Stories by Jeremy Kirk

Google+

'Luuuk' banking malware may have stolen €500,000 in a week

A European bank may have lost as much as €500,000 (US$682,000) in a week earlier this year, according to Kaspersky Lab, which analyzed data on a server used in attacks against online banking users in Italy and Turkey.

New iOS jailbreak could become sinister

A new jailbreak for Apple's iOS software that uses confidential information intended only for security researchers could develop into a more sinister attack, according to security analysts.

Montana data breach exposed 1.3 million records

Up to 1.3 million records, including health care and bank account information, may have been exposed after a server at Montana's public health department was hacked in May, the state said Tuesday.

Police turning to mobile malware for monitoring, study says

Governments are increasingly using spyware for mobile devices to monitor targets, raising questions over the possible misuse of such tools, a new study suggests.

Encrypted Web traffic can reveal highly sensitive information

Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode.

AskMen.com website redirects to Caphaw malware, WebSense says

AskMen.com, a popular website with millions of monthly visitors, was redirecting visitors to other domains that delivered the Caphaw malware, according to security vendor WebSense.

Google develops own 'boring' version of OpenSSL

Google is developing its own version of OpenSSL that will be more appropriate for its own software products, which have been using the critical encryption component for years with customized patches.

Alert issued over plain text passwords in some Super Micro motherboards

Tens of thousands of servers have a hard-coded, plain-text password that could yield remote access to a management interface for a server, according to a security researcher.

LinkedIn called out on slow implementation of default SSL

LinkedIn said it is making progress implementing default encryption of data exchanged with its users after a security company alleged some users are still at risk of account takeovers.

CloudFlare acquires enterprise VPN provider CryptoSeal

CloudFlare has acquired CryptoSeal, a provider of VPN (virtual-private-network) services for businesses, in a deal it says will extend its security services to Web users.

Report: Neither iOS nor Android inherently more secure than the other

Apple's tight vetting of mobile applications gives it a security edge over Android, but there are still several ways for attackers to steal data from iOS devices, a mobile security company warned in a report Tuesday.

Russian forensic firm's tool snags iCloud backups without an Apple ID

Moscow-based Elcomsoft has developed a tool to collect iCloud backup files without knowing a person's Apple ID, a development intended to help law enforcement analyze seized computers.

New powerful banking malware called Dyreza emerges

Security researchers said they've spotted a new type of banking malware that rivals the capabilities of the infamous Zeus malware.

Spamhaus readies new antimalware data feeds

The Spamhaus Project will soon publish two new data feeds intended to prevent people from being lured to malware-infected websites and domains.

P.F. Chang's turns to manual card processing after confirming breach

P.F. Chang's China Bistro confirmed on Thursday credit and debit card data was stolen from its restaurants, saying it is switching in the meantime to a manual imprinting system to process cards safety.