specializes in security software for the operating system.

Malicious advertisements distributed by DoubleClick, Zedo networks

Two online advertising networks, Google's DoubleClick and Zedo, have been delivering malicious advertisements that could install malware on a person's computer, according to the security vendor Malwarebytes.

Google to turn on encryption by default in next Android version

Google is turning on data encryption by default in the next version of Android, a step that mirrors broad moves in the technology industry to ensure better data security.

CloudFlare can provide its caching service without your SSL keys

CloudFlare said it has engineered a novel way to handle sensitive encryption keys that allows organizations such as financial institutions to still use its caching service to fend off cyberattacks.

Encryption goof fixed in TorrentLocker file-locking malware

The developers of a type of malicious software that encrypts a computer's files and demands a ransom have fixed an error security experts said allowed files to be recovered without paying.

US military unaware of Chinese attacks against transport contractors

The U.S. Defense Department plans to tighten reporting of cyber incidents against transportation contractors after the military found it was mostly left in the dark about successful attacks from China, according to a Senate report.

Apple turns on iCloud two-step verification after nude selfie scandal

Apple on Tuesday began offering an additional security protection for iCloud account users, a move the company made following the theft of nude photos from several celebrities' accounts last month.

Hackers accessed Goodwill hosting provider for 18 months before card breach

Hackers evaded security systems for a year-and-a-half at a hosting center that processed payment cards for Goodwill Industries, using the same type of malware that struck Target and other major retailers to steal card data, according to the charity's software vendor.

'Tiny banker' malware targets US financial institutions

A banking trojan, known for its small size but powerful capabilities, has expanded the number of financial institutions it can collect data from, according to security vendor Avast.

Data loss detection tool mines the ephemeral world of 'pastes'

It's not easy to figure out if your data has been collected by hackers, but an online tool has been expanded to hunt through one of the most prolific sources of leaked data, known as "pastes."

Sprint, Windstream traffic routing errors hijacked other ISPs

Internet traffic routing errors made by U.S. operators Sprint and Windstream on the same day last week underscore a long-known Internet weakness, posing both security and reliability issues.

CTO for Liberty Reserve payment network pleads guilty

The CTO of a Costa Rica-based payment network that U.S. prosecutors allege primarily served the cybercriminal underworld pleaded guilty on Thursday to one count of conspiring to operate an unlicensed money transmitting business.

Study concludes 'Heartbleed' flaw was unknown before disclosure

One of the most serious software flaws to affect the Internet, nicknamed "Heartbleed," was likely unknown before it was publicly disclosed, according to new research.

Will bitcoin's creator be unmasked for $12,000?

The latest claim of knowledge of the true identity of bitcoin's creator is being viewed with suspicion.

Malicious advertising hits Amazon, YouTube and Yahoo, Cisco says

Malicious advertisements have popped up on websites such as YouTube, Amazon and Yahoo, part of a sophisticated campaign to spread malware, Cisco said Monday.