Stories by Jeremy Kirk

Google+

PayPal's two-factor authentication is easily beaten, researcher says

A security feature offered by PayPal to help prevent accounts from being taken over by hackers can be easily circumvented, an Australian security researcher has found.

Is your Dropcam live feed being watched by someone else?

Dropcam, the popular video monitoring camera, bills itself as "super simple security." But a pair of researchers plan to show at the Defcon hacking conference later this week how having a Dropcam could get a lot more complicated.

Mozilla warns of leaky developer network database

Mozilla's website for developers leaked email addresses and encrypted passwords of registered users for about a month due to a database error, the organization said Friday.

Microsoft security tool EMET 5.0 puts a leash on plugins

The latest release of a Microsoft security tool that's designed to stop exploits lets administrators control when third-party plugins are launched, a long favored route for attackers.

No patch yet for zero day in Symantec Endpoint Protection software driver

A zero-day flaw in a software driver in Symantec's widely used Endpoint Protection product may be tricky to fix.

iPhone gets first free app for encrypting voice calls

An open-source project has released the first free application for the iPhone that scrambles voice calls, which would thwart government surveillance or eavesdropping by hackers.

Zero-day flaws found in Symantec's Endpoint Protection

Symantec's Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.

Using Instagram on public Wi-Fi poses risk of an account hijack, researcher says

A configuration problem in Facebook's popular Instagram application for Apple devices could allow a hacker to hijack a person's account if they're both on the same public Wi-Fi network.

Until the Tails privacy tool is patched, here's how to stay safe

Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.

New guide aims to remove the drama of reporting software flaws

Handling a software flaw can be messy, both for a security researcher who found it and for the company it affects. But a new set of guidelines aims to make that interaction less mysterious and confrontational.

'Canvas fingerprinting' tracking is sneaky but easy to halt

A method for tracking users across the Internet called "canvas fingerprinting" is simple to stop, but average Internet users may not know how to do it.

Firm says vulnerability in Tails contained in I2P component

A vulnerability broker published a video demonstrating one of several flaws it has found in the privacy-focused Tails operating system, which is used by those seeking to make their Web browser harder to trace.

SQL injection flaw in Wall Street Journal database led to breach

A vulnerability in a web-based graphics system led to a breach of The Wall Street Journal's network by a hacker, the newspaper acknowledged late Tuesday.

Zero-day flaws in Tails aren't for sale, vulnerability broker says

A company that specializes in selling information on software vulnerabilities has reignited a debate over the handling of such information, especially when it pertains to privacy-focused tools.

Virtru launches business email encryption service for Google Apps

Email encryption startup Virtru has launched a version of its service for businesses using Google Apps, a market segment that the company thinks is showing increased interest in secure communications.

CIO
ARN
Techworld
CMO