Security

A Russian gang is believed to have stolen more than a billion online passwords. But the security firm that discovered the breach has also caused controversy over its handling of the situation, including paid-for services to deal with the breach. ... Hold Security of Milwaukee discovered and publicized the breach. The company is legitimate, and its previous claims of breaches have checked out: it was responsible for detecting a massive breach at Adobe last year. The company says it discovered that a Russian group named CyberVor (which translates as cyber-thief) has gathered together data from 420, ... (view more)

A new report suggests that most USB flash drives (also known as thumb drives) have a critical security weakness that allows them to be reconfigured, giving hackers an opportunity to silently infect targeted computer systems with malware . The report ... comes from Germany's Security Research Labs, which says that most companies making USB flash drives fail to protect the firmware installed on their devices. That means attackers could easily hack and replace the firmware with a malicious version of the firmware, which is then capable of delivering a payload onto a victim's PC - usually with ... (view more)

For many users, installing antivirus software is one of the first things to do after purchasing a new computer. But one security researcher suggests that today's antivirus programs are anything but effective; in fact, he claims many antivirus ... programs are filled with security flaws. Fourteen Antivirus Products Vulnerable, Researcher Claims Joxean Koret is a researcher at COSEINC, a Singapore-based security firm. Over the past year, he's carefully analyzed a wide range of antivirus products in search of security vulnerabilities. Earlier this month Koret presented his findings at the ... (view more)

The Federal Bureau of Investigation (FBI) has disrupted a major malware botnet specifically designed to steal personal financial data from computers. Both US and UK security agencies are warning all users that they have a two week grace period to ... shore up their defenses before cybercriminals reactivate the threat. A botnet is essentially an army of malware-infected computers under the control of cybercriminals. In this case, the botnet is known as the GameOver Zeus. When a computer becomes infected with malware, it can also become part of a botnet. Malware infection is usually the result of ... (view more)

The United States government has recommended the court trying world-renowned hacker Hector Xavier Monsegur -- better known as " Sabu " -- show leniency. It's a controversial recommendation that could see the hacker walk out of court a free man later ... this week. Monsegur has been in custody since 2011. He was once was a part of international hacking group LulzSec , which carried out a series of cyber crimes against major corporations, such as Sony. The group has also waged hacking campaigns against the Central Intelligence Agency (CIA), the U.S. Senate, and Infragard, a security ... (view more)

A new study reviewed security among leading online companies following the Heartbleed bug scare, in which a commonly used encryption technique for secure websites had the capability to expose highly confidential data. The study comes from Dashlane, ... a password management firm. The study evaluated 80 web sites and examined 6 factors with regard to the way passwords and login processes are handled. Using these details, Dashlane ranked each site between +100 and minus -100. Based on a range of security issues, the study suggests Apple and Microsoft have the securest policies for passwords, while ... (view more)

Kaspersky Lab, a Russia-based firm and one of the world's most renowned PC security companies, is warning all consumers to carefully research any antivirus application before downloading it to their computers or mobile devices. Kaspersky Lab says it ... recently discovered several fake antivirus apps on Google Play and the Windows Phone app stores . Experts Warn: Kaspersky Mobile Not Legitimate One of the fake apps is called Kaspersky Mobile, which claims to protect a mobile device like a tablet or smartphone and costs just $4 USD. The application uses Kaspersky's own logo and other branding ... (view more)

Microsoft has issued a fix for an Internet Explorer security vulnerability so serious that it prompted the United States' Department of Homeland Security to warn Americans against using the popular web browser. Somewhat surprisingly, Microsoft has ... also provided a fix for Windows XP -- even after promising not to do so. The Internet Explorer (IE) flaw was discovered last weekend. If left unpatched, it could allow hackers unprecedented access to a remote PC. Security experts say that Internet Explorer users could become instantly infected simply by visiting a malicious website or clicking ... (view more)

The United States Department of Homeland Security (DOHS) has warned that users should switch away from Internet Explorer until a serious bug has been fixed. It's the first big security scare since Microsoft stopped supporting Windows XP earlier this ... month. The bug doesn't have a glamorous nickname and is instead simply known as CVE-2014-1776. When triggered, the bug allows for remote code execution, which means a third party would have full control over a remote PC without the need for credentials or consent from the PC owner. By clicking on a malicious link or by visiting an infected ... (view more)

The first major arrest has been made in association with the recently discovered Heartbleed bug . The suspect is a 19-year-old Canadian hacker who exposed roughly 900 social insurance numbers of the Canada Revenue Agency. The Heartbleed bug first ... made headlines last week. It's a shocking vulnerability in the popular OpenSSL cryptographic software library that, if exploited, can be used to steal protected information from secure websites and similar web services. According to the Washington Post, the bug may affect as much as two-thirds of the entire Internet. (Source: washingtonpost.com ... (view more)