Stories by Jeremy Kirk

Google+ 2

Microsoft admits technical error in IP takeover, but No-IP still down

Microsoft admitted Tuesday it made a technical error after it commandeered part of an Internet service's network in order to shut down a botnet, but the Nevada-based company says its services are still down.

Energy providers hacked through malicious software updates

Eastern European-based attackers gained access to the networks of energy providers by tampering with software updates for industrial control systems, gaining a foothold that could be used for sabotage, Symantec said Monday.

California law removes ban on alternative currencies

A new California law removes a ban on using currencies other than the U.S. dollar, which is intended to accommodate the growing use of alternative payment methods such as bitcoin.

Android malware targets South Korean online banking customers

Malicious software that swaps itself for legitimate online banking applications is striking users in South Korea, with thousands of devices infected in the last week, according to a Chinese mobile security company.

'Luuuk' banking malware may have stolen €500,000 in a week

A European bank may have lost as much as €500,000 (US$682,000) in a week earlier this year, according to Kaspersky Lab, which analyzed data on a server used in attacks against online banking users in Italy and Turkey.

New iOS jailbreak could become sinister

A new jailbreak for Apple's iOS software that uses confidential information intended only for security researchers could develop into a more sinister attack, according to security analysts.

Montana data breach exposed 1.3 million records

Up to 1.3 million records, including health care and bank account information, may have been exposed after a server at Montana's public health department was hacked in May, the state said Tuesday.

Police turning to mobile malware for monitoring, study says

Governments are increasingly using spyware for mobile devices to monitor targets, raising questions over the possible misuse of such tools, a new study suggests.

Encrypted Web traffic can reveal highly sensitive information

Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode.

AskMen.com website redirects to Caphaw malware, WebSense says

AskMen.com, a popular website with millions of monthly visitors, was redirecting visitors to other domains that delivered the Caphaw malware, according to security vendor WebSense.

Google develops own 'boring' version of OpenSSL

Google is developing its own version of OpenSSL that will be more appropriate for its own software products, which have been using the critical encryption component for years with customized patches.

Alert issued over plain text passwords in some Super Micro motherboards

Tens of thousands of servers have a hard-coded, plain-text password that could yield remote access to a management interface for a server, according to a security researcher.

LinkedIn called out on slow implementation of default SSL

LinkedIn said it is making progress implementing default encryption of data exchanged with its users after a security company alleged some users are still at risk of account takeovers.

CloudFlare acquires enterprise VPN provider CryptoSeal

CloudFlare has acquired CryptoSeal, a provider of VPN (virtual-private-network) services for businesses, in a deal it says will extend its security services to Web users.

Report: Neither iOS nor Android inherently more secure than the other

Apple's tight vetting of mobile applications gives it a security edge over Android, but there are still several ways for attackers to steal data from iOS devices, a mobile security company warned in a report Tuesday.