2009-2013

Security News Archive: 2009 to 2013

Page Links: 2013, 2012, 2011, 2010, 2009

2013 News

30-12-2013: Even tiny microSD cards have chips that can be hacked. [BGR]
30-12-2013: Eye reflections could catch criminals. [Imaging Resource]
30-12-2013: Cisco “deeply concerned” over NSA backdoor claims. [GigaOM]
30-12-2013: Cash machines robbed with infected USB sticks. [BBC News]
29-12-2013: Research shows eye-reflections in photos could be used to identify criminals. [Engadget] [HardOCP] [Sky News]
24-12-2013: Report on Syrian malware. [Schneier] [EFF] [WSJ ATD]
24-12-2013: Mariposa botnet 'mastermind' jailed in Slovenia. [BBC News] [Graham Cluley]
23-12-2013: Talk of an RSA boycott grows after reports it colluded with the NSA. [WSJ ATD]

24-12-2013: Prestigious speaker Mikko Hypponen cancels RSA talk to protest NSA deal. [Ars Technica] [The Register] [BoingBoing]
27-12-2013: How worried should we be about alleged RSA-NSA scheming? [Wired]
06-01-2014: How the NSA (may have) put a backdoor in RSA’s cryptography: a technical primer. [Ars Technica]
08-01-2014: More researchers join RSA conference boycott to protest $10 million NSA deal. [Ars Technica] [Washington Post] [The Register] [BoingBoing]

23-12-2013: People are more freaked out by hacking than tracking. [HardOCP] [WSJ ATD]
21-12-2013: Seen the Tapsnake virus warning on your Android? Here’s what you need to know. [Graham Cluley]
21-12-2013: Critics: NSA agent co-chairing key crypto standards body should be removed. [Ars Technica]
20-12-2013: Over 4 million infected PCs in 100 countries, but guilt of DNS Changer gang not proven says court. [Graham Cluley]
20-12-2013: Worried OpenSSL uses NSA-tainted crypto? This bug has got your back. [The Register]
20-12-2013: NSA’s broken Dual_EC random number generator has a “fatal bug” in OpenSSL. [Ars Technica]
19-12-2013: The real reason IT security fails. [Network Computing]
19-12-2013: Washington Post discovers it has been hacked. China blamed. [Graham Cluley]
19-12-2013: China's central bank hit in net attack. [BBC News] [Graham Cluley]
19-12-2013: Hackers break into Washington Post servers for third time in three years. [Ars Technica]
18-12-2013: TOR user identified by FBI. [Schneier] [Ars Technica]
18-12-2013: Researchers crack the world’s toughest encryption by listening to the tiny sounds made by your computer’s CPU. [ExtremeTech] [Ars Technica] [Schneier] [CS] [The Register] [Gizmodo] [BoingBoing]
18-12-2013: The massive lie about anti-virus technology. [Graham Cluley]
17-12-2013: Don't listen to Snowden ... Intel: We've switched on CPU crypto for Hadoop. [The Register]
17-12-2013: Huawei to come under increased scrutiny from GCHQ. [BBC News] [The Register] [ZDNet]
16-12-2013: Unlocking CryptoLocker: how infosec bods hunt the fiends behind it. [The Register]
16-12-2013: Attacking online poker players. [Schneier] [F-Secure]
16-12-2013: Botnet enlists Firefox users to hack websites. [Krebs]
14-12-2013: Archaic but widely used crypto cipher allows NSA to decode most cell calls. [Ars Technica] [Gizmodo] [Washington Post] [iMore] [Engadget]
13-12-2013: Report: bot traffic is over 61% of all website traffic. [HardOCP] [Incapsula]
13-12-2013: Hacked via RDP: really dumb passwords. [Krebs]
13-12-2013: Cryptolocker copycat ransomware emerges – but an antidote is possible. [The Register]
12-12-2013: Bots now 'account for 61% of web traffic'. [BBC News] [Gizmodo]
12-12-2013: Crypto weakness in Web comment system exposes hate-mongering politicians. [Ars Technica]
11-12-2013: Participating in Anonymous DDoS attack for 1 minute = $183,000 fine. [Gizmodo] [Sophos]
11-12-2013: Targeted attacks explored in Proofpoint infographic. [Graham Cluley]
11-12-2013: Four arrested over London-based '£1m cyber theft'. [BBC News] [The Register]
07-12-2013: Kingpin behind large chunk of world’s malware exploits led lavish life. [Ars Technica]
07-12-2013: FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance. [Washington Post] [Ars Technica] [Gizmodo]
06-12-2013: DDoS attacks wreak havoc on data centers. [Network Computing]
06-12-2013: Fiendish CryptoLocker ransomware survives hacktivists' takedown. [The Register]
05-12-2013: Botnet of 20,000 point-of-sale machines. [BoingBoing] [Ars Technica]
05-12-2013: ZeroAccess botnet down, but not out. [Krebs] [BBC News] [PCWorld] [HardOCP] [Microsoft] [Ars Technica]
05-12-2013: Microsoft: Anonymous hacktivists DDoSed us? Really? [The Register]
04-12-2013: 2 million stolen Facebook and Yahoo passwords dumped online. [BBC News] [ZDNet] [Ars Technica] [The Register] [Lifehacker] [Stuff] [DailyTech]
03-12-2013: Accused of spying, Huawei CEO says company is exiting US market. [Gizmodo] [Foreign Policy]

04-12-2013: Should we fear the growth of Chinese telecoms company Huawei? [BBC News]
05-12-2013: Huawei not leaving US, just pulling back. [THG]
13-12-2013: Huawei pulls back on network side, but still hopes to build US brand for phones. [WSJ ATD]

03-12-2013: Scientist-developed malware prototype covertly jumps air gaps using inaudible sound. [Ars Technica] [ExtremeTech] [Gizmodo] [JOCM] [BGR] [Stuff] [The Register]
02-12-2013: How does the NSA break SSL? [Crypto Engineering]
02-12-2013: How antivirus companies handle state-sponsored malware. [Schneier]
02-12-2013: Security upgrades show Snowden won. [Stuff]
02-12-2013: Tech encryption arms race escalates. [Stuff] [AP]
01-12-2013: Dutch intelligence agency AIVD hacks forums. [HardOCP] [NRC]

30-11-2013: A new worm proves that the Internet is vulnerable to attack. [WSJ ATD]
29-11-2013: For 20 years the nuclear launch code at US Minuteman silos was 00000000. [Gizmodo] [HardOCP] [Ars Technica]
27-11-2013: Texas hacker debunks link between Bitcoin founder and online drug market. [Wired]
26-11-2013: An anti-fraud service for fraudsters. [Krebs]
26-11-2013: European Parliament reports hack attack, turns off public Wi-Fi. [The Register]
26-11-2013: NSA-busting secure, open, router seeks cash and code from crowd. [The Register]
26-11-2013: Red October crypto app adopts “two-man rule” used to launch nukes. [Ars Technica]
25-11-2013: This infographic shows which sites properly encrypt your data. [Lifehacker] [EFF]
23-11-2013: A spurned techie’s revenge: Locking down his ex’s digital life. [Ars Technica]
23-11-2013: Google squashes nasty bugs that led to perfect-storm account hijacking. [Ars Technica]
22-11-2013: Twitter upping security to thwart government hacking. [HardOCP] [cNet] [Engadget]
21-11-2013: Say hello to Safeplug, Pogoplug’s $49 Tor-in-a-box for anonymous surfing. [GigaOM]
21-11-2013: Darknet: It's not just for DRUGS. Ninja Banking Trojan uses it too. [The Register]
21-11-2013: SCADA flaws put world leaders at risk of terrible traffic jam. [The Register]
21-11-2013: Repeated attacks hijack huge chunks of Internet traffic, researchers warn. [Ars Technica]
20-11-2013: Hack of Cupid Media dating website exposes 42 million plaintext passwords. [Ars Technica]
19-11-2013: The new threat: targeted Internet traffic misdirection. [Renesys] [Schneier]

02-12-2013: Response: targeted Internet traffic misdirection. [EtherealMind]
06-12-2013: Someone's been siphoning data through a huge Internet security hole. [Gizmodo] [Wired]

19-11-2013: How the NSA weaponized the Internet's backbone. [BoingBoing] [Wired]
20-11-2013: Australia's Indonesia spy woes may cross over. [Stuff]
19-11-2013: Indonesia turns Twitter into very leaky diplomatic bag. [The Register]
19-11-2013: Oz gov sysadmins asleep at the wheel. [The Register]
19-11-2013: Schneier tells Washington NSA broke Internet’s security for everyone. [Ars Technica] [BoingBoing]
18-11-2013: Google completes upgrade of its SSL certificates to 2048-bit RSA. [ThreatPost]
18-11-2013: The CIA is trying to stop Russia building monitoring stations in the US. [Gizmodo]
18-11-2013: Feds arrest 5 more suspects in $45 million global bank heist. [Wired]
18-11-2013: FBI sends memo to US.gov sysadmins: You've been hacked... for the past year. [The Register]
16-11-2013: FBI warns hacking spree on government agencies is a “widespread problem”. [Ars Technica]
16-11-2013: Homeland Security must disclose wireless shutdown protocols. [HardOCP] [cNet]
15-11-2013: You just missed a massive, destructive, fake cyberattack. [Gizmodo] [NYT]
15-11-2013: FBI: cyber-attacks surpassing terrorism as major domestic threat. [HardOCP] [RT]
15-11-2013: Microsoft opens dedicated cybercrime centre. [Hexus]
15-11-2013: Internet architects propose encrypting all the world’s Web traffic. [Ars Technica]

15-11-2013: NSA leaks bolster IETF work on Internet security. [Network Computing]

14-11-2013: Inside Microsoft's cybercrime centre. [HardOCP] [Microsoft]
14-11-2013: Microsoft fails to encrypt data centre links despite NSA snooping. [The Register] [Ars Technica] [Wired] [BGR]
14-11-2013: Feds charge California brothers in cyberheists. [Krebs]
13-11-2013: Hacking the connected home: when your house watches you. [ReadWriteWeb]
12-11-2013: Microsoft warns customers away from SHA-1 and RC4. [ThreatPost]
12-11-2013: In Lavabit appeal, US doubles down on access to web crypto keys. [Wired]
11-11-2013: Secure email a "daunting challenge". [BoingBoing] [The New Yorker]
11-11-2013: Smartphone PIN revealed by camera and microphone. [BBC News] [Imaging Resource]
11-11-2013: UK spies continue “quantum insert” attack via LinkedIn, Slashdot pages. [Ars Technica] [Schneier] [Der Spiegel]

18-11-2013: Explaining and speculating about QUANTUM. [Schneier] [Wired]

09-11-2013: $1.2 million in Bitcoins hijacked in 'social engineering' attack. [Engadget] [Bitcoin Talk]
09-11-2013: It’s official: computer scientists pick stronger passwords. [Ars Technica]
08-11-2013: FBI wants hacker behind cheating malware. [Stuff]
07-11-2013: China can't stop hacking the world's only superpower. [Gizmodo] [Reuters]
07-11-2013: Kaspersky: “We detect and remediate any malware attack,” even by NSA. [Ars Technica]
06-11-2013: Crowdfunded audit of 'NSA-proof' encryption suite TrueCrypt is go. [The Register]

06-11-2013: TrueCrypt to go through a crowdfunded, public security audit. [HelpNet Security]
18-11-2013: TrueCrypt audit project founder: 'We've set our sights high'. [The Register]
15-04-2014: TrueCrypt audit finds “no evidence of backdoors” or malicious code. [Ars Technica] [The Register] [Schneier]

06-11-2013: Sysadmins: How do YOU protect your networks against 'friendly fire'? [The Register]
04-11-2013: Quantum data lock promises leak-proof security. [Engadget] [APS]
04-11-2013: badBIOS. [Schneier] [Ars Technica]

04-11-2013: No, malware can't infect your computer over the air. [Gizmodo]
06-11-2013: Researcher skepticism grows over badBIOS malware claims. [Ars Technica]

04-11-2013: Germany: European spy agencies swap tech tips. [Stuff]
03-11-2013: Crypto boffins propose replacing certification authorities with ... Bitcoin? [The Register]
03-11-2013: Watch people in 1988 freak out over the world's first computer worm. [Gizmodo] [Mashable] [HardOCP] [ZDNet]

04-11-2013: That time when an NSA bloke's son borked the entire Internet. [The Register]
04-11-2013: An analysis of the Morris worm. [Purdue PDF]

PDF attached below: An Analysis of the Morris Worm.pdf

02-11-2013: NIST to review crypto guidance methods. [GovInfo Security] [Ars Technica] [BoingBoing]
01-11-2013: Finnish data network hit by severe hacking. [Stuff]

31-10-2013: Infosec bod reports ONGOING ATTACK at RSA securo-confab. [The Register]
31-10-2013: Crypto protocols mostly crocked says euro infosec think-tank ENISA. [The Register]
30-10-2013: Critical infrastructure vulnerabilities unearthed. [Network Computing]
30-10-2013: Russian authorities seize goods from China implanted with 'spy' chips. [Gizmodo] [The Register]
29-10-2013: New Oz government keeps Huawei ban after spook briefing. [The Register] [Stuff]

01-11-2013: Australian PM confirms Huawei ban. [The Register]

28-10-2013: CAPTCHA busted? AI company claims break if Internet's favourite protection system. [Wired] [Stuff]
28-10-2013: Alleged UK hacker charged with breaking into military and NASA databases. [The Verge] [The Register]
28-10-2013: SEA targets Obama in latest hack. [WSJ ATD] [Engadget] [Gizmodo] [The Register]
27-10-2013: A cyber attack against Israel shut down an entire road last month. [Jalopnik]
26-10-2013: FBI on the hunt for eBay 'fraudster'. [BBC News]
25-10-2013: Germany wants a German Internet as spying scandal rankles. [Reuters] [Gizmodo] [HardOCP] [PCMag]
25-10-2013: Norks seed online games with malware in fiendish DDoS plot. [The Register]
25-10-2013: DARPA contest for fully automated network defence. [Schneier] [DARPA]
25-10-2013: Senator demands more info from Experian. [Krebs]
24-10-2013: Sting operation for Obama's Twitter leak. [Stuff]
23-10-2013: How NSA-proof is your VPN? [BoingBoing] [TorrentFreak]
23-10-2013: Lone sysadmin fingered for $462 million Wall Street crash. [The Register]
22-10-2013: Why is the internet so insecure? [Stuff]
21-10-2013: UK cyber defence unit 'may include convicted hackers'. [BBC News]
21-10-2013: Google offering DDoS protection. [HardOCP] [Google] [Gizmodo]

21-10-2013: Visualised: global DDoS attacks animated and mapped by Google. [Engadget] [Digital Attack Map] [Gizmodo]

22-10-2013: Response: digital attack map. [EtherealMind]

19-10-2013: The web needs globally backed, verifiable security standards – says Huawei. [The Register] [Quartz] [Network Computing] [Information Week]

21-10-2013: Huawei: unlike western companies, we've never been told to weaken our security. [BoingBoing] [The Guardian]

18-10-2013: You’re infected—if you want to see your data again, pay us $300 in Bitcoins. [Ars Technica]

18-10-2013: Fiendish CryptoLocker ransomware: whatever you do, don't pay. [The Register]
05-11-2013: Late with your ransom payment? Never mind, CryptoLocker crooks will, er, give you a break. [The Register]
06-11-2013: CryptoLocker crew ratchets up ransom. [Krebs]
15-11-2013: File-nuking Cryptolocker PC malware menaces tens of millions' in UK. [The Register]
24-12-2013: Cryptolocker ransomware has 'infected about 250,000 PCs'. [BBC News]

17-10-2013: Leaky security could scuttle global ship-tracking system. [The Register]
17-10-2013: How mystery DDoSers tried to take down Bitcoin exchange with 100Gbps crapflood. [The Register]
17-10-2013: Researchers uncover holes that open power stations to hacking. [Ars Technica]
16-10-2013: Akamai: DDoS attacks increased since Q1 2013, Indonesia marked as biggest cyberbully. [Engadget]
16-10-2013: Android security relies on zombie crypto, argues infosec pundit. [The Register]
15-10-2013: WhatsApp crypto snafu drops trou on users' privates. [The Register]
15-10-2013: Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out. [The Register] [Ars Technica]
14-10-2013: German telco hopes to hide traffic from spies. [Stuff]
10-10-2013: Critical WhatsApp crypto flaw threatens user privacy, researchers warn. [Ars Technica]
10-10-2013: Hackers in the electric grid? Meh -- fear the dude with the stolen tractor. [Ars Technica]

13-10-2013: Ars readers react to the wild west of password cracking. [Ars Technica]

09-10-2013: Encryption tech designed to look like an Instagram filter. [Wired]
09-10-2013: 'Bulletproof' hoster Santrex calls it quits. [Krebs]
09-10-2013: How the Bible and YouTube are fueling the next frontier of password cracking. [Ars Technica] [Gizmodo]
09-10-2013: MI5 chief Andrew Parker warns of Islamist threat to UK public. [BBC News]
08-10-2013: DNS-based attack brings down AVG, Avira, WhatsApp. [ReadWriteWeb] [The Register]
07-10-2013: Next-generation malware on the horizon. [Network Computing]
03-10-2013: Just how advanced is the NSA's decryption tool? [Gizmodo] [YouTube]
01-10-2013: Will Keccak = SHA-3? [Schneier]
01-10-2013: GCHQ's CESG CCP 4 UK GOV IT BFFs? LOL RTFA INFOSEC VIPs ASAP. [The Register]
01-10-2013: Blood-sucking botnet narrowly escapes extermination, lives to leech again. [Ars Technica] [Voxy] [PCWorld] [BBC News] [HardOCP] [cNet] [Symantec]

30-09-2013: NSA eavesdropping: it just got a whole lot worse. [Juniper]
30-09-2013: Diversionary DDoS: a distracted IT is a hacker treasure trove. [Juniper]
30-09-2013: Silent Circle moving away from NIST ciphers in wake of NSA revelations. [ThreatPost]
30-09-2013: Would you hire a hacker to run your security? 'Yes' say Brit IT bosses. [The Register]
27-09-2013: London schoolboy cuffed for biggest DDoS attack in history. [The Register] [HardOCP] [Mashable]
27-09-2013: US says Iran hacked navy computers. [WSJ ATD] [WSJ] [Gizmodo]

27-09-2013: Iran sure did pick a bad time to hack into the navy's computers. [Gizmodo]

26-09-2013: Internet transit a vulnerability. [The Register]
24-09-2013: WAN encryption tops agenda after NSA revelations. [Network Computing]
24-09-2013: How a crypto backdoor pitted the tech world against the NSA. [Wired] [Schneier]
23-09-2013: How I hacked SIM cards with a single text - and the networks don't care. [The Register]
23-09-2013: iOS security is almost non-existent, but nobody cares. [PocketNow] [GottaBeMobile]
21-09-2013: Close the NSA's back doors. [NYT]
20-09-2013: UK spy agency GCHQ hacked Belgian telecom. [BoingBoing] [Der Spiegel] [The Register] [Ars Technica] [Engadget]
20-09-2013: RSA warns over NSA link to encryption algorithm. [BBC News] [The Register]

21-09-2013: We don’t enable backdoors in our crypto products, RSA tells customers. [Ars Technica]

20-09-2013: Australia main conduit for cyberattacks. [Stuff]
20-09-2013: Stop using NSA-influenced code in our products, RSA tells customers. [Ars Technica] [Wired]
18-09-2013: Telstra to DNS-block botnet C&Cs with unknown blacklist. [The Register]
18-09-2013: Chinese hacker group linked to big cyber attacks. [Stuff]
17-09-2013: Brazil's wild plan to purge American from its Internet. [Gizmodo] [Stuff] [BBC News]

25-09-2013: Brazil attacks US spy network. [Stuff]

17-09-2013: State-sponsored hacker gang has a side gig in fraud. [Wired]
17-09-2013: NSA spooks tooled up with zero-day PC security exploits from the French. [The Register]
17-09-2013: Say goodbye to the password. [WSJ ATD] [WSJ]
17-09-2013: Fatal crypto flaw in some government-certified smartcards makes forgery a snap. [Ars Technica]
17-09-2013: Major Belgian telco targeted by a foreign state, Brussels says. [Ars Technica]
16-09-2013: NSA bought exploit service from VUPEN, contract shows. [ThreatPost] [BoingBoing] [MuckRock]
16-09-2013: Teen hacker making $50k a month arrested. [HardOCP] [BBC News]
16-09-2013: Surreptitiously tampering with computer chips. [Schneier] [UMASS PDF] [ExtremeTech]
13-09-2013: Argentina arrests teen hacker who netted $50,000 a month. [BBC News]
13-09-2013: FBI: Yes, we controlled Tor servers behind mass malware attack. [BoingBoing] [Wired] [Gizmodo] [Ars Technica] [Network Computing]
13-09-2013: New NSA leaks shows MITM attack against major Internet services. [Schneier]
13-09-2013: Arrests over 'cyber plot' to steal from Santander bank. [BBC News]
12-09-2013: UK intelligence recruiting codebreakers with treasure hunt. [THG]
12-09-2013: 'NSA PRISM spies' shake down victims with bogus child-abuse vids claims. [The Register]
12-09-2013: Hacker cracks Vodafone Germany, steals data of 2 million customers. [The Register] [Washington Post] [WSJ ATD] [WSJ]
11-09-2013: Attacking a DDoS with a bare SSG. [Juniper]
11-09-2013: Security flaw shows Tor anonymity network dominated by botnet command and control traffic. [MIT Technology Review]
11-09-2013: Security snake oil for sale. [Network Computing]
10-09-2013: Boffins propose NSA-proof crypto for cloud computing. [The Register]
10-09-2013: Crypto prof asked to remove NSA-related blog post. [Ars Technica] [Matthew Green]

11-09-2013: University apologizes for censoring crypto prof over anti-NSA post. [Ars Technica]
11-09-2013: Matthew Green speculates on how the NSA defeats encryption. [Schneier]

09-09-2013: NSA slides reveal: iPhone users are zombies. [The Register] [HardOCP] [cNet] [BGR]

09-09-2013: iSpy: how the NSA accesses smartphone data. [Der Spiegel]
10-09-2013: NSA spies reportedly exploited iPhone location bug not fixed until 2011. [Ars Technica]

09-09-2013: Fighting back against NSA sabotage with a dead-man's switch. [BoingBoing] [The Guardian]

16-09-2013: How to foil NSA sabotage: use a dead man's switch (podcast). [BoingBoing]

09-09-2013: What NSA sabotage does to security. [BoingBoing] [Freedom to Tinker] [Schneier]
09-09-2013: Government secrecy and the generation gap. [Schneier]
09-09-2013: Spy service exposes Nigerian 'Yahoo Boys'. [Krebs]

11-09-2013: 'Yahoo Boys' have 419 Facebook friends. [Krebs]

08-09-2013: NSA secretly broke smartphone security. [BoingBoing] [Der Spiegel] [Engadget] [Gizmodo] [NZ Herald]
07-09-2013: How to fight back in the NSA's war on encryption. [Gizmodo]
07-09-2013: FBI labels Syrian president's hacker team "terrorists", adds them to wanted list. [DailyTech]
07-09-2013: Surveillance state repeal act. [BoingBoing] [NYT]
07-09-2013: Majority of Tor crypto keys could be broken by NSA, researcher says. [Ars Technica] [Gizmodo]

07-09-2013: 90 percent of Tor keys can be broken by NSA: what does it mean? [BoingBoing] [Errata Security]

07-09-2013: Google speeding up end-to-end crypto between data centers worldwide. [Ars Technica] [Engadget] [Washington Post] [DC Knowledge] [Stuff]
06-09-2013: 1Password and the crypto wars. [Agile Bits Blog]
06-09-2013: The NSA's cryptographic capabilities. [Schneier]

06-09-2013: That earth-shattering NSA crypto-cracking: have spooks smashed RC4? [The Register]
06-09-2013: The NSA cracked SSL -- but it's probably not as bad as it sounds. [Juniper]
12-09-2013: Perfect forward secrecy -- it's important. [Juniper]

06-09-2013: Security expert Schneier calls for more to reveal gov’t spying methods. [Ars Technica]
05-09-2013: On the NSA. [Crypto Engineering]
05-09-2013: NSA's decade-long plan to undermine encryption includes backdoors, stolen keys, manipulating standards. [Wired] [ExtremeTech]

06-09-2013: NSA’s pipe dream: Weakening crypto will only help the “good guys”. [Ars Technica]
06-09-2013: The NSA’s work to make crypto worse and better. [Ars Technica]
06-09-2013: NSA bypasses Internet encryption, spends $250M to weaken international encryption. [DailyTech] [NYT]
06-09-2013: Most online encryption is transparent to NSA and GCHQ. [Hexus]
08-09-2013: Spooks break most Internet crypto, but how? [Ars Technica]
08-09-2013: Firsthand account of NSA sabotage of Internet security standards. [BoingBoing] [Gmane]
09-09-2013: Long-shot bill forbidding NSA backdoors in encryption has renewed attention. [Ars Technica]
09-09-2013: Of course NSA can crack crypto. Anyone can. The question is, how much? [Ars Technica]
10-09-2013: Agency denies helping NSA beat encryption. [The Hill]
11-09-2013: NYT provides new details about NSA backdoor in crypto spec. [Ars Technica]
11-09-2013: NSA 'altered random-number generator'. [BBC News]
11-09-2013: This is the crypto standard that the NSA sabotaged. [BoingBoing] [NYT]

05-09-2013: The NSA is breaking most encryption on the Internet. [Schneier] [The Guardian] [NYT] [ProPublica] [Gizmodo] [BoingBoing] [Ars Technica] [The Register] [ReadWriteWeb] [Stuff] [HardOCP] [Stuff]

05-09-2013: US and UK spy agencies defeat privacy and security on the internet. [The Guardian] [BBC News]
05-09-2013: How to remain secure against NSA surveillance. [The Guardian] [Schneier]
04-09-2013: What exactly are the NSA's 'groundbreaking cryptanalytic capabilities'? [Wired]
04-09-2013: 'Uncrackable' codes set for step up. [BBC News]

04-09-2013: NSA laughs at PCs, prefers hacking routers and switches. [Wired] [Wired]
04-09-2013: 'Uncrackable' codes set for step up. [BBC News]

04-09-2013: NSA probably hasn't broken strong crypto. [BoingBoing] [Wired]

03-09-2013: Syrian Electronic Army hacks US Marines. [Stuff] [The Register]

03-09-2013: SEA cyberattacks. [Schneier]

02-09-2013: Boffins confirm quantum crypto can keep a secret. [The Register]
02-09-2013: 'Black budget' details a war in cyberspace. [Stuff]

31-08-2013: SEA denies new data leaks. [Krebs]
30-08-2013: IPv6 to complicate the threat-intelligence landscape. [Network Computing]
30-08-2013: Sysadmin security fail: NSA finds Snowden hijacked officials’ logins. [Ars Technica]

30-08-2013: NSA: We couldn't have stopped Snowden – he was A SYSADMIN. [The Register]

29-08-2013: The NSA has its own team of elite hackers. [Washington Post]
29-08-2013: New Snowden leak reports 'groundbreaking' NSA crypto-cracking. [Wired]
29-08-2013: US spy network’s successes, failures and objectives detailed in ‘black budget’ summary. [Washington Post]
27-08-2013: Twitter hacked and DNS records compromised. [HardOCP] [Twitter] [DailyTech]

28-08-2013: Syrian Electronic Army claims to have taken down Twitter, New York Times, Huffington Post. [NZ Herald] [Washington Post] [TechCrunch] [Wired]
28-08-2013: Hackers controlled the NYT by breaking into a leading Australian web service. [Business Insider] [DC Knowledge]
28-08-2013: Twitter and New York Times clash with hackers for control of their sites. [Ars Technica]
28-08-2013: New York Times and Twitter struggle after Syrian hack. [BBC News]
28-08-2013: How to avoid getting your DNS hacked like the NYT. [ReadWriteWeb]
28-08-2013: How the attack on NYT and Twitter domains could have been worse. [WSJ ATD]
28-08-2013: How the Syrian Electronic Army hacked The New York Times and Twitter. [ExtremeTech] [Stuff]
28-08-2013: SEA hacks continue with takeover of NYT, Twitter registrar homepage. [Gizmodo]

27-08-2013: NYT goes down again, and this time hackers are to blame. [WSJ ATD] [BoingBoing] [Gawker] [GigaOM] [Stuff] [DailyTech]

27-08-2013: How the NYT is still publishing despite being hacked. [Gizmodo]
27-08-2013: DNS hack takes The New York Times offline. [Engadget]
28-08-2013: Syrian Electronic Army named as likely culprit in NYT hack. [Ars Technica] [Stuff]
28-08-2013: Twitter and New York Times clash with hackers for control of their sites. [Ars Technica]
28-08-2013: How the attack on NYT and Twitter domains could have been worse. [WSJ ATD]
28-08-2013: SEA says attack on NYT is over. [WSJ ATD]
28-08-2013: How the Syrian Electronic Army hacked The New York Times and Twitter. [ExtremeTech] [Stuff]

27-08-2013: Who wrote the Pincer Android trojan? [Krebs]
26-08-2013: Chinese authorities say massive DDoS attack took down .cn domain. [The Register] [WSJ] [Stuff]
24-08-2013: Cyber crime experts warn of security issues. [Stuff]
20-08-2013: A question of DNS protocols. [Geoff Huston]

22-08-2013: APNIC boffins may enlist TCP to defend DNS. [The Register]

17-08-2013: Webcam spying goes mainstream as Miss Teen USA describes hack. [Ars Technica]
17-08-2013: New discovery may make encryption ‘exponentially easier’ to break. [ExtremeTech]
15-08-2013: Why doesn't Google encrypt all of your data? [Gizmodo]

16-08-2013: Why Google's now encrypting data in the cloud. [ReadWriteWeb]

15-08-2013: Syrian hackers use Outbrain to target the Washington Post, Time, and CNN. [The Atlantic] [The Register]
14-08-2013: Fed crack encrypted drives, arrest child porn suspect. [Wired]

15-08-2013: Feds believe child porn suspect will finally decrypt his hard drives. [Wired]

14-08-2013: Your encrypted files are 'exponentially easier' to crack, warn MIT boffins. [The Register]
12-08-2013: NSA leaks make plan for cyberdefense unlikely. [NYT]
10-08-2013: FBI director calls on private sector to help with cyber threat. [Ars Technica]
08-08-2013: Cybersecurity plan lacking traction. [Stuff]
07-08-2013: NZ slow to respond to 'industrialised' hacking. [NZ Herald]
05-08-2013: ProfitBricks budget cloud in SECURITY FAIL. [The Register]
04-08-2013: Firefox zero-day used in child porn hunt? [Krebs] [The Register] [BBC News] [The Register] [ExtremeTech]

05-08-2013: NSA appears to be tracking the anonymous Internet. [Gizmodo] [Ars Technica] [Wired] [BoingBoing]
06-08-2013: Tor fingers Firefox flaw for FAIL but FBI's also in the frame. [The Register]
06-08-2013: Tor-targeted malware traced to FBI. [Stuff]
06-08-2013: Has Tor been compromised? [Schneier]
06-08-2013: Users of hidden net advised to ditch Windows. [BBC News] [IT World] [Gizmodo] [Stuff]
08-08-2013: Infosec analysts back away from 'Feds attacked Tor' theory. [The Register] [Gizmodo]

03-08-2013: Chinese hackers have been caught hijacking a decoy US water plant. [Gizmodo] [MIT Technology Review] [HardOCP]
02-08-2013: Russian's massive Android malware industry revealed. [PCMag]
02-08-2013: FBI turning to private sector to hack phones, exploit unknown security holes. [Engadget]
02-08-2013: Crypto experts issue a call to arms to avert the cryptopocalypse. [Ars Technica]
02-08-2013: How hackers turn Androids to SpyPhones. [Stuff]
02-08-2013: Kerry says drone strikes will stop when all terrorists have been killed. [Gizmodo] [Bloomberg]
02-08-2013: Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages. [Ars Technica] [The Register]

03-08-2013: No easy way to stop BREACH from plucking secrets from HTTPS pages, feds say. [Ars Technica]
07-08-2013: How do you stop HTTPS-defeating BREACH attacks? Let us count the ways. [Ars Technica]

02-08-2013: Is your company Edward Snowden-proof? [IT Brief]
01-08-2013: Hackers induce 'CATASTROPHIC FAILURE' in mock oil well. [The Register]
01-08-2013: The Economist cyberwar debate. [Schneier] [The Economist]

30-07-2013: Russia's post-Snowden spooks have not reverted to type. [The Register]
30-07-2013: The Syrian Electronic Army just hacked another big Twitter account. [Gizmodo] [The Register]

01-08-2013: Syrian Electronic Army no longer just Twitter feed jackers... and that's bad news. [The Register]

29-07-2013: Car key immobiliser hack revelations blocked by UK court. [BBC News] [HardOCP] [The Guardian] [Schneier] [The Telegraph] [TechWorld]
28-07-2013: British boffin muzzled after cracking car codes. [The Register]
27-07-2013: Who is America at war with? Sorry, that's classified. [BoingBoing] [Pro Publica]
26-07-2013: Pay the TSA $85 for quick, fondle-free airport screening. [Wired] [TSA]
25-07-2013: Hacker ring stole 160 million credit cards. [Krebs]

28-07-2013: Five charged in largest financial hacking case in US history. [DailyTech] [BGR]
29-07-2013: 'World's BIGGEST online fraud': Suspect's phone had 'location' switched on. [The Register]

25-07-2013: Feds identify the young Russians behind the top US cyber thefts in the last 7 years. [Wired]
25-07-2013: Major SIM card security flaw uncovered. [THG] [BGR] [NYT] [ExtremeTech] [Ars Technica] [iMore]

01-08-2013: SIM card hack inspires quick fix by carriers. [CNN] [HardOCP] [SlashGear]

25-07-2013: Raid millions of bank accounts. New easy-to-use tool. Yours for $5,000. [The Register]
24-07-2013: NSA implements two-man control for sysadmins. [Schneier] [CBS News]
23-07-2013: Viber hacked by Syrian Electronic Army. [CoolSmartPhone] [TechCrunch] [iMore]

23-07-2013: Tango chat app hacked claims Syrian Electronic Army. [BBC News]

22-07-2013: The world's biggest data breaches visualised. [Gizmodo] [Information is Beautiful]
22-07-2013: Major SIM card security flaw puts hundreds of millions of devices at risk. [BGR] [NYT] [ExtremeTech] [Ars Technica] [iMore]
19-07-2013: Huawei denies spying allegations by former CIA chief. [BBC News] [The Register]

19-07-2013: Huawei tells ex-CIA director, UK government to 'put up or shut up' about spying claims. [Engadget]

18-07-2013: Hackers crippled HALF of world's financial exchanges - report. [The Register]
17-07-2013: Ivory towers besieged by cyberattacks. [ReadWriteWeb] [NYT]
11-07-2013: Lies about spying, and the lying lawmakers who tell them. [BoingBoing] [Washington Post]
10-07-2013: Who's behind the Styx-Crypt exploit pack? [Krebs]
09-07-2013: Look, can we just forget about Snowden for sec... US-China cyber talks held. [The Register] [The Register]
09-07-2013: Snowden blunts US push to curb cyber theft. [Stuff]
09-07-2013: Hard drive-wiping malware that hit South Korea tied to military espionage. [Ars Technica] [Stuff] [The Register]
09-07-2013: Hacker term is misunderstood. [Stuff]
08-07-2013: The 'cyber-attack' threat to London's Olympic ceremony. [BBC News]
08-07-2013: Crooked cops abuse FBI database. [Stuff]
06-07-2013: How Apple continues to make security invisible. [Schneier] [MacWorld]
04-07-2013: Europe gets tougher on cybercriminals. [BBC News]
03-07-2013: Ecuador: our London embassy was bugged. [BoingBoing] [Reuters]
02-07-2013: Security analysis of children. [Schneier] [Microsoft]
01-07-2013: Feds say encryption to foil wiretaps is on the rise. [BoingBoing]
01-07-2013: SIMON and SPECK: new NSA encryption algorithms. [Schneier] [IACR PDF]
01-07-2013: Britain 'under attack' in cyberspace. [BBC News] [BBC News Video]

28-06-2013: Encryption has foiled wiretaps for first time, Feds say. [Wired]
28-06-2013: Carberp code leak stokes copycat fears. [Krebs]
27-06-2013: Attackers sign malware using crypto certificate stolen from Opera Software. [Ars Technica] [The Register]
26-06-2013: Data, meet spies: the unfinished state of web crypto. [cNet]
26-06-2013: Download me—Saying “yes” to the Web’s most dangerous search terms. [Ars Technica]
25-06-2013: SSL: Intercepted today, decrypted tomorrow. [Netcraft]
25-06-2013: Canadian hacker school goes dark after government probe. [Wired]
25-06-2013: Cyber attack hits South Korea websites. [BBC News] [Stuff] [WSJ ATD] [WSJ] [Yahoo News]

26-06-2013: Claims Anonymous behind Korean cyber attack. [Stuff]
27-06-2013: Hacking spree blamed on 'Dark Seoul Gang'. [Stuff]
29-06-2013: Hard drive-wiping malware part of new wave of threats targeting South Korea. [Ars Technica]
01-07-2013: South Korean presidential site loses data. [Stuff]

24-06-2013: US surveillance is not aimed at terrorists. [Bloomberg]
24-06-2013: Spear phishing attack against the FT. [Schneier] [FT Labs]
24-06-2013: YouTube and a DDoS attack. [Google]
23-06-2013: Spate of cyber attacks points to inside India. [WSJ ATD] [WSJ]
23-06-2013: Snowden: US spies on Chinese mobile phone companies, steals SMS data. [SCMP] [The Register]
21-06-2013: The Japanese response to terrorism. [Schneier] [L'Hote]
21-06-2013: US offensive cyberwar policy. [Schneier] [BoingBoing]
21-06-2013: NORKS harbouring 3,000-strong cyber army, claims Seoul. [The Register]
20-06-2013: Hi Vladimir... it's Obama -- the hackers are back. Hello... are you still there? [The Register]
20-06-2013: The US uses vulnerability data for offensive purposes. [Schneier]
20-06-2013: Webcams taken over by hackers, charity warns. [BBC News]
19-06-2013: Schneier: Leaked doc shows USA has started an Internet war. [BoingBoing] [BoingBoing] [CNN]
19-06-2013: Hacker tests limit of US cyber law. [Stuff]
18-06-2013: US and Russia sign cyber security pact. [Stuff]
18-06-2013: Surveillance cameras can be hacked -- expert. [Stuff]
17-06-2013: Project C-43: a final piece of public-key cryptography history. [Schneier] [Techpinions]
15-06-2013: NSA gets early access to zero-day data from Microsoft, others. [Ars Technica]
15-06-2013: CIA spooks picked Amazon's "superior" cloud over IBM. [The Register]

18-06-2013: Amazon's invasion of the CIA is a seismic shift in cloud computing. [Wired]

14-06-2013: A call to arms for banks. [WSJ]
14-06-2013: We want to put a kill switch into your phone, say Feds. [The Register]
13-06-2013: How the NSA could get so smart so fast. [WSJ]
13-06-2013: More on feudal security. [Schneier]
13-06-2013: Eurogeddon? UK banks are more terrified of hackers -- big banker. [The Register]
12-06-2013: The secret war. [BoingBoing] [Wired]
13-06-2013: PRISM snitch claims NSA hacked Chinese targets since 2009. [The Register] [Ars Technica] [TechCrunch]
13-06-2013: Hackers target Iranian Gmail users. [Stuff] [The Register] [BBC News] [Wired]

14-06-2013: Iranian elections bring lull in bank attacks. [Krebs]

12-06-2013: Cisco hints at new security standard. [The Register]
12-06-2013: What the NSA can do with "big data". [Ars Technica]
10-06-2013: Obama faces off China's president: we can't be pals with all this cyber-theft. [The Register]
10-06-2013: Microsoft borks botnet takedown in Citadel snafu. [The Register] [The Register]
08-06-2013: Amazon confirms CIA spook cloud contract. [The Register]
08-06-2013: Under draft bill, EU wants to raise jail time for hackers, botnet operators. [Ars Technica]
08-06-2013: Behold, the world's most sophisticated Android trojan. [Ars Technica] [PocketNow] [SecureList] [BGR] [Stuff]
07-06-2013: Laws of physics say quantum cryptography is unhackable -- it's not. [Wired]
07-06-2013: US to freeze assets of hackers and deport cyber criminals. [HardOCP] [ZDNet]
07-06-2013: Obama orders US to draw up overseas target list for cyber attacks. [The Guardian] [Wired] [Engadget] [Gizmodo] [BoingBoing]

08-06-2013: Guardian publishes third secret NSA document, on cyberwar. [Ars Technica] [The Guardian] [The Register]

06-06-2013: Huawei tech in UK networks: tougher safeguards demanded by MPs. [ZDNet]
06-06-2013: Chinese hackers hacked Barack Obama. [Gizmodo] [NBC News]

14-06-2013: "Guccifer" hacks email, Facebook accounts of Obama appointee who leads US Nuclear Security Agency. [BoingBoing] [The Smoking Gun]

06-06-2013: Huawei controversy flares up again. [Stuff]
06-06-2013: Microsoft, FBI take aim at cyber crime ring. [Stuff] [DailyTech] [HardOCP] [Microsoft]
06-06-2013: Study asks what happened to hacked data? [Stuff]
05-06-2013: Espionage malware infects raft of governments, industries around the world. [Ars Technica]
05-06-2013: Schneider moves on ancient SCADA vulnerability. [The Register]
05-06-2013: Password crackers go green by immersing their GPUs in mineral oil. [Ars Technica]
04-06-2013: Juniper announces availability of data center DDoS protection. [Juniper]
04-06-2013: FDIC: 2011 FIS breach worse than reported. [Krebs]
03-06-2013: Spamhaus-style DDoS attacks: all the hackers are doing it. [The Register]
03-06-2013: Cashout service for ransomware scammers. [Krebs]
02-06-2013: China and the US are going to sit down and talk about all this hacking. [Gizmodo] [NYT]

05-06-2013: China says it has "mountains of data" to accuse US of cyber attacks. [DailyTech]

01-06-2013: USSR's old domain attracts cybercriminals. [Stuff] [Gizmodo] [PhysOrg]
01-06-2013: Some day, you may ditch your two-factor authenticator for an electronic tattoo. [Ars Technica] [HardOCP] [The Register] [DailyTech]

31-05-2013: Apple's two-factor security isn't as good as Microsoft or Google's, say experts. [The Register]
31-05-2013: Syrian Electronic Army fails to crack Israeli water system. [The Register]
30-05-2013: Indonesia to build crack IT-trained military unit to deflect attacks. [The Register]
30-05-2013: Kaspersky plans to reveal source code to avoid Huawei's fate. [The Register]
28-05-2013: Report: Chinese hackers have stolen sensitive US weapon design files. [Gizmodo] [Washington Post] [The Register] [DailyTech] [BBC News]
28-05-2013: Australia: China spy agency hack claims 'will not hit ties'. [BBC News] [Stuff] [NZ Herald]

29-05-2013: Attorney General says Aussie spy data hacked. [Stuff]

25-05-2013: Smart meters: hacking fear ahead of nationwide rollout. [BBC News]
25-05-2013: Google builds bigger crypto keys to make site forgeries harder. [Ars Technica]
25-05-2013: How easy is it to hack a smart meter? [BBC News]
24-05-2013: Syrian Electronic Army: pro-government propaganda, or just trolling for lulz? [The Verge]
23-05-2013: Iran has hacked US energy companies. [Gizmodo] [WSJ]

27-05-2013: Iran fingered for attacks on US power firms. [The Register]

22-05-2013: Hackers find China is land of opportunity. [NYT]
22-05-2013: Reporters use Google, find breach, get branded as "hackers". [Ars Technica]
21-05-2013: Indian 'attacks' Norwegian telco to get at Pakistan, China. [The Register]
21-05-2013: Think your Skype messages get end-to-end encryption? Think again. [BoingBoing] [Ars Technica] [The Register]

20-06-2013: New details of Skype eavesdropping. [Schneier] [NYT]

20-05-2013: UK spooks' candid opinions of the Assange affair revealed. [BoingBoing] [The Guardian]
20-05-2013: DDoS-for-hire service works with blessing of FBI, operator says. [Ars Technica]
18-05-2013: Hacker serving 5-year sentence invents ATM add-on to prevent theft. [Ars Technica] [Gizmodo] [The Register]
18-05-2013: "SpecialisRevelio" Macs use Harry Potter spell to unlock secret backdoor. [Ars Technica]
17-05-2013: FT hacked by Syrian Electronic Army. [Telegraph]

21-05-2013: Syrian hacktivists hijack Telegraph's Facebook, Twitter accounts. [The Register]

17-05-2013: Computer scientist to FBI: don't require all our devices to have backdoors for spies. [BoingBoing] [Freedom to Tinker]
17-05-2013: Cybersecurity a challenge even for experts. [Stuff]
16-05-2013: Terrorists entered witness protection, then fled the US. [Wired]
14-05-2013: Researchers develop algorithm to protect networks from cyber attacks. [Engadget]
14-05-2013: Russia busts CIA spy and his Gmail. [Wired] [The Register]
14-05-2013: Obama's DoJ caught spying on AP in hunt for leakers. [DailyTech]
13-05-2013: DDoS services advertise openly, take PayPal. [Krebs]
12-05-2013: Cyberattacks against US corporations are on the rise. [NYT]
09-05-2013: Cyberthieves yank $45 million in sophisticated ATM hack. [Engadget] [Gizmodo] [ReadWriteWeb] [BoingBoing] [Ars Technica]

11-05-2013: Group arrested in alleged ATM cybercrime. [WSJ ATD]

09-05-2013: How The Onion was hacked by the Syrian Electronic Army. [Gizmodo]

10-05-2013: Anatomy of a state-sponsored phishing attack: how the Syrian Electronic Army hacked The Onion. [BoingBoing] [The Onion] [The Register]

06-05-2013: China's Internet security giant Qihoo planning global domination. [The Register]

07-05-2013: China sees cyberwar as reducing US advantage in future conflict. [WSJ ATD]
07-05-2013: US DoD fingers China as top cyber threat. [The Register] [Gizmodo]
08-05-2013: China dismisses Pentagon report claiming Beijing is using cyber attacks. [DailyTech]
13-05-2013: China: online predator or hapless host? [The Register]
20-05-2013: Chinese army cyberunit apparently attacking US targets again. [ReadWriteWeb]
21-05-2013: Chinese hackers who breached Google gained access to sensitive data, US officials say. [Washington Post] [Stuff]
22-05-2013: Chinese hackers accessed law enforcement targets? [HardOCP] [ComputerWorld]

04-05-2013: Indictment: sysadmin passed over for promotion quits, then strikes back. [Ars Technica]
03-05-2013: Pentagon warns North Korea could become a hacker haven. [Wired]
03-05-2013: Not only is James Bond fictional, he's not a fair representation of intelligence. [The Register]
03-05-2013: Alleged SpyEye seller 'Bx1' extradited to the US. [Krebs] [Ars Technica]
03-05-2013: Chinese 'spy' caught with NASA laptop full of porn, not secrets. [Ars Technica] [HardOCP] [Bloomberg]
02-05-2013: Chinese attack sucks secrets from US defence contractor. [The Register] [Ars Technica]

30-04-2013: Washington hospital hit by $1.03 million cyberheist. [Krebs] [Schneier]
30-04-2013: Open IP ports let anyone track ships on the Internet. [Ars Technica]
26-04-2013: New Zealand cybersecurity fears rising. [NZ Herald]
23-04-2013: Akamai: DDoS attacks tripled year-over-year in 2012, China ranks as biggest offender. [Engadget]

23-04-2013: China main source of attacks in 2012. [ZDNet]

23-04-2013: Air Force wins cyber war with NSA hackers. [Stuff]
20-04-2013: The Boston Marathon bomber manhunt. [Schneier]
20-04-2013: Reddit hit with massive DDoS attack. [HardOCP] [TechCrunch]
18-03-2013: The Nemin.gen trojan. [Schneier] [Dark Reading]
16-04-2013: Syrian electronic army hacks NPR, vandalises headlines. [NakedSecurity] [Ars Technica]
16-04-2013: Lookout shows just how easy it is to hack a phone -- and how you can prevent it. [WSJ ATD]
16-04-2013: If you see something, say something: liveblogging from a lecture about terrorism, security, and visual narratives. [BoingBoing]
15-04-2013: WordPress site attacked by cybercriminals. [Trusted Reviews]
15-04-2013: Hackers train for cybersecurity jobs. [Stuff]
14-04-2013: Wireless IP cameras open to hijacking over the Internet. [HardOCP] [ComputerWorld]
13-04-2013: Computer security legend Mudge leaves DARPA for Google job. [WSJ ATD]
13-04-2013: Brute force attacks build WordPress botnet. [Krebs] [TechCrunch] [Ars Technica]
12-04-2013: Cyber-ring attacks game companies for years. [Stuff]
10-04-2013: Replacing passwords with passthoughts. [Stuff]
07-04-2013: John Key refuses to confirm China link to cyber attacks. [NZ Herald]
05-04-2013: Alleged botnet mastermind and his coders busted by Russian, Ukranian security. [Ars Technica] [Krebs]
05-04-2013: Possible security disasters loom with rollout of new top-level domains. [Ars Technica]
04-04-2013: Advance, persistent threats get more advanced, persistent and threatening. [The Register]
03-04-2013: In wake of gTLD security criticism, ICANN announces emergency back-up registry operators. [ComputerWorld]
02-04-2013: DNSSEC adpotion is slow for government agencies. [Secure64]

11-04-2013: DNSSEC and Google's public DNS service. [Geoff Huston]

01-04-2013: DHS warns of TDoS extortion attacks on public emergency networks. [Krebs]

29-03-2013: New RC4 attack. [Schneier] [ISG]
27-03-2013: Global internet slows after biggest attack in history. [BBC News] [NZ Herald] [The Register] [BoingBoing] [NYT] [Ars Technica] [ExtremeTech] [Stuff]

27-03-2013: The DDoS that almost broke the Internet. [CloudFlare]
27-03-2013: Cyber attack on spam fighter said to be over. [WSJ]
27-03-2013: Who's to blame for the huge cyberattack slowing down the web? Your ISP. [ReadWriteWeb]
27-03-2013: The Internet war apocalypse is a lie. [BoingBoing] [Gizmodo]
29-03-2013: When spammers go to war: behind the Spamhaus DDoS. [Ars Technica]
29-03-2013: How Spamhaus' attackers turned DNS into a weapon of mass destruction. [Ars Technica]
29-03-2013: Provocateur comes into view after cyberattack. [NYT]
30-03-2013: Yes, this week's DDoS attack was huge, and part of an ominous trend. [ReadWriteWeb]
03-04-2013: Can a DDoS break the Internet? Sure... just not all of it. [Ars Technica]
26-04-2013: Police arrest suspect in biggest DDoS attack in history. [The Register] [Stuff] [NZ Herald] [Krebs] [BGR]
29-03-2013: Cyberattack suspect had 'bunker' in north Spain. [NZ Herald]
29-03-2013: Dutchman accused of launching biggest cyberattack in history. [NZ Herald]
29-04-2013: Spamhaus hacking suspect had mobile attack van. [BBC News]
30-04-2013: Cyberattack suspect to be sent to Netherlands. [Stuff]
20-05-2013: The man who 'nearly broke the Internet'. [The Guardian]

27-03-2013: GCHQ attempts to downplay amazing paintext password blunder. [The Register]
25-03-2013: North Korea training cyber warriors. [Stuff]
22-03-2013: Filesharing made invisible. [NZ Herald]
21-03-2013: Privacy 101: Skype leaks your location. [Krebs]
21-03-2013: Whole Internet probed for insecure devices. [BBC News]
21-03-2013: Decade-old espionage malware found targeting government computers. [Ars Technica]
20-03-2013: Tone down the cyberwarfare rhetoric, expert urges Congress. [Wired] [ThreatPost]
20-03-2013: South Korean TV networks, banks suffer suspect cyber attack. [Google News] [BBC News]

21-03-2013: Chinese address source of Korean cyberattack. [Stuff] [BBC News] [Reuters]
21-03-2013: Your hard drive will self-destruct at 2pm: inside the South Korean cyberattack. [Ars Tecnica] [WSJ ATD]
10-04-2013: South Korea blames North for bank and TV cyber attacks. [BBC News] [Stuff] [The Register] [Yahoo News] [Ars Technica]

20-03-2013: SCADA honeypots attract swarm of international hackers. [The Register]
20-03-2013: Cisco switches to weaker hasing scheme, passwords cracked wide open. [Ars Technica]
20-03-2013: Chameleon botnet steals millions from advertisers with fake mouseclicks. [Ars Technica]
19-03-2013: Cyberwar manual lays down rules for online attacks. [AP] [CCDCOE]
19-03-2013: Here's a reminder not to tell your foreign lover US nuke secrets. [Wired]
19-03-2013: Google implements DNSSEC validation for public DNS. [SecurityWeek]
19-03-2013: CloudFlare goes down, cites router issue in DDoS attack. [EtherealMind]
18-03-2013: LA Times hack: security breach or harmless prank? [NZ Herald]
16-03-2013: National security letters ruled unconstitutional. [The Register] [Ars Technica] [BoingBoing] [EFF]
15-03-2013: Half of all spam comes from only 20 ISPs. [HardOCP] [BBC News]
15-03-2013: CCTV hack takes casino for $33 million in poker losses. [The Register] [BoingBoing] [Herald Sun]
15-03-2013: Internet security writer DDoS'd, visited by armed SWAT team who'd bee hoaxed. [BoingBoing] [Krebs] [Ars Technica] [The Verge]

18-03-2013: The obscurest epoch is today. [Krebs]
19-03-2013: Same hacker may have targeted Ars, reporter Krebs, and Wired's Honan. [Ars Technica] [Gizmodo]

15-03-2013: North Korea says US behind hack attack. [BBC News]

15-03-2013: Renesys confirms network outages -- maybe attacks -- in North Korea. [WSJ ATD]

15-03-2013: Backdoor daemon in HP LaserJets. [The Register]
14-03-2013: Al-Qaeda lacks expertise for cyberwar, experts tell MPs. [BBC News]
14-03-2013: US national vulnerability database hacked. [The Register]
14-03-2013: Nationalism on the Internet. [Schneier]
14-03-2013: The hackers are winning. [ReadWriteWeb]
14-03-2013: For the first time, US military says it would use offensive cyberweapons. [Ars Technica]
13-03-2013: Impact of Manning case on media: death to whistleblowers? [BoingBoing] [NYT]

13-03-2013: In case you missed: Bradley Manning has a voice. [BoingBoing]
18-03-2013: Correcting error-ridden WSJ column prasising "aiding the enemy" charge for Manning, Wikileaks. [BoingBoing] [FotPF]

13-03-2013: The NSA is training 13 teams of covert hackers to attack other countries. [Gizmodo]
13-03-2013: Security theatre on the Wells Fargo website. [Schneier] [Y-Combinator]
13-03-2013: US steps up alarm over cyberattacks. [WSJ]
13-03-2013: Michelle Obama's personal data hacked, leaked. [NZ Herald] [The Register]

13-03-2013: Top credit agencies say hackers stole celebrity reports. [Bloomberg]

11-03-2013: Inside the Sistine Chapel's security tech for the papal election. [Gizmodo] [Reuters]
10-03-2013: Iran blocks use of tool to get around Internet filter. [Reuters] [Stuff] [Engadget] [DailyTech]
08-03-2013: Ross Anderson's Security Engineering online. [Schneier] [Security Engineering]
08-03-2013: Oxford University blocks Google Docs. [Schneier] [OxCERT]
07-03-2013: How the FBI intercepts cell phone data. [Schneier] [Slate]
01-03-2013: Phishing has gotten very good. [Schneier] [BBC News]

28-02-2013: Bizarre old-school spyware attacks governmnets, sports mark of the beast. [Ars Technica]
27-02-2013: Spyware implanted in PDFs has been sneaking into government computers worldwide. [Gizmodo] [SecureList]
26-02-2013: Stop saying "cyber Pearl Harbour", RSA boss pleads. [The Register]
26-02-2013: Impossible battle: hackers everywhere. [Stuff]
25-02-2013: The shortage of US cyberwarriors. [HardOCP] [National Journal]
25-02-2013: Bypassing Google's two-factor authentication. [Duo Security] [Gizmodo]
25-02-2013: Juniper announces next-generation security for the data center. [Juniper]
24-02-2013: Deconstructing web attack trends in 2012. [Juniper]
23-02-2013: Some offshore oil rigs have been incapacitated by malware. [Gizmodo] [Houston Chronicle]
22-02-2013: The incredible rise and fall of a hacker who found the secrets of the next Xbox and Playstation -- and maybe more. [Kotaku]
22-02-2013: Hacking the Papal election. [Schneier]
22-02-2013: All those companies that can't afford dedicated security. [Schneier] [Dark Reading]
20-02-2013: An update on our war against account hijackers. [Google] [TechCrunch]
19-02-2013: This is the site likely responsible for the recent major tech company hacks. [WSJ ATD]
19-02-2013: Shocking expose of China's black PR industry implicating government officials is quickly deleted from the web. [Tech In Asia]
19-02-2013: 19th century traffic analysis (using social engineering). [Schneier]
19-02-2013: DDoS attack on bank hid $900k cyberheist. [Krebs]
18-02-2013: More state-sponsored hacking. [Schneier] [Schneier] [The Register] [The Register]
18-02-2013: Car data surveillance and the future of black boxes. [Schneier]
15-02-2013: Guessing smartphone PINs by monitoring the accelerometer. [Schneier] [BBC News]
14-02-2013: A Chinese hacker's identify unmasked. [HardOCP] [BusinessWeek]
13-02-2013: New al Qaeda encryption tool. [Schneier] [HStoday]
12-02-2013: UK doesn't have the SKILLS to save itself from cyber threats. [The Register]
11-02-2013: President to issue order on cyber attack defense? [HardOCP] [Reuters] [Wired] [Stuff] [Twitter] [The Hill] [Engadget] [Gizmodo] [The Register]

11-02-2013: Barack Obama is the first cyber war president, but a president can't win a cyber war. [Fast Company]
12-02-2013: Obama's cybersecurity executive order scores much better than CISPA on privacy. [Forbes]
13-02-2013: Obama's cybersecurity order aims for a restart with Congress. [WSJ ATD]
14-02-2013: Obama, cybersecurity, and the return of CISPA. [ReadWriteWeb]

11-02-2013: Really clever TLS attack. [Schneier] [ISG PDF]
10-02-2013: How a security ninja cracked the password guarding his most valuable assets. [Ars Technica]
09-02-2013: Crooks steal security firm's crypto key -- use it to sign malware. [Ars Technica]
09-02-2013: George Bush hacked -- emails & pics leaked. [Stuff] [BBC News]
08-02-2013: Millenials and cybersecurity. [Schneier] [Duke PDF]
08-02-2013: Security firm Bit9 hacked -- used to spread malware. [Krebs]

13-02-2013: Bit9 breach began in July 2012. [Krebs]

08-02-2013: Kids using coding skills to hack friends on games. [BBC News]
07-02-2013: Massive search fraud botnet seized by Microsoft and Symantec. [Ars Technica] [The Register] [Krebs] [BBC News]
05-02-2013: The Federal Reserve said it was hacked. [Gizmodo] [Reuters]
05-02-2013: DNSSEC deployment lags. [Secure64]
04-02-2013: Flaw flood busts bug bank. [Krebs]
01-02-2013: Pentagon staffs up US Cyber Command. [Schneier] [Washington Post] [NZ Herald]
01-02-2013: Quantum crypto still not proven, claim Cambridge experts. [The Register]

06-02-2013: Why is quantum computing so hard? [Schneier] [Light Blue Touchpaper]

31-01-2013: Report: DDoS attacks now more angry, complex and targeted. [The Register] [Arbor Networks]
31-01-2013: Snooping on movement can reveal smartphone PINs. [The Register]
31-01-2013: Great Firewall architects fingered for GitHub attack. [The Register]
30-01-2013: Con artist woman banned from the Internet. [HardOCP] [StarPhoenix]
30-01-2013: 5 security holes almost everyone is vulnerable to. [Lifehacker]
29-01-2013: 5 years after major DNS flaw is discovered, few US companies have deployed long-term fix. [NetworkWorld]
29-01-2013: UPnP flaw puts millions of PCs at risk. [cNet] [Wired] [Ars Technica]
29-01-2013: Smartphone sensors reveal security secrets. [BBC News]
28-01-2013: Lots of security cameras are wide open. [Gizmodo] [Forbes] [The Register] [ExtremeTech]
28-01-2013: Big bank mules target small bank businesses. [Krebs]
27-01-2013: Pentagon expanding cybersecurity force to protect networks against attacks. [NYT]
24-01-2013: Backdoors found in Barracuda Networks gear. [Krebs] [Schneier]
23-01-2013: Three men charged in connection with 'Gozi' trojan. [Krebs]
22-01-2013: Canadian student expelled for playing security "white hat". [Ars Technica] [Wired]
19-01-2013: Polish takedown targets 'Virus' botnet. [Krebs]
18-01-2013: Google declares war on the password. [HardOCP] [Wired] [Ars Technica] [Gizmodo] [Engadget] [Stuff] [Schneier]

21-01-2013: 'End of passwords' predictions are premature -- Cambridge boffin. [The Register]

17-01-2013: Man-in-the-middle attack against browser encryption. [Schneier] [GigaOM] [ZDNet]
17-01-2013: Why hackers should fear what they write. [Stuff] [Schneier] [SMH]
16-01-2013: Two US power plants infected with malware spread via USB drives. [Ars Technica] [BBC News] [Gizmodo]
11-01-2013: Everything we know so far about drone strikes. [ProPublica]
11-01-2013: US government warns over vulnerable control systems. [BBC News]
10-01-2013: Government unable to define 'Homeland Security'. [Wired]
09-01-2013: Iran is behind recent spate of cyber attacks on banks. [Gizmodo] [NYT]
09-01-2013: Boffins hide messages in Skype "silence packets". [The Register] [The Register] [BoingBoing]
05-01-2013: Security pros predict "major" cyber terror attack this year. [Ars Technica]
03-01-2013: Turkish registrar enabled phishers to spoof Google. [Krebs]

2012 News

29-12-2012: Looking back: the five most important security stories of 2012. [Ars Technica]
28-12-2012: I seem to be a verb. [Schneier]
26-12-2012: Hackers use backdoor to break system. [Schneier] [Wired]
25-12-2012: Digital feudalism, cyberterrorism, and zombie SOPA. [ReadWriteWeb]
24-12-2012: Where OS X security stands after a volatile 2012. [Ars Technica]
23-12-2012: NSA targeting domestic computer systems in secret test. [cNet]
21-12-2012: This week's overreactions. [Schneier]
21-12-2012: Obama unveils online information sharing strategy to fight cyberterrorism. [ReadWriteWeb]
20-12-2012: PGP, TrueCrypt-encrypted files cracked by £300 tool. [The Register]

22-12-2012: Still putting your crypto-protected PC in hibernate? $300 app can hack it. [Ars Technica]
27-12-2012: Breaking hard disk encryption. [Schneier] [TNW]

19-12-2012: Top trends in cyber attacks 2012. [Juniper]
19-12-2012: Information age law enforcement techniques. [Schneier] [Hacker10]

PDF attached below: Use_of_Internet_for_Terrorist_Purposes.pdf

14-12-2012: China tightens 'Great Firewall' Internet control with new technology. [Schneier] [The Guardian]

21-12-2012: Apple uses HTTPS in China, thwarts censors. [TUAW]
28-12-2012: China requires Internet users to register names. [HardOCP] [Yahoo]
28-12-2012: China is turning its ISPs into Internet police. [ExtremeTech]

14-12-2012: Police use 24/7 power grid recordings to spot doctored audio. [The Register]
14-12-2012: Intruders hack industrial heating system using backdoor posted online. [Ars Technica]
12-12-2012: Feds smash international cybercrime ring with power of Facebook. [The Register] [Wired] [Gizmodo] [FBI] [Chicago Tribune]
12-12-2012: Password ban makes sense. [Stuff]
10-12-2012: Bypassing 2-factor authentication. [Schneier] [TechSpot]
10-12-2012: Espionage attacks against the Ruskies? [Krebs]
10-12-2012: 25-GPU cluster cracks every standard windows pasword in <6 hours. [Ars Technica] [Gizmodo]
07-12-2012: The hardware hackers use to crack your passwords. [Gizmodo] [The Register]
06-12-2012: New attack makes some password cracking faster, easier than ever. [Ars Technica]
04-12-2012: Swiss spy agency warns US, Britain about huge data leak. [Reuters]
04-12-2012: Deleted files linger on. [Stuff]

30-11-2012: The final words of a 15-year-old hacker banned from the Internet. [Gizmodo]
30-11-2012: Hack could let browsers use cloud to carry out big attacks on the cheap. [Ars Technica]
29-11-2012: No VPN? No problem. A new way around China's Great Firewall. [WSJ]
21-11-2012: No more lulz: should Weev, the world's most notorious troll, go to jail for hacking? [Mother Board]
21-11-2012: Risk profiling software tackles the terrorist threat. [BBC News]
20-11-2012: Security firm showcases vulnerabilities in SCADA software, won't report them to vendors. [NetworkWorld]
20-11-2012: Unhackable telecom networks come a step closer. [Stuff] [BBC News]
19-11-2012: Security theater in American diplomatic missions. [Schneier] [NYT]
16-11-2012: Free hacking toolkits fuel cyber arms race. [Stuff]
15-11-2012: The terrorist risk of food trucks. [Schneier]
15-11-2012: Obama signs secret directive to help thwart cyberattacks. [Washington Post] [The Register] [Gizmodo]
14-11-2012: One simple trick could disable a city's 4G phone network. [Gizmodo] [Schneier] [MIT Technology Review]
13-11-2012: US defence firm Lockheed Martin warns on cyber-attacks. [BBC News]
12-11-2012: New report warns of SCADA cybergeddon. [The Register]
08-11-2012: Gary McGraw on natinoal cybersecurity. [Schneier] [TechTarget]
06-11-2012: Need more secure operating systems. [Secure64]
06-11-2012: Cyberheists 'a helluva wake-up call' to small biz. [Krebs]

28-10-2012: Another systematic SCADA vulnerability. [The Register]
26-10-2012: Backdoor in computer controls opens critical infrastructure to hackers. [Ars Technica] [Schneier] [Krebs]
23-10-2012: In cyberattack on Saudi firm, US sees Iran fighting back. [NYT]
22-10-2012: UN calls for 'anti-terror' Internet surveillance. [HardOCP] [cNet]
20-10-2012: US drafts order for infrastructure cyberattacks. [Stuff]
19-10-2012: GitHub hit by DDoS attack second day in a row. [TNW]
10-10-2012: Stoking cyber fears. [Schneier]
09-10-2012: To keep passwords safe from hackers, break them into bits. [Technology Review]
09-10-2012: Story of a CIA burglar. [Schneier] [Smithsonian]

09-10-2012: Danish man claims he was a CIA mole in al-Qaida. [Wired]
15-10-2012: Alleged CIA mole says he played matchmaker for al-Qaida propagandist. [Wired]

09-10-2012: DDoS attacks get serious. [Secure64]
08-10-2012: US politics: only buy Huawei or ZTE equipment if you like being spied on. [The Register] [MobileBurn] [WSJ ATD]

08-10-2012: Cisco dumps ZTE over alleged Irania spy gear deals. [Wired] [Ars Technica]
08-10-2012: Spies or no spies, US companies should fear Huawei. [Wired]
09-10-2012: ZTE say they pose no threat to the USA. [Tracy and Matt]
09-10-2012: China calls Huawei report "groundless". [WSJ ATD]
10-10-2012: Canadian security move fans fears of Huawei exclusion. [BBC News] [Reuters] [Engadget]
10-10-2012: US panel to probe new wave of complaints against Huawei and ZTE. [Reuters]
10-10-2012: What Huawei and ZTE could actually do to your company. [ReadWriteWeb]
10-10-2012: Huawei's cyber security chief slams US "protectionism". [Forbes]
10-10-2012: Should the UK be worried about Chinese tech firms? [BBC News]
11-10-2012: Huawei's US competitors among those pushing for scrutiny of Chinese tech firm. [Washington Post]
12-10-2012: Huawei: spying risk vs gains. [NZ Herald]
15-10-2012: ZTE shares slide as it forecasts third quarter loss. [BBC News] [Engadget]
17-10-2012: White House: Huawei wasn't spying for China. [Gizmodo] [Engadget] [Reuters] [The Hill] [BBC News]
24-10-2012: Huawei says US stance is 'protectionism'. [The Register]
24-10-2012: Huawei offers access to source code and equipment. [BBC News] [Ars Technica] [ExtremeTech] [Engadget]
26-10-2012: Huawei partner tries to sell US tech to Iran. [The Register]
29-10-2012: The Huawei security problem isn't the hardware, it's engineers fixing the bugs. [EtherealMind]
29-10-2012: Huawei gets US government nod to supply Clearwire network. [The Register]
31-10-2012: Huawei's hacker critics will help company with cyber security. [Hexus] [Reuters]
26-11-2012: Huawei, ZTE ready to share source code with India. [The Times of India]
04-12-2012: Huawei hits back over US 'security threat' claim. [BBC News]
30-12-2012: A Huawei partner offered to sell a whole bunch of embargoed HP gear to Iran. [Gizmodo] [Reuters]
07-01-2013: Los Alamos nuclear weapons lab removes Chinese tech over spying concerns. [Engadget] [Reuters]
13-02-2013: USA sinks Atlantic cable cable over Huawei worries. [The Register]
08-04-2013: Huawei rolls on despite spy controversy. [NZ Herald]
24-04-2013: Hidden dragon Huawei: "We're making increased efforts at transparency." [The Register]
09-05-2013: Huawei founder Ren Zhengfei gives first media interview. [BBC News] [NZ Herald] [DailyTech] [BGR]
27-05-2013: Clearwire to pull Huawei from network. [The Register]

08-10-2012: New developments in captchas. [Schneier] [ReadWriteWeb]
08-10-2012: 'Project Blitzkrieg' promises more aggressive cyberheists against US banks. [Krebs]
05-10-2012: When will we see collisions for SHA-1? [Schneier] [Ars Technica]
04-10-2012: Tradecraft and terrorism. [Schneier] [Stratfor]
01-10-2012: Scary Android malware story. [Schneier] [Gizmodo]
01-10-2012: White House confirms cyber-attack on "unclassified" system. [BBC News] [Gizmodo]

30-09-2012: The ZeroAccess botnet visualised on Google Earth. [THG] [Schneier] [F-Secure]
28-09-2012: Watch the world get attacked by cyber criminals in real time. [Gizmodo] [HoneyMap]
26-09-2012: This is the modem world: I hate passwords. [Engadget]
26-09-2012: The 20 most common PINs are painfully obvious. [Gizmodo]
26-09-2012: Schneider, maker of smart-grid software, hacked. [Wired]
26-09-2012: Chinese hackers blamed for intrusion at energy industry giant Telvent. [Krebs]
25-09-2012: Espionage hackers target "watering hole" sites. [Krebs]
25-09-2012: Secret Microsoft policy limited Hotmail passwords to 16 characters. [Ars Technica]
24-09-2012: SHA-3 to be announced. [Schneier] [NIST]

25-09-2012: SHA-3 hash finalist Schneier calls for halt in crypto contest. [The Register]
02-10-2012: Keccak is SHA-3. [Schneier] [NIST] [Keccak]

23-09-2012: Security researchers identify transit system exploit in San Fran and New Jersey, create app to prove it. [Engadget]
21-09-2012: EU officials proposer Internet cops on patrol, no anonymity and no obscure languages -- because of terrorism. [TechDirt]
20-09-2012: BitTorrent users DDoS websites without knowing. [HardOCP] [TorrentFreak]
20-09-2012: Asian hackers p0wned by Eastern European rivals. [The Register]
19-09-2012: GCHQ in new challenge for cyber security wannabes. [The Register]
19-09-2012: Analysis of PIN data. [Schneier] [DataGenetics] [Lifehacker]
19-09-2012: Malware dragnet snags millions of infected PCs. [Krebs]
19-09-2012: Recent developments in password cracking. [Schneier]
18-09-2012: How to launch a 65Gbps DDoS, and how to stop it. [EtherealMind] [CloudFlare]
14-09-2012: Leaked: here's The White House's draft cybersecurity executive order. [HardOCP] [TechDirt]
14-09-2012: Man-in-the-middle bank fraud attack. [Schneier] [Trusteer]
14-09-2012: UGNazi. [Schneier] [Wired]
14-09-2012: UK boffins get £3.8m pot to probe 'science of cyber-security'. [The Register]
13-09-2012: The NSA wants hackers. [HardOCP] [FastCompany]
13-09-2012: Microsoft disrupts 'Nitol' botnet in piracy sweep. [Krebs]

04-10-2012: Chinese Nitol botnet back up after Microsoft settles lawsuit. [The Register]

13-09-2012: Steganography in the wild. [Schneier] [OwnedCore]
13-09-2012: Cracks in Internet's foundation of trust allows HTTPS session hijacking. [Ars Technica] [The Register]

18-09-2012: Many ways to break SSL with CRIME attacks, experts warn. [Ars Technica]
19-10-2012: Internet architects mull changes to fight SSL-busting CRIME attacks. [Ars Technica]

13-09-2012: BlackHole 2.0 gives hackers stealthier ways to pwn. [Ars Technica]
07-09-2012: Botnets, route hijacking, and other security threats. [Secure64]
07-09-2012: Sleuths trace new zero-day attacks to hackers who hit Google. [Wired] [Gizmodo] [Symantec] [Ars Technica]

10-09-2012: Google Aurora hackers at large, launch 0-day bazookas. [The Register]

07-09-2012: Botnet master gets 30-month prison term for renting out infected PCs. [Ars Technica] [HardOCP] [BBC News]
05-09-2012: McAfee threats report shows largest malware rise in four years. [Voxy]
05-09-2012: Secret account in mission-critical router opens power plants to tampering. [Ars Technica] [The Register]
04-09-2012: Al-Jazeera gets the crap hacked out of it. [Gizmodo]
04-09-2012: What Obama won't say in Charlotte: war on terror is done. [Wired]
04-09-2012: Nowhere to hide: secret spy sat agency plans unblinking array. [Wired]

31-08-2012: Google engineer finds British spyware on PCs and smartphones. [The Register]
27-08-2012: Attackers pounce on zero-day Java exploit. [Krebs]

28-08-2012: Researchers: Java zero-day leveraged two flaws. [Krebs]
30-08-2012: Security fix for critical Java flaw released. [Krebs] [The Register]
30-08-2012: Second Java zero-day exploit uncovered. [HardOCP] [MacWorld] [The Register]
01-09-2012: New vulnerabilities found in latest Java update. [HardOCP] [cNet]
03-09-2012: Thanks Java, for that business-wide rootkit infection. [The Register]
05-09-2012: Apple releases fix for critical Java flaw. [Krebs]

26-08-2012: DNS as an attack vector. [BoingBoing] [SkullSecurity]
23-08-2012: An unknown hacker group claims that it shut down the world's largest oil company -- and that they'll do it again. [Gizmodo] [NYT]

28-08-2012: One million accounts leaked in megahack on banks, websites. [The Register]

23-08-2012: Password hints easily extracted from Windows 7, 8. [Ars Technica] [The Register]
23-08-2012: Private crypto key in mission-critical hardware menaces electric grids. [Ars Technica]
22-08-2012: Wikileaks' secrets weren't, says former MI5 chief. [The Register]
22-08-2012: VMware virtual machines targeted by "Crisis" espionage malware. [Ars Technica]

24-08-2012: Crisis believed to be first malware infecting virtual machines. [THG]

21-08-2012: New Frankenstein virus can build itself on any computer from stolen snippets of code. [Gizmodo]
20-08-2012: The view from an Israeli security checkpoint. [Schneier] [Boston Review]
20-08-2012: Inside the Grum botnet. [Krebs]
16-08-2012: White hats publish DDoS hijacking manual, turn tables on attackers. [Ars Technica]
15-08-2012: Automated emails: are you launching a DoS attack on your own company? [ReadWriteWeb]
15-08-2012: Lousy password security on Tesco website. [Schneier] [Troy Hunt]
15-08-2012: "Kill switch" flaw found in to web weapon, victims sigh with relief. [The Register]
13-08-2012: iOS encryption is so good, not even the NSA can hack it. [Gizmodo] [Technology Review]

21-08-2012: Is iOS security really this good? [Schneier]

10-08-2012: Stratfor emails reveal secret, widespread TrapWire surveillance system. [RT]

11-08-2012: TrapWire: WikiLeaks reveals ex-CIA agents running face-recognition profiling company that surveils NYC subways, London stock exchange, Vegas casino, and more. [BoingBoing] [Storify]

10-08-2012: 'Booter shells' turn web sites into weapons. [Krebs]
08-08-2012: WikiLeaks under DDoS attack for a week. [HardOCP] [ZDNet] [Gizmodo]

13-08-2012: AntiLeaks boss: we'll keep pummeling WikiLeaks and Assange. [The Register]
14-08-2012: WikiLeaks website back online after DDoS cyber attack. [BBC News]

08-08-2012: Hacker-smasher: white hats join forces to build bot-beating weapon. [The Register]
08-08-2012: Triple DDoS vs KrebsOnSecurity. [Krebs]
07-08-2012: Lack of DNSSEC deployment on financial services web sites. [Secure64]
06-08-2012: Harvesting data on the Xarvester botmaster. [Krebs]
06-08-2012: Breaking Microsoft's PPTP protocol. [Schneier]
04-08-2012: Huawei: the company that spooked the world. [The Economist] [Gizmodo] [Engadget]
03-08-2012: Quantum key distribution with single photons. [BBC News] [Wired]
03-08-2012: Uptick in cyber attacks on small businesses. [Krebs]
02-08-2012: Anonymous proxy playground. [Juniper]
02-08-2012: Tech support phone scams surge. [Krebs]
02-08-2012: DDoS crooks: do you want us to blitz those phone lines too? [The Register]
02-08-2012: Profile on Eugene Kaspersky. [Schneier] [Wired] [Kaspersky] [Wired]
02-08-2012: Huawei looking into critical router flaw claims. [The Register]
01-08-2012: Rakshasa: the hardware backdoor that China could embed in every computer. [ExtremeTech]
01-08-2012: On soft targets. [Schneier] [Stratfor]

31-07-2012: Email-based malware attacks, July 2012. [Krebs]
30-07-2012: Fear-mongering at TED. [Schneier] [TED]
29-07-2012: Critics assail 1980s-era hacking law as out of step. [HardOCP] [Reuters]
29-07-2012: WikiLeaks prank targets NYT. [WSJ ATD]

29-07-2012: The fake NYT WikiLeaks op-ed that fooled pretty much everybody. [Gizmodo] [NYT Opinion]

27-07-2012: Defcon 2012 articles:

27-07-2012: Security researcher demonstrates GPS vulnerability that could let hackers track users' location, take over phone. [Android Police]
27-07-2012: Charlie Miller demonstrates hack against NFC. [Juniper] [Forbes]
27-07-2012: NSA director finally greets Defcon hackers. [cNet] [HardOCP] [PCMag]
29-07-2012: Former NSA official disputes claims by NSA chief. [Wired] [Engadget]
31-07-2012: At DEF CON Kids convention, computer hacking is child's play. [ExtremeTech]

26-07-2012: The known unknowns of Skype interception. [Slight Paranoia]
26-07-2012: Security scanner probes 1 million IPs per hour for vulns. [Ars Technica]
25-07-2012: ADS-B air traffic control vulnerabilities. [Gizmodo] [Forbes]

26-07-2012: Air traffic controllers pick the wrong week to quit using radar. [Wired]

25-07-2012: Foreign intelligence agencies are biggest online threat, ex-Fed warns. [The Register]
23-07-2012: Fear of drone GPS hacking raised by Congress as FAA deadline looms. [Ars Technica]
23-07-2012: How the Norwegians reacted to terrorism. [Schneier] [BBC News]

23-07-2012: Norway's foreign minister on why Breivik didn't have a special, secret trial. [BoingBoing] [NYT]

19-07-2012: Unbreakable crypto: stopre a 30-character password in your brain's subconscious memory. [ExtremeTech]
19-07-2012: China lays out glorious eight-point infosec masterplan. [The Register]
18-07-2012: World's third-largest spam botnet is knocked offline for good. [Gizmodo] [FireEye] [Krebs] [BBC News] [HardOCP] [Business Insider]
16-07-2012: Remote scanning technology. [Schneier] [Gizmodo]
16-07-2012: Spy software aims to corral money mules. [Krebs]
15-07-2012: The most important tech company you've never heard of. [BuzzFeed]
12-07-2012: Social networks scan for sexual predators, with uneven results. [Reuters] [Gizmodo]
12-07-2012: All-or-nothing access control for mobile phones. [Schneier] [CMU]
12-07-2012: Dropped USB sticks in parking lot as actual attack vector. [Schneier] [BoingBoing] [Elsevier]
11-07-2012: How the boy next door accidentally built a Syrian spy tool. [Wired]
11-07-2012: Microsoft kills more code-signing certs to stop Flame-like attacks. [Ars Technica]
10-07-2012: Attacking fences. [Schneier] [NYT]
10-07-2012: Deep packet inspection device purged of flaw that threatened TOR users. [Ars Technica]
09-07-2012: Sensible comments about terrorism. [Schneier] [The Telegraph] [The Atlantic]
09-07-2012: Students hack ~~DHS~~ university drone. [Schneier]
04-07-2012: DDoS blackmailers busted in cross-border swoop. [The Register]
03-07-2012: Commercial espionage virus. [Schneier] [The Telegraph]

29-06-2012: Cable hacker jailed. [BoingBoing] [Wired]
28-06-2012: Nuclear fears. [Schneier] [Scientific American]
27-06-2012: Russian nuclear launch code backup procedure. [Schneier] [RiaNovosti]
27-06-2012: Top Secret America on the post-9/11 cycle of fear and funding. [Schneier] [Amazon]
26-06-2012: "High Roller" hacker attack is stealing hundreds of millions from the rich. [DailyTech]
26-06-2012: Email accounts more valuable than bank accounts. [Schneier] [Elie Bursztein]
26-06-2012: Scientists crack RSA SecurID 800 tokens, steal cryptographic keys. [Ars Technica] [Gizmodo] [The Register]
25-06-2012: Proxy your way to online anonymity. [Wired]
25-06-2012: MI5 fighting 'astonishing' level of cyber attacks. [BBC News] [The Register]
25-06-2012: Resilience. [Schneier]
22-06-2012: Iran: our nuke facilities still under attack by US, Isrealis and MI6. [The Register]
21-06-2012: Tor anonymity developers tell all. [BoingBoing] [Reddit]
19-06-2012: Fujitsu cracks 278-digit crypto. [The Register]
18-06-2012: NSA: it would violate your privacy to say if we spied on you. [Wired]
17-06-2012: Honeynet looks to trap USB malware. [The Register] [Google Code]
16-06-2012: US-CERT discloses security flaw in Intel chips. [HardOCP] [HotForSecurity]
14-06-2012: PGP founder, Navy SEALs uncloak encrypted comms biz. [The Register]
13-06-2012: Teaching the security mindset. [Schneier] [BoingBoing]

14-06-2012: Cheating in online classes. [Schneier]

13-06-2012: Is "big data" intelligence the next big thing in security? [Juniper]
13-06-2012: Exploit posted for vulnerable F5 kit. [The Register]
12-06-2012: Israel demanding passwords at the border. [Schneier] [AustralianIT] [Haaretz]
12-06-2012: James Bond-style malware targets firm that secures industrial systems. [Ars Technica]
11-06-2012: The antivirus era is over. [Technology Review]
09-06-2012: New DoS tool lets a single PC bring down an Apache server. [Ars Technica]
07-06-2012: MD5 password scrambler 'no longer safe'. [ZDNet]
07-06-2012: A bad week for passwords, and one way to make it better. [WSJ ATD]
06-06-2012: Relax hackers -- NATO has no cyber-attack plans -- top brass. [The Register]
06-06-2012: Google starts warning users of state-sponsored computer attacks. [Ars Technica] [BBC News] [The Register] [Engadget] [ReadWriteWeb] [BoingBoing] [Google] [HardOCP] [chron]
05-06-2012: Interesting article on Libyan intelligence gathering. [Schneier] [Wired]
01-06-2012: Post mortem: today's attack, apparent Google Apps/Gmail vulnerability, and how to protect yourself. [CloudFlare]

04-06-2012: The four critical security flaws that resulted in last Friday's hack. [CloudFlare]

30-05-2012: White House prepares to convene anti-botnet summit. [HardOCP] [cNet] [Engadget] [Bloomberg]
29-05-2012: Interview with a safecracker. [Schneier] [BoingBoing] [McSweeney's]
29-05-2012: Backdoor found (maybe) in Chinese-made military silicon chips. [Schneier] [The Register: article 1, article 2] [Information Age] [ComputerWorld]
25-05-2012: Chinese DDoS attack takes down UK domain registrar. [THG]
16-05-2012: Wikileaks has been under DDoS attack for the last three days. [ZDNet]
16-05-2012: The Pirate Bay hit by DDoS attack. [BBC News] [DailyTech] [Ars Technica] [TorrentFreak]

16-05-2012: Pirate Bay struggling to get on feet after DDoS to the knee. [The Register]
17-05-2012: The Pirate Bay returns, Anonymous hater takes credit for DDoS. [ZDNet]

10-05-2012: Norwegian teens arrested over SOCA DDoS attack. [The Register]
09-05-2012: Ustream is pissed about DDoS attack, may launch Russian site tomorrow. [VentureBeat]
09-05-2012: Queen unveils draft Internet super-snoop bill -- with clauses. [The Register]
04-05-2012: Everyone has been hacked -- now what? [Wired] [Gizmodo]
04-05-2012: FBI wants backdoors in Facebook, Skype and instant messaging. [Wired] [Engadget]
29-04-2012: Skype reveals remote and local IP address of all online users. [Ghacks] [Gizmodo]
27-04-2012: The hard drives most likely to expose your data aren't your own. [Ars Technica]
27-04-2012: Attack mitigation. [Schneier]
25-04-2012: Backdoor in mission-critical hardware threatens power, traffic-control systems. [Ars Technica] [Wired] [Schneier]

27-04-2012: Backdoor that threatens power stations to be purged from control systems. [Ars Technica]
30-04-2012: Equipment maker caught installing backdoor vows to fix following public pressure. [Wired]

25-04-2012: The world's five biggest cyber threats. [BBC News]
23-04-2012: Turing's rapid Nazi Enigma code-breaking secret revealed. [The Register]
17-04-2012: Forever-day bugs. [Schneier]
16-04-2012: Feds shutter online narcotics store that used TOR to hide its tracks. [Ars Technica]
13-04-2012: Disguising TOR traffic as Skype video calls. [Schneier]
12-04-2012: Bomb threats as a denial of service attack. [Schneier]
12-04-2012: CIA's secret fear: high-tech border checks will blow spies' cover. [Wired]
10-04-2012: Teenagers and privacy. [Schneier] [MediaShift]
07-04-2012: What Facebook sends the cops when your account is subpoenaed. [Gizmodo] [The Boston Phoenix]
06-04-2012: Watch out, white hats -- the EU moves to criminalise hacking tools. [Wired]
03-04-2012: Tor traffic disguised as Skype video calls to fool repressive governments. [Ars Technica]
03-04-2012: Law enforcement forensics tools against smartphones. [Schneier]

03-04-2012: Documents show cops making up the rules on mobile surveillance. [Ars Technica]
03-04-2012: How Apple and Google help police bypass lock screens. [HardOCP] [cNet]

02-04-2012: Buying exploits on the grey market. [Schneier] [ZDNet]
01-04-2012: UK to announce real-time phone, email, web traffic monitoring. [ZDNet]

02-04-2012: Campaigners criticise email and web monitoring plan. [BBC News]

01-04-2012: Hackers politely deface security firm website, suggest fixes. [Ars Technica]

31-03-2012: Police are using phone tracking as routine tool. [Lifehacker] [NYT]
29-03-2012: Harms of post-9/11 airline security. [Schneier]
28-03-2012: NSA: China is destroying US economy via security hacks. [DailyTech]
26-03-2012: Symantec dissolves a Chinese alliance with Huawei. [NYT] [The Register]
26-03-2012: Congressional testimony on the TSA. [BoingBoing] [Schneier] [The Register]
26-03-2012: How hackers could decapitate the Internet. [BBC News]
23-03-2012: Bruce Schneier and former TSA boss Kip Hawley debate air security. [BoingBoing] [The Economist]

29-03-2012: Bruce Schneier hands former TSA boss his ass. [BoingBoing] [The Economist]

22-03-2012: Can the NSA break AES? [Schneier]
15-03-2012: The NSA is building the country's biggest spy center (watch what you say). [HardOCP] [Wired]

20-03-2012: NSA chief denies, denies, denies Wired's domestic spying story. [HardOCP] [Wired] [Forbes] [Gizmodo]
21-03-2012: NSA chief denies domestic spying, but whistleblowers say otherwise. [Wired]

14-03-2012: Thousands of emails lifted from Syrian dictator Assad's personal account. [Ars Technica] [The Guardian]
14-03-2012: Cyber attack on BBC leads to suspicion of Iran's involvement. [BBC News] [Hexus]
14-03-2012: On cyberwar hype. [Schneier]
13-03-2012: The security of multi-word passphrases. [BoingBoing] [Schneier] [Light Blue Touchpaper] [PDF] [Ars Technica] [ReadWriteWeb]

15-03-2012: Using common phrases makes your passphrase password useless: here's how to pick a better phrase. [Lifehacker]

03-03-2012: The Pwn Plug is a little white box that can hack your network. [Ars Technica]
02-03-2012: Hackers are winning security war. [HardOCP] [MSNBC]
01-03-2012: State Department redacts Wikileaks cables. [Schneier] [ACLU]
01-03-2012: NSA agents will make all their private calls with a fishbowl. [Gizmodo]

29-02-2012: FBI special agent and counterterrorism expert criticizes the TSA. [Schneier] [BoingBoing] [gManCaseFile]
28-02-2012: Younger generation taking 'sledgehammer' to security. [The Register]
28-02-2012: The tweets that homeland security spooks look for. [BoingBoing] [Animal NY] [Schneier]
28-02-2012: Cyberwar is the new yellowcake. [Schneier] [Wired]
27-02-2012: Between MWC and RSA, worlds of mobility and security collide. [ReadWriteWeb]
24-02-2012: Computer security when traveling to China. [Schneier] [NYT]
23-02-2012: Schneier: government, big data pose bigger 'Net threat than criminals. [Ars Technica]
20-02-2012: First IPv6 DDoS Internet attacks seen. [ZDNet] [ExtremeTech]
19-02-2012: Hackers were scary in 1990. [Gizmodo]
16-02-2012: The FBI might cut off the Internet for millions of people on 8th March. [Gizmodo]
16-02-2012: Lousy random numbers caus insecure public keys. [Schneier]
14-02-2012: The RIAA's dream turns to nightmare -- inside The Pirate Bay's torrent purge. [DailyTech]
14-02-2012: Nortel Networks hackers had "access to everything" for years. [Ars Technica]

15-02-2012: Whistleblower: decade-long Nortel hack 'traced to China'. [The Register]

14-02-2012: VeriSign, a pillar of Internet security, hacked. [BoingBoing] [Credit]
12-02-2012: Microsoft store hacked in India, passwords stored in plain text. [Engadget] [WPsauce]
10-02-2012: Iran blocks HTTPS, cutting off Gmail, Yahoo and other major sites. [ReadWriteWeb] [BoingBoing] [Washington Post] [cNet] [The Next Web]

10-02-2012: As Iran cracks down online, TOR tests undetectable encrypted connections. [Forbes]
13-02-2012: Google confirms Gmail and YouTube blocked in Iran since 10th Feb. [Bloomberg]
13-02-2012: Iranians get some services back. [The Register]
14-02-2012: Internet crackdown in Iran continues, but TOR users are all back online. [Ars Technica]
20-02-2012: Internet again disrupted in Iran ahead of election. [Reuters]

09-02-2012: A Valentine's Day present for SCADA companies: new exploit tools. [Ars Technica]
09-02-2012: Alleged Foxconn hack allowed bogus orders to be placed for vendors. [AppleInsider] [MacRumors]
08-02-2012: Critics slam SSL authority for minting certificate for impersonating sites. [Ars Technica]
08-02-2012: FBI puts cloud providers on notice over security rules. [Wired]
08-02-2012: Crypto crack makes satellite phones vulnerable to eavesdropping. [Ars Technica]
06-02-2012: Hackers may be able to 'outwit' online banking security devices. [The Register]

06-02-2012: The failure of two-factor authentication. [Schneier] [BBC News]

03-02-2012: Somebody's watching: how a simple exploit lets strangers tap into private security cameras. [The Verge] [BBC News]
03-02-2012: Verisign hacked, successfully and repeatedly, in 2010. [Schneier]
01-02-2012: "Slain" Kelihos botnet still spams from beyond the grave. [Ars Technica] [TechWorld]

28-03-2012: Staggering Kelihos zombie smacked down again. [The Register]

30-01-2012: British tourists arrested in the US for Tweeting. [Schneier] [Daily Mail] [The Register] [Gizmodo]
30-01-2012: The nature of cyberwar. [Schneier] [Internet Evolution]
29-01-2012: FBI to build social network spy app. [HardOCP] [PCWorld]
27-01-2012: Password sharing among American teenagers. [Schneier]
24-01-2012: Encrypting your hard drive no longer works against federal prosecution. [Gizmodo] [cNet] [Ars Technica] [Schneier]

25-01-2012: What decryption orders mean for the Fifth Amendment. [BoingBoing] [EFF]
06-02-2012: Defendant ordered to decrypt laptop may have forgotten password. [Wired] [DailyTech]
13-02-2012: What happens when the court demands you decrypt a document and you forget the key? [Schneier]
19-02-2012: Feds urge court to reject laptop encryption appeal. [Ars Technica]
24-02-2012: Court says cops can't make you decrypt your secure hard drives. [Gizmodo] [Wired]
24-02-2012: Two cases' lessons: if cops don't know what you encrypted, they can't make you decrypt it. [Forbes]
26-02-2012: Password encryption protected under fifth amendment. [HardOCP] [ZDNet] [Ars Technica] [Schneier]
27-02-2012: Child abuse suspect won't be forced to decrypt hard drive. [The Register]
01-03-2012: Feds crack suspect's encrypted drive, avoid Constitution meltdown. [The Register] [HardOCP] [Wired] [DailyTech] [Gizmodo] [Engadget]

23-01-2012: The state of filesharing websites. [Lifehacker] [Reddit]
16-01-2012: New cyber attack hits Israel stock exchange and airline. [BBC News]
15-01-2012: 10 years ago today: Bill Gates kicks arse over security. [The Register]
14-01-2012: Recursive phishing email. [BoingBoing] [Wired]
13-01-2012: US military access cards cracked by Chinese hackers. [The Register]

13-01-2012: What are magnet links, and how do I use them to download torrents? [Lifehacker]

13-01-2012: The Pirate Bay dropping torrents after magnetic attraction. [The Register] [Ars Technica] [ExtremeTech] [HardOCP]
13-01-2012: Recovering a hacked Gmail account. [Schneier] [The Atlantic]
13-01-2012: 'Going dark' vs 'Golden age of surveillance'. [Schneier]
12-01-2012: Abolish the DHS. [Schneier]
12-01-2012: A theory of online jihadist sites. [Schneier]
12-01-2012: Apple split-key patent. [Schneier] [Patently Apple]
12-01-2012: WEF report: cyber-attack risk to global stability is real. [The Register]
10-01-2012: Collecting expert predictions about terrorist attacks. [Schneier]
09-01-2012: Top German cop uses spyware on daughter, gets hacked in retaliation. [Ars Technica]
09-01-2012: Stealing source code. [Schneier]
09-01-2012: The TSA proves its own irrelevance. [Schneier] [BoingBoing]
08-01-2012: Hackers expose defence and intelligence officials in the US and UK. [The Guardian]
07-01-2012: Israel vows to retaliate after credit cards are hacked. [BBC News]
05-01-2012: Feds want judge to force suspect to give up laptop password. [Wired]
05-01-2012: ETrade suffers DDoS festive treat. [The Register]
04-01-2012: Sending coded messages with postage stamps. [Schneier] [Rio Wang]
01-01-2012: How US spy satellite photography worked before digital technology. [PetaPixel] [The Atlantic]
01-01-2012: How scary was the Internet in 2011? [WSJ ATD]

2011 News

29-12-2011: Courts revives NSA dragnet surveillance case. [Wired] [The Register] [Ars Technica]
29-12-2011: Opinion: we must resist over-hyping security threats. [BBC News]
27-12-2011: GSM phones vulnerable to hijack scams. [HardOCP] [Yahoo]
26-12-2011: AntiSec hits private Intel firm, millions of docs allegedly lifted. [Wired]
26-12-2011: "I built spy satellites for a living." [BoingBoing] [Canadian Business]
26-12-2011: Most cellular networks worldwide vulnerable to attack, researcher says. [WSJ ATD]
26-12-2011: Hacking Subway's PoS system. [Schneier] [Ars Technica]
23-12-2011: Walk through an airport with Bruce Schneier. [BoingBoing] [Vanity Fair] [Schneier]
15-12-2011: US spy drone hijacked with GPS spoof hack. [The Register] [Gizmodo]

16-12-2011: More on the captured US drone. [Schneier]

14-12-2011: SCADA vulnerability imperils critical infrastructure. [The Register]
06-12-2011: How do you reassemble shredded documents? [BBC News]
06-12-2011: Security problems with US cloud providers. [Schneier]
01-12-2011: Does multi-factor authentication security make you feel secure? [Juniper]
01-12-2011: Recognising critical infrastructure protection month. [DHS]

29-11-2011: Tens of millions of HP LaserJet printers vulnerable to remote hacking. [ExtremeTech] [HardOCP] [MSNBC] [Wired] [Gizmodo]

30-11-2011: HP douses firebomb printer hack threat. [The Register]
02-12-2011: Hacking printers and setting them on fire. [Schneier]
23-12-2011: HP plugs security hole with LaserJet firmware update, says no record of printers set ablaze by hackers. [TechCrunch] [Engadget]
30-12-2011: Printer malware: print a malicious document, expose your whole LAN. [BoingBoing] [CCC]
06-01-2012: Time to patch your HP printers. [Schneier]

29-11-2011: Security system as a marker for high-value targets. [Schneier]
29-11-2011: Shopper surveillance using cell phones. [Schneier]
29-11-2011: Schneier: teens and treaties -- our cyber-war saviours. [The Register]
23-11-2011: The pest who shames companies into fixing security flaws. [Wired]
22-11-2011: Palantir -- the war on terror's secret weapon. [Bloomberg]
22-11-2011: Google mail crypto tweak makes eavesdropping harder. [The Register]
22-11-2011: Nervous London bankers run mock cyberattack exercise. [The Register]
21-11-2011: Hezbollah captured American spies by tracking cellphone data with commercially available software. [Gizmodo]
21-11-2011: Hack against SCADA system. [Schneier]

23-11-2011: FBI plays down claim that hackers damaged US water pump. [BBC News] [Engadget] [Washington Post]
02-12-2011: Pump hack attack 'false alarm' linked to holiday. [BBC News]

18-11-2011: US government to investigate Huawei, ZTE for security threats. [Mobile Burn]
17-11-2011: Exclusive: lax security at NASDAQ helped hackers. [Reuters]
16-11-2011: Sam Harris on self-defense. [Schneier] [Sam Harris]
15-11-2011: 4chan hit by DDoS attack, struggling to get back online. [Ars Technica]
15-11-2011: Tor launches do-it-yourself privacy bridge in Amazon cloud. [Ars Technica]
14-11-2011: F-Secure finds rare digitally signed malware. [CNet]
14-11-2011: World's stealthiest rootkit pushes DNS hijacking trojan. [The Register]
11-11-2011: Commentary on strong passwords. [Schneier]
10-11-2011: NetApp faces probe into Syrian spooks' use of its storage kit. [The Register]
08-11-2011: China's Huawei denies aiding censorship and tracking efforts in Iran. [TheNextWeb]
07-11-2011: The Darknet Project: netroot activists dream of global mesh network. [Ars Technica]
07-11-2011: DARPA begs hackers: secure our networks, end 'season of darkness'. [Wired]
04-11-2011: The CIA is tracking you on Twitter, Facebook. [HardOCP] [Yahoo News]
03-11-2011: Underage children on Facebook. [Schneier]
02-11-2011: Socialbots used by researchers to 'steal' Facebook data. [BBC News] [Gizmodo]

31-10-2011: Facebook's Swedish data center will be subject to Snoop Law. [The Register]
31-10-2011: Top GCHQ spook warns of 'disturbing' levels of cyber-raids. [The Register]
31-10-2011: Cell phone surveillance system. [Schneier]
31-10-2011: Why Gigamon scares the crap out of me. [Evil Routers]

28-10-2011: Gigamon... fixing problems you didn't know about. [Standalone Sysadmin]

28-10-2011: TOR Project patches critical flaw in its anonymising network. [Ars Technica]
28-10-2011: US firm acknowledges Syria uses its gear to block web. [WSJ ATD] [WSJ Technology]
26-10-2011: What governments worldwide want Google to take down. [Gizmodo] [Google] [The Register]
26-10-2011: Why the FBI's "new Internet" is a dumb idea. [The Register]
21-10-2011: World's stealthiest rootkit gets a makeover. [The Register]
20-10-2011: Random passwords in the wild. [Schneier]
19-10-2011: NSA whistleblower details intelligence cock-ups. [The Register]
19-10-2011: Security firm finds hacker forums forums offer n00b hackers training, lulz. [Ars Technica]
18-10-2011: Discovering what Facebook knows about you. [Schneier] [Identity Blog]
17-10-2011: Criminal uses of crowdsourcing. [Schneier] [Forbes]
11-10-2011: Microsoft security intelligence report puts "zero-day" threat into context. [HardOCP] [Microsoft]
11-10-2011: Infosec 'needs warrior cryptoboffins' to beat hackers. [The Register]
10-10-2011: US drones have a computer virus. [Schneier] [Ars Technica] [Reuters]
07-10-2011: FBI-sponsored back-doors. [Schneier]

15-10-2011: Impressed by FBI trojan, Germans write their own -- and national scandal ensues. [Ars Technica]

29-09-2011: The inside story of the Kelihos botnet takedown. [ThreatPost] [Ars Technica] [Gizmodo]
27-09-2011: Kevin Mitnick rates today's blackhats. [Wired]
20-09-2011: Complex electronic banking fraud in Malaysia. [Schneier] [The Sun Daily]
16-09-2011: Domain-in-the-middle attacks. [Schneier] [Wired]
07-09-2011: Outing a CIA agent. [Schneier] [Atlantic Wire]
07-09-2011: How an omniscient Internet 'sextortionist' ruined the lives of teen girls. [Wired]
06-09-2011: Tripoli was brought down by a caterer with a bunch of flash drives. [Gizmodo] [Reuters]
06-09-2011: Where are all the terrorists? [Schneier]
01-09-2011: Unredacted US diplomatic WikiLeaks cables published. [Schneier]

10-08-2011: Bruce Schneier's telepathic takeover of the TSA. [Wired]
06-08-2011: AntiSec hackers dump massive cache of law enforcement data. [Softpedia] [Gizmodo] [The Register] [HardOCP] [TechLand]
05-08-2011: Can DARPA fix cybersecurity 'problem from hell'? [Wired]
05-08-2011: Feds hack past anonymity, bust 72 users of child abuse horror site. [Ars Technica]
02-08-2011: Researchers warn of SCADA equipment discoverable via Google. [HardOCP] [CNet News] [Engadget]
02-08-2011: Attacking PLCs controlling prison doors. [Schneier]

26-07-2011: Crypto shocker: 'perfect cipher' dates back to telegraph. [The Register]
21-07-2011: Is there a hacking epidemic? [Schneier]
19-07-2011: How News of the World hacked everbody's phones. [Gizmodo]
12-07-2011: AntiSec exposes US soldiers' S/Ns, passwords, vows attack on Monsanto. [DailyTech]
11-07-2011: AntiSec target learns the hard way that whitelists > blacklists. [Ars Technica]
05-07-2011: Cisco poised to help China keep an eye on its citizens. [WSJ ATD]
04-07-2011: Operation AntiSec lames out again. [The Register]

30-06-2011: There's a botnet called TDL-4 that's virtually indestructable. [Gizmodo]

01-07-2011: A few suggestions for destroying the 'indestructible' botnet. [Network World]
10-07-2011: Microsoft says any botnet can be decapitated, destroyed. [DailyTech]

30-06-2011: Security researchers discover 'indestructible' botnet. [BBC News]
29-06-2011: Yet another "people plug in strange USB sticks" story. [Schneier] [TNW]
29-06-2011: Security vendor applauds LulzSec attacks. [HardOCP] [Net Security]
29-06-2011: Key Internet address server sees spike in traffic. [The Register]
22-06-2011: Firesheep in use. [Schneier] [CNN]
17-06-2011: NSA allies with Internet carriers to thwart cyber attacks against defense firms. [Washington Post]
16-06-2011: Dark corners of the net. [BBC News]
14-06-2011: Hackers broke into Citigroup, and it was easy. [Gizmodo] [NYT]

16-06-2011: Citi says 360k customers hacked in May cyber attack. [Reuters]

13-06-2011: IMF breached in sophisticated hack attack. [Wired]

13-06-2011: Security experts suspect giant IMF hack was backed by sovereign government. [Gizmodo]

12-06-2011: IMF computers lose emails in state-based attack. [Bloomberg]

12-06-2011: IMF hit by 'very major' cyber security attack. [BBC News]

10-06-2011: Character assassination of anon: cyber war, internal strife and beyond. [A World Beyond Borders]
08-06-2011: Attacks on Sony, others show it's open hacking season. [CNET]
06-06-2011: How to secure yourself from GPU password cracking. [ExtremeTech]
02-06-2011: Google mail hack blamed on China. [WSJ ATD]

02-06-2011: Google attack: blaming China 'unacceptable'. [The Telegraph]
03-06-2011: China rejects Google allegation of massive hacking breach as "fabrication". [Washington Post]
03-06-2011: Admin: Gmail phishers stalked victims for months. [The Register]
03-06-2011: Gmail hack targeted White House. [WSJ]

30-05-2011: Phishing sites hosted on Google's servers. [F-Secure]
27-05-2011: China's Blue Army of 30 computer experts could deply cyber warfare on foreign powers. [The Australian]
24-05-2011: New Siemens SCADA vulnerabilities kept secret. [Schneier]

24-05-2011: Researcher blasts Siemens for downplaying SCADA bug. [The Register]

18-05-2011: SCADA hack talk cancelled after US, Siemens request. [CNET News] [The Register]
14-05-2011: Man tracks stolen laptop hundreds of miles away, calls thief. [HardOCP] [Storify]
11-05-2011: Arbor Networks introduces Cloud Signalling; Telstra Clear first to join. [Geekzone]
09-05-2011: Whitehats break out of Google Chrome sandbox. [The Register]
02-05-2011: Apple has nothing over Google when it comes to knowing where you really are. [Scobleizer]
02-05-2011: After botched child porn raid, judge sees the light on IP addresses. [Ars Technica]

03-05-2011: IP address is not a person, bittorrent case judge says. [TorrentFreak]

02-05-2011: Hijacking the Coreflood botnet. [Schneier]
28-04-2011: Unfollowed: how a (possible) social network spy came undone. [Wired]
27-04-2011: Five worst digital security breaches of all time. [Yahoo]
23-04-2011: IP address can now pin down your location to within half a mile. [Ars Technica]
18-04-2011: WikiLeaks cable about Chinese hacking of US networks. [Schneier]
14-04-2011: Behind the largest counterfeit audio sting in history. [Gizmodo] [Wired]
14-04-2011: Ten-year-old, 2 million PC botnet finally killed; stole up to $100m USD. [Daily Tech]

14-04-2011: DoJ, FBI set up command-and-control servers, take down botnet. [Ars Technica]

11-04-2011: How is SSL hopelessly broken? Let us count the ways. [The Register]
07-04-2011: Securing IPv6. [Cisco]
05-04-2011: Symantec report finds cyber threats skyrocket in volume and sophistication. [Geekzone]
31-03-2011: Comodo Group issues bogus SSL certificates. [Schneier]

14-11-2011: More SSL woes. [Schneier]

29-03-2011: Cisco SecureX -- nothing but empty words? [EtherealMind]
28-03-2011: McAfee's website full of security holes, researcher says. [Network World]
22-03-2011: Dozens of exploits released for popular SCADA programs. [The Register]

22-03-2011: Attack code for SCADA vulnerabilities released online. [Wired]

20-03-2011: Death of the Internet predicted, film at your local cineplex. [Ars Technica]
18-03-2011: Hackers tackle SecurID tokens. [BBC News]
07-03-2011: GPS chaos: how a $30 box can jam your life. [Gizmodo]
21-02-2011: Intelligent password storage. [PacketLife]
16-02-2011: NSA reveals it secret: no backdoor in encryption standard. [GCN]
12-02-2011: The cyberweapon that could take down the Internet. [Gizmodo]

14-02-2011: Boffins devise cyberweapon to take down Internet. [The Register]

04-02-2011: No, hackers can't open Hoover Dam's floodgates and kill thousands. [Gizmodo]
26-01-2011: How a country tried to steal its citizens' Facebook passwords. [Gizmodo] [The Atlantic]
25-01-2011: The evolving threat landscape. [Juniper]
17-01-2011: New revelations in the Mahmoud al-Mabhouh assassination. [Schneier] [GQ]

2010 News

27-12-2010: Flaws spotlighted in Tor anonymity network. [Wired]
16-12-2010: The dogs of cyber war visualised. [Gizmodo] [New Scientist]
14-12-2010: The Internet goes to war. [Arbor Networks]
10-12-2010: The cyber world war: imagining a terrifying scenario. [Daily Mail]
07-12-2010: Giz explains: should you worry about cyber attacks? [Gizmodo]

24-11-2010: Understanding the Internet's insecure routing infrastructure. [Ars Technica]

12-10-2010: 10 most destructive computer worms and viruses ever. [WildAmmo]

30-09-2010: Wiretapping the Internet. [Schneier]
03-09-2010: UAE man-in-the-middle attack against SSL. [Schneier]

01-08-2010: This $1500 system can intercept your cellphone calls. [Gizmodo]

29-07-2010: Security vulnerabilities of smart electricity meters. [Schneier]

30-04-2010: And we thought BGP was insecure. [IOS Hints]

24-03-2010: Law enforcement appliance subverts SSL. [Wired]
03-03-2010: Narus develops a scary sleuth for social media. [IT World] [Slashdot]

02-02-2010: Femtocells wilt under attack. [The Register]

24-01-2010: Chinese hacking and enabling surveillance. [Schneier]
22-01-2010: NSA beats warrantless wiretap rap. [The Register]
22-01-2010: Naked airport body scanner sees everything but the bomby parts. [Gizmodo]
17-01-2010: DDoS -- a problem bigger than you can ever be. [Etherealmind, Arbor Networks]