Security

US government officials have flatly denied having any advance knowledge of the Heartbleed bug . The bug, which has already been exploited by hackers, has resulted in exposed social security numbers of the Canada Revenue Agency and other personal ... data. It's estimated that the bug affects approximately six percent of all websites world-wide. Now, it's emerged that US spies who discover security bugs are sometimes allowed to exploit them, rather than warn the public of any imminent dangers. A report by the Bloomberg news agency suggested the National Security Agency (NSA) knew about Heartbleed ... (view more)

Is it really that dangerous to continue using Windows XP? Microsoft's Windows XP has officially been decommissioned as of April 8, 2014, meaning that Microsoft will not longer support the software insofar as security updates are concerned. Without ... any security updates, Windows XP is extremely vulnerable to attack if and when an operating system exploit is discovered. And, even if one is discovered, it may or may not make headlines - which means most users running Windows XP simply won't be aware their system has been compromised. It's these types of attacks that are most dangerous ... (view more)

A massive number of websites could be affected by a critical security flaw used in conjunction with web sites and web browsers. Experts suggest that all web users change their passwords to all major web sites (including banking, social media, etc) - ... but doing so comes with a number of caveats. The security flaw is related to SSL (secure sockets layer) and is expected to affect approximately six percent of all websites world-wide. According to a recent survey that reviewed approximately 959 million websites, "66% ... are powered by technology built around SSL, and that doesn't include ... (view more)

Security experts are warning users to take extra caution when seeking information about the lost Malaysian Airlines flight MH370 online. Reports suggest that cybercriminals are taking advantage of the media buzz surrounding the missing plane in ... order to spread computer malware through malicious web sites, social media, emails, and bogus links. Malaysia Airlines Flight MH370 went missing on March 8, 2014. It's still not clear if the plane was hijacked or crashed, let alone where the impact might have taken place. A coalition of 26 countries is currently looking for the aeroplane. (Source: ... (view more)

A major financial news outlet has accused Target of missing clear warning signals that it was being hacked and customer data put at risk. Target is the second largest discount retailer in the United States, next to Walmart. In December 2013, Target ... confirmed that hackers had stolen credit card data from 40 million customers. The attack happened approximately 19 days after American Thanksgiving (November 28, 2013). The theft not only affected customers who had used credit cards online, but in stores as well. According to Bloomberg Businessweek, Target had already set up a security center in ... (view more)

Microsoft's latest Patch Tuesday release fixes several security vulnerabilities currently marked "critical" -- the firm's highest security rating. Microsoft's Patch Tuesday fixes are always rolled out starting the second Tuesday of each month, but ... sometimes take longer to reach consumers depending on Internet availability. This month's Patch Tuesday includes five security updates, two of which have been marked critical. One of those critical fixes addresses a vulnerability in Internet Explorer, Microsoft's web browser. This month's updates are particularly ... (view more)

Computer researchers have created an 'airborne' computer virus that takes advantage of WiFi (wireless Internet) routers. The point of the study is to highlight the many ways in which wireless routers are open to abuse. The research studied wireless ... access points, and was completed by the University of Liverpool. Access points are electronic devices that relay information from a local wireless network to another (typically the Internet). For example: a PC or laptop connected to a wireless router (which is then connected to the Internet) would be considered an access point. The goal of ... (view more)

A new report shows that Yahoo instant messages can be easily intercepted and read by government spies and hackers. The problem: Yahoo fails to encrypt those messages. A recent study by CNET shows that Yahoo continues to transmit message content in ... unencrypted form. This makes the instant messages vulnerable and exploitable by third parties. To compound the problem, a recent article by UK-based The Guardian shows that a number of government agencies are, in fact, spying on Yahoo's unencrypted messages. (Source: cnet.com ) Government Agents Spying on Everyday People Worse still, evidence ... (view more)

Security firm Kaspersky has released a special web browser for Windows phones aimed at blocking unwanted threats. The browser, "Kaspersky Safe Browser for Windows Phone" app, is available to download free of charge from the official Windows Phone ... Store. The main security feature is to block web links that may take a user to a harmful site. This isn't just sites that house malicious software that could damage a phone, but also "phishing" sites. (Source: kaspersky.com ) A phishing site is one that is set up to look like the real website of a legitimate company, for ... (view more)

Microsoft has released a temporary fix to an important security bug affecting two recent versions of Internet Explorer. The exploit has been linked to attacks that compromised a website for US military veterans. The bug affects Internet Explorer ... versions 9 and 10. It does not affect version 11, nor anything previous to version 9. That said, using an earlier version Internet Explorer less than what is currently available (depending on which version of Windows you're running) is definitely not advised. JavaScript Bug Exploits Drive-by Download Attack The exploit involves JavaScript, a ... (view more)