2016 News- 29-12-2016: Your 5 totally achievable security resolutions for the New Year. [Wired]
- 23-12-2016: The year encryption won. [Wired]
- 22-12-2016: Encryption backdoors are against US national interest. [HardOCP] [ZDNet]
- 22-12-2016: NIST requests ideas for crypto that can survive quantum computers. [The Register] [THG] [Schneier]
- 21-12-2016: Don't pay up to decrypt – cure found for CryptXXX ransomware, again. [The Register]
- 20-12-2016: How to safely delete private data forever. [Gizmodo]
- 20-12-2016: Hackers suspected of causing power outage in Ukraine. [Graham Cluley]
- 16-12-2016: DDoS in 2017: Strap yourself in for a bumpy ride. [The Register]
- 15-12-2016: The new security normal. [Russ White] [MarketWatch]
- 15-12-2016: One billion affected by Yahoo hack. [BBC News] [Krebs] [The Register] [Lifehacker] [HardOCP] [Reuters] [Wired] [Ars Technica] [Graham Cluley] [ExtremeTech] [Hexus] [THG]
- 15-12-2016: Stolen Yahoo data includes government employee information. [DC Knowledge]
- 15-12-2016: Yahoo hack: Should I panic? [BBC News] [Krebs]
- 15-12-2016: Were Yahoo hackers state-sponsored? [BBC News]
- 15-12-2016: Security experts slam Yahoo management for using old crypto. [The Register]
- 15-12-2016: What can you do with a billion Yahoo passwords? Lots of bad things. [Ars Technica]
- 15-12-2016: In wake of billion-account hack, Verizon reportedly not so hot for Yahoo. [Ars Technica]
- 16-12-2016: Pressure on Yahoo grows after massive hack attack. [BBC News]
- 22-12-2016: Response: important security information for Yahoo users. [EtherealMind]
- 15-03-2017: Russian spies indicted in massive Yahoo account breach. [Engadget] [NZ Herald] [BBC News] [The Register] [HardOCP] [NYT] [Wired] [ExtremeTech] [Krebs] [Graham Cluley]
- 16-03-2017: How Russian hackers took hold of Yahoo. [Gizmodo] [NZ Herald]
- 16-03-2017: Russia denies Yahoo hack involvement. [BBC News]
- 20-03-2017: Lessons from Yahoo hack: Simple tips to safeguard your email. [NZ Herald]
- 13-12-2016: DDoS-for-hire takedown: 34 arrests made by Europol, FBI, and others. [Graham Cluley] [BBC News]
- 09-12-2016: The Mirai botnet that broke the Internet isn't going away. [Wired]
- 08-12-2016: Can ISPs step up and solve the DDoS problem? [The Register]
- 07-12-2016: Terabit-scale multivector DDoS attacks: the new normal in 2017. [DC Journal]
- 03-12-2016: There’s a new DDoS army, and it could soon rival record-setting Mirai. [Ars Technica]
- 02-12-2016: Canada wants software backdoors, mandatory decryption capability and records storage. [THG]
- 02-12-2016: Feds bust huge 'Avalanche' hacker network in global sting operation. [Gizmodo]
- 29-10-2016: U.S. feds hope cyberattacks will wither under new “strategic principles”. [ReadWriteWeb]
- 28-10-2016: AI learns how to craft crude crypto all by itself. [The Register] [Schneier]
- 28-10-2016: Eavesdropping on typing over VoIP. [Schneier] [Cornell arXiv: PDF]
- 28-10-2016: Web devs want to make the Internet of S**t worse -- much worse. [The Register]
- 28-10-2016: That Botnet-of-Things malware is getting a nasty makeover. [Ars Technica] [Arbor Networks]
- 27-10-2016: Internet of S**t things claims another scalp: DNS DDoS smashes StarHub. [The Register]
- 25-10-2016: Multiple DNS providers and DDoS. [Russ White] [ISOC]
- 25-10-2016: Corero warns of impending 'tens of terabits per second' DDoS attacks. [THG]
- 24-10-2016: The Internet needs a security update. [Russ White] [CircleID]
- 22-10-2016: Why cybersecurity certifications suck. [ipSpace] [Errata Security]
- 20-10-2016: Some perspective on IoT devices and DDoS attacks. [Russ White] [Arbor Networks]
- 20-10-2016: Attackers logging your keystrokes via Skype. [Graham Cluley] [THG]
- 19-10-2016: Spreading the DDoS disease and selling the cure. [Krebs]
- 18-10-2016: SHA3-256 is quantum-proof, should last billions of years. [The Register]
- 17-10-2016: Virtual kidnapping. [Schneier] [Washington Post]
- 15-10-2016: How a chunk of the web disappeared this week: GlobalSign's global HTTPS mistake explained. [The Register]
- 14-10-2016: Hackers hit a nuclear plant. [Wired]
- 14-10-2016: Huge DDoS attacks are about to get bigger: Mirai bots infect Sierra Wireless gateways. [The Register] [Ars Technica]
- 02-12-2016: Meet the two hackers behind October’s big DDoS attack. [ReadWriteWeb]
- 12-10-2016: Internet routing security initiative gains traction. [Network Computing]
- 11-10-2016: NSA could put undetectable “trapdoors” in millions of crypto keys. [Ars Technica]
- 10-10-2016: These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet. [Graham Cluley]
- 05-10-2016: CloudFlare shows Tor users the way out of CAPTCHA hell. [The Register]
- 03-10-2016: The venerable, vulnerable firewall. [Russ White] [CircleID]
- 29-09-2016: The biggest attack in internet history. [Russ White] [LawFare]
- 29-09-2016: The growing problem of bots that fight on line. [Russ White] [MIT Technology Review]
- 27-09-2016: 152k cameras in 990Gbps record-breaking dual DDoS. [The Register] [Ars Technica]
- 25-09-2016: Australian border cops say they've cracked 'dark net' drug sales. [The Register]
- 23-09-2016: Malware figures out it's running on VMs and refuses to execute. [The Register] [Schneier] [SentinelOne]
- 20-09-2016: CloudFlare launches a three-pronged attack to encrypt the entire web. [Wired]
- 20-09-2016: Quantum comms succeed over metro-scale fibre networks. [The Register]
- 19-09-2016: Some Cisco customers are being hacked with NSA's exploit tools. [THG] [Graham Cluley]
- 19-09-2016: Dark web drug sellers shutter location-tracking EXIF data from photos. [The Register]
- 18-09-2016: Arbor Networks marks 20 years of DDoS attacks targeting ISP networks. [Geekzone]
- 13-09-2016: Someone is learning how to take down the Internet. [Schneier] [BBC News] [Russ White] [LawFare] [ExtremeTech]
- 12-09-2016: How 911 emergency services across the United States could be knocked offline by a mobile botnet. [Graham Cluley]
- 08-09-2016: Verisign DDoS report Q2 2016. [Russ White] [Verisign]
- 07-09-2016: The limits of SMS for 2-factor authentication. [Krebs]
- 31-08-2016: FBI Director wants 'adult conversation' about backdooring encryption. [The Register] [HardOCP] [AP]
- 31-08-2016: Building a new Tor that can resist next-generation state surveillance. [Ars Technica]
- 30-08-2016: Your browser's password manager probably isn't enough. [Wired]
- 29-08-2016: iPhone zero-day used by UAE government. [Schneier]
- 26-08-2016: The NSA is hoarding vulnerabilities. [Schneier]
- 25-08-2016: A hacking group is selling iPhone spyware to governments. [Wired]
- 23-08-2016: Boffins design security chip to spot hidden hardware trojans in processors. [The Register]
- 23-08-2016: Password strength meters still aren't trustworthy. [Lifehacker] [Sophos]
- 23-08-2016: FBI improved a dark web child pornography site. [Engadget] [Gizmodo]
- 19-08-2016: Lawless government hacking. [Russ White] [EFF]
- 17-08-2016: Cisco confirms NSA-linked zeroday targeted its firewalls for years. [Ars Technica]
- 17-08-2016: The Shadow Brokers mess is what happens when the NSA hoards zero-days. [Wired]
- 24-08-2016: NSA-linked Cisco exploit poses bigger threat than previously thought. [Ars Technica]
- 15-08-2016: Hackers claim to auction data they stole from the NSA-linked spies. [Wired] [Ars Technica] [Gizmodo]
- 16-08-2016: Major NSA/Equation Group leak. [Schneier]
- 16-08-2016: No-one wants to buy those stolen NSA-linked cyber weapons. [Wired] [HardOCP] [Washington Post]
- 16-08-2016: Confirmed: hacking tool leak came from “omnipotent” NSA-tied group. [Ars Technica]
- 16-08-2016: Snowden speculates leak of NSA spying tools is tied to Russian DNC hack. [Ars Technica] [Engadget] [The Register] [BBC News] [The Register]
- 17-08-20916: NSA website goes down as hackers auction stolen ‘cyber weapons’. [Graham Cluley]
- 19-08-2016: Your guide to the ‘Shadow Brokers’ NSA theft, which puts the Snowden leaks to shame. [ExtremeTech]
- 19-08-2016: New Snowden docs suggest Shadow Broker leak was real. [Engadget] [Gizmodo]
- 22-08-2016: This hacker says he stole more NSA hacking tools. [Gizmodo]
- 24-08-2016: Equation Group exploit hits newer Cisco ASA, Juniper Netscreen. [The Register]
- 23-09-2016: NSA operative might have accidentally leaked its hacking tools. [Engadget] [Reuters]
- 16-12-2016: Shadow Brokers re-emerge, with NSA’s secret exploits for sale. [Graham Cluley]
- 15-08-2016: Someone seems to be trying to spy on VeraCrypt's security audit. [Graham Cluley] [The Register]
- 15-08-2016: Tor users in the States were hacked by Australian authorities. [Graham Cluley]
- 15-08-2016: Blogger turns tables on cyber-scammer by infecting them with ransomware. [Graham Cluley] [Kwiatkowsi] [BBC News]
- 13-08-2016: NTP is still a security risk. [Russ White] [CircleID]
- 12-08-2016: The new way to make strong passwords - it's way easier. [NZ Herald] [Stuff]
- 10-08-2016: Tor promises not to build backdoors into its services. [Engadget]
- 09-08-2016: How the Iranian government hacks dissidents. [Schneier] [Washington Post]
- 04-08-2016: Hacking US infrastructure: How vulnerable is it? [ExtremeTech]
- 03-08-2016: Forget security training, it's never going to solve Layer 8 - people. [The Register]
- 02-08-2016: Frequent password changes are the enemy of security. [Ars Technica] [Graham Cluley]
- 02-08-2016: Meet the men who spy on women through their webcams. [Graham Cluley] [Ars Technica]
- 02-08-2016: 200 million Yahoo passwords being sold on the Dark Web? [Graham Cluley]
- 02-08-2016: The AdGholas malvertising network used steganography. [Graham Cluley]
- 02-08-2016: Australian spooks' email guide banishes MS Word macros, JavaScript. [The Register]
- 01-08-2016: Russia claims it can collect encryption keys. [Engadget] [HardOCP] [DailyDot]
- 01-08-2016: Secure email service GhostMail shutting down in fear of being abused. [Graham Cluley]
- 01-08-2016: Meet the chaps who run the Black Hat NoC and let malware roam free. [The Register]
- 31-07-2016: Moxie Marlinspike, the anarchist bringing encryption to us all. [Wired]
- 31-07-2016: U.S. Government says SMS codes aren’t safe. [HardOCP] [VentureBeat] [Ars Technica]
- 28-07-2016: Your wireless keyboard could be giving your secrets away. [Stuff] [Schneier] [Wired]
- 27-07-2016: New attack bypasses HTTPS protection on Macs, Windows, and Linux. [Ars Technica] [Russ White]
- 27-07-2016: Choosing a next-generation firewall: 7 factors. [Network Computing]
- 26-07-2016: Millions of wireless keyboards can let hackers see what you're typing. [Gizmodo]
- 26-07-2016: Crypto-heist threatens to tank blockchain-based future. [ExtremeTech]
- 22-07-2016: Malicious computers caught snooping on Tor-anonymized Dark Web sites. [Ars Technica] [ExtremeTech]
- 26-07-2016: Boffins snoop on snooping Tor nodes. [The Register]
- 20-07-2016: Now you can hide your smart home on the Darknet. [Wired]
- 19-07-2016: DDoS trends: Bigger, badder but not longer. [The Register] [HardOCP] [ZDNet]
- 13-07-2016: Meet Riffle, the next-gen anonymity network that hopes to trounce Tor. [The Register] [Graham Cluley] [ExtremeTech]
- 12-07-2016: The FBI says its malware isn’t malware because the FBI is good. [Gizmodo] [Graham Cluley]
- 12-07-2016: SCADA malware caught infecting European energy company. [The Register] [Ars Technica]
- 18-07-2016: Security firm clarifies power-station 'SCADA' malware claim. [The Register]
- 11-07-2016: MIT anonymity network promises to be more secure than Tor. [Engadget]
- 11-07-2016: HTTPS is not a magic bullet for Web security. [Ars Technica]
- 11-07-2016: Amazingly insecure industrial control systems + internet = no. [The Register]
- 09-07-2016: HTTPS crypto’s days are numbered. Here’s how Google wants to save it. [Ars Technica] [ExtremeTech] [Schneier]
- 08-07-2016: Researchers discover Tor nodes designed to spy on hidden services. [Schneier] [BoingBoing]
- 01-07-2016: Chinese gambling site served near record-breaking complex DDoS. [The Register]
- 30-06-2016: LizardStresser recruits an army of zombie webcams to launch DDoS attacks. [Graham Cluley] [Russ White] [Arbor Networks]
- 29-06-2016: Interview with an NSA hacker. [Schneier] [The Intercept]
- 28-06-2016: 25,000 malware-riddled CCTV cameras form network-crashing botnet. [The Register] [Engadget]
- 27-06-2016: Researchers steal data using noise from your PC's fans. [HardOCP] [PCWorld] [Wired] [ExtremeTech]
- 26-06-2016: Stop using SMS for 2FA. [Wired]
- 24-06-2016: How malware could steal data from an air-gapped PC – via its fan. [Graham Cluley]
- 23-06-2016: Tor onion hardening will be tear-inducing for feds. [The Register]
- 22-06-2016: Fraudsters are buying IPv4 addresses. [Schneier] [The Register]
- 22-06-2016: Stuxnet was the opening shot of decades of non-stop cyber warfare. [The Register]
- 20-06-2016: Fishing for a cure to DDoS attacks. [DC Journal] [Russ White]
- 17-06-2016: Non-US encryption is 'theoretical,' claims CIA chief in backdoor debate. [The Register] [Schneier]
- 09-06-2016: Massive DDoS attacks reach record levels. [HardOCP] [Network World]
- 06-06-2016: TeamViewer confirms number of hacked user accounts is “significant". [Ars Technica] [The Register]
- 04-06-2016: How spies, anyone can grab crypto keys from the air. [The Register]
- 02-06-2016: Cisco warns IPv6 ping-of-death vulnerability is everyone's problem. [The Register]
- 08-06-2016: IPv6 ping-of-death hits Junos, too. [The Register]
- 01-06-2016: Hardware backdoor hides in a tiny slice of a computer chip. [Wired]
- 01-06-2016: The impossible task of creating a “Best VPNs” list today. [Ars Technica]
- 31-05-2016: Tor Browser 6.0 released with DuckDuckGo search engine support enabled by default. [THG]
- 25-05-2016: Major DNS provider hit by mysterious, focused DDoS attack. [Ars Technica]
- 24-05-2016: Poisoned Word document attack refuses to work if it believes it is being watched. [Graham Cluley]
- 18-05-2016: Mozilla fails to get the details on the FBI's malware hack. [Engadget]
- 26-05-2016: Judge throws out evidence after FBI refuses to reveal Tor vulnerability. [THG]
- 04-06-2016: FBI: Exploit that revealed Tor-enabled child porn users wasn’t malware. [Ars Technica]
- 25-06-2016: FBI’s use of Tor exploit is like peering through “broken blinds". [Ars Technica] [Engadget]
- 18-05-2016: LinkedIn password breach much bigger than thought: 117 million. [Ars Technica] [BBC News] [Graham Cluley] [The Register] [Krebs] [HardOCP] [Kaspersky] [Stuff]
- 19-05-2016: LinkedIn plays down '117 million users' breach data sale. [The Register]
- 23-05-2016: LinkedIn's poor handling of 2012 data breach comes back to haunt it. [Graham Cluley]
- 01-06-2016: How LinkedIn’s password sloppiness hurts us all. [Ars Technica]
- 17-05-2016: Lego robots versus gesture security. [Russ White] [Motherboard]
- 17-05-2016: Random number generator 'improved'. [BBC News] [The Register] [THG] [Russ White] [TheNewStack]
- 12-05-2016: The Ukrainian hacker who became the FBI’s best weapon - and worst nightmare. [Wired]
- 12-05-2016: FBI director warns that feds will bring more encryption-related cases. [Ars Technica]
- 09-05-2016: NIST starts planning for post-quantum cryptography. [Schneier] [NIST PDF] [The Register] [ComputerWorld] [ExtremeTech]
- 08-05-2016: FBI can obtain a warrant if you run Tor come December. [HardOCP] [The Merkle]
- 05-05-2016: Stop resetting your passwords, says UK govt's spy network. [The Register]
- 03-05-2016: Privacy and cybercrime update. [Russ White]
- 03-05-2016: The future of encryption is in these politicians hands. [Wired]
- 03-05-2016: Global Threat Intelligence report ahead of Government Cyber Security Summit. [Stuff]
- 27-04-2016: Hacking group “PLATINUM” used Windows’ own patching system against it. [Ars Technica]
- 25-04-2016: Hackers who got caught by a typo were trying to take over the world. [Gizmodo] [Reuters]
- 25-04-2016: Clapper: Snowden sped up sophistication of crypto, “it’s not a good thing”. [Ars Technica]
- 22-04-2016: Over 1 million Facebook users login anonymously over Tor. [THG]
- 21-04-2016: Lock-hackers crack restricted keys used to secure data centres. [The Register]
- 14-04-2016: A scheme to encrypt the entire web is actually working. [Wired]
- 14-04-2016: The US is attacking Islamic State with 'cyber bombs'. [Gizmodo] [Reuters] [Ars Technica] [Engadget] [ExtremeTech]
- 28-04-2016: As US drops “cyber bombs,” ISIS retools its own cyber army. [Ars Technica]
- 12-04-2016: Are cryptoworms the future of ransomware? [Graham Cluley]
- 08-04-2016: Is this how a hacker got the Panama papers? [Gizmodo]
- 08-04-2016: Security experts react negatively to Burr-Feinstein anti-encryption bill. [THG] [Gizmodo] [Wired] [HardOCP] [TechDirt] [Engadget] [The Register] [Schneier] [Monday Note]
- 12-04-2016: What you should know about Congress's latest attempt to criminalize encryption. [Lifehacker]
- 13-04-2016: Read the full Senate bill requiring encryption backdoors. [Engadget]
- 14-04-2016: Burr-Feinstein anti-encryption draft officially released, Wyden promises filibuster. [THG]
- 14-04-2016: US anti-encryption law is so 'braindead' it will outlaw file compression. [The Register]
- 03-05-2016: Julian Sanchez on the Feinstein-Burr bill. [Schneier] [Just Security] [Just Security] [Russ White]
- 29-05-2016: Senate anti-encryption bill is effectively dead, for now. [Engadget] [The Register]
- 07-04-2016: Reuters: White House refuses to openly back encryption law. [Engadget]
- 07-04-2016: Bypassing phone security through social engineering. [Schneier]
- 05-04-2016: WhatsApp adds end-to-end encryption. [BBC News] [Ars Technica] [Wired] [Stuff] [Graham Cluley] [Schneier] [Android Police] [Engadget]
- 04-04-2016: Gmail, Facebook Messenger BREACHed once again. [The Register]
- 03-04-2016: Tor accuses CloudFlare of blocking its anonymizing network. [Engadget]
- 01-04-2016: The artist using museums to amplify Tor’s anonymity network. [Wired]
- 31-03-2016: Why do the Feds usually try to unlock phones? It’s drugs, not terrorism. [Wired]
- 31-03-2016: UK cops tell suspect to hand over crypto keys in US hacking case. [Ars Technica]
- 31-03-2016: ISIS encryption opsec. [Schneier]
- 30-03-2016: Senator Wyden recalls SOPA fight in bid to defeat encryption-weakening efforts. [The Register] [THG]
- 30-03-2016: CloudFlare: 94 percent of the Tor traffic we see is “per se malicious". [Ars Technica]
- 30-03-2016: The Apple-FBI battle is over, but the new crypto wars have just begun. [Wired] [Schneier]
- 30-03-2016: The anatomy of a nation-state hack attack. [BBC News]
- 30-03-2016: Poll results: Internet users don't understand security or privacy. [The Register] [Stuff]
- 29-03-2016: FBI: No, we won't tell you how we unmask and torpedo illegal Tor users. [The Register] [BBC News] [Gizmodo]
- 25-10-2016: Judge orders FBI to reveal whether White House launched 'Tor pedo' torpedo exploits. [The Register]
- 25-03-2016: Stealthy malware targeting air-gapped PCs leaves no trace of infection. [Ars Technica]
- 23-03-2016: Google, Microsoft, and others publish new email security standard. [HardOCP] [InfoWorld]
- 22-03-2016: Tor Project works on anti-FBI defenses amid iOS row with Apple. [The Register]
- 22-03-2016: FBI's Most Wanted: Syrian Electronic Army hacktivists. [The Register] [Engadget] [Schneier] [Graham Cluley]
- 21-03-2016: Paris terrorists used burner phones, not encryption, to evade detection. [Ars Technica]
- 17-03-2016: HTTPS is not enough: boffins fingerprint user environments without cracking crypto. [The Register]
- 17-03-2016: New NIST encryption guidelines. [Schneier] [NIST PDF]
- 16-03-2016: Thoughts on encryption. [Networking Nerd]
- 16-03-2016: Reaction: more encryption is bad? [Russ White]
- 14-03-2016: In the FBI’s crypto war, apps may be the next target. [Wired] [THG] [Schneier]
- 11-03-2016: Hackers target anti-DDoS firm Staminus. [Krebs] [Ars Technica] [Gizmodo]
- 10-03-2016: Using mouse movements to track you on the Tor network. [HardOCP] [ZDNet]
- 09-03-2016: Trivial path for DDoS amplification attacks found by infosec bods. [The Register]
- 07-03-2016: Apple Macs hit with first-ever ransomware. [ExtremeTech] [Hexus] [THG]
- 07-03-2016: GCHQ boss: Tech firms should co-operate over encryption. [BBC News] [The Register]
- 06-03-2016: DDoS attacks up 149% from last quarter. [HardOCP] [TweakTown]
- 05-03-2016: Quantum computer could mean end of encryption. [HardOCP] [MIT]
- 03-03-2016: New attack steals secret crypto keys from Android and iOS phones. [Ars Technica]
- 03-03-2016: Next-generation firewalls put to the test. [Network Computing]
- 02-03-2016: Schneier: We're sleepwalking towards digital disaster and are too dumb to stop. [The Register]
- 01-03-2016: What exactly do we mean by 'backdoor'? [The Register]
- 01-03-2016: DDoS attacks up 149 percent as brassy booter kids make bank. [The Register]
- 29-02-2016: Tor takes aim against malicious nodes on the network. [The Register]
- 27-02-2016: Most software already has a “golden key” backdoor: the system update. [Ars Technica]
- 26-02-2016: Hackers caused Ukrainian power outage, US report concludes. [Ars Technica] [Schneier]
- 25-02-2016: Tor users are actively discriminated against by website operators. [The Register]
- 24-02-2016: CloudFlare may consider binning CAPTCHAs for Tor users. [The Register] [Ars Technica]
- 23-02-2016: Flaws in wireless mice and keyboards let hackers type on your PC. [Wired] [HardOCP] [Bastille] [The Register] [Graham Cluley] [Gizmodo]
- 23-02-2016: Practical TEMPEST attack. [Schneier] [IACR PDF]
- 19-02-2016: Tor: 'Mystery' spike in hidden addresses. [BBC News]
- 04-03-2016: Number of Tor hidden sites spikes - along with paranoia. [Ars Technica]
- 19-02-2016: FBI must reveal the code it used to hack Dark Web pedophiles. [Engadget]
- 18-02-2016: NSA’s director says Paris attacks “would not have happened” without crypto. [Ars Technica]
- 15-02-2016: Survey of the dark web. [Schneier] [Taylor & Francis Online]
- 15-02-2016: US intelligence chief: the Internet of Things will be used to spy and hack. [Graham Cluley]
- 13-02-2016: FBI wants $38 million in funding to break encryption. [HardOCP] [ZDNet]
- 11-02-2016: Global crypto survey proves govt backdoors completely pointless. [The Register] [Schneier] [Ars Technica] [Wired]
- 10-02-2016: GSMA outlines thoroughly sensible IoT security rules. [The Register] [GSMA]
- 09-02-2016: How to hack the power grid through home air conditioners. [Wired]
- 09-02-2016: Senator McCain calls for end-to-end encryption ban in US. [THG]
- 11-02-2016: U.S. encryption ban would force companies to migrate, say researchers. [THG]
- 05-02-2016: The 8 worst data breaches of all time. [Network Computing]
- 02-02-2016: More details on the NSA switching to quantum-resistant cryptography. [Schneier] [NSA IAD]
- 03-02-2016: Study shows Fed encryption fears overblown — but that’s not good news. [ExtremeTech]
- 04-02-2016: NSA plans to 'Act Now' to ensure quantum computers can't break encryption. [Gizmodo] [NSA IAD]
- 01-02-2016: Feds don’t need crypto backdoors to spy - your TV and toothbrush will do. [Ars Technica]
- 30-01-2016: How anti-encryption laws put everyone at risk. [PocketNow]
- 28-01-2016: Israeli academics claim they can predict botnet attacks. [The Register]
- 27-01-2016: Tails 2.0 emerges with major new features, security improvements. [THG] [Tails] [Engadget]
- 27-01-2016: 500Gbps DDoS attack flattens world record. [The Register] [HardOCP] [ZDNet]
- 23-01-2016: Internet of Things security is so bad, there’s a search engine for sleeping kids. [Ars Technica]
- 23-01-2016: After FBI briefly ran Tor-hidden child-porn site, investigations went global. [Ars Technica] [Engadget]
- 22-01-2016: NSA director: 'Encryption is foundational to the future'. [Engadget]
- 21-01-2016: NSA chief stakes out pro-encryption position. [HardOCP] [The Intercept]
- 21-01-2016: The end of work passwords. [Stuff]
- 19-01-2016: Australia and America working on global no-state-hacking pact. [The Register]
- 17-01-2016: Here’s what Tor’s data looks like as it flows around the world. [Wired]
- 15-01-2016: Google's creepy plan to kill the password. [Engadget] [HardOCP] [Stuff]
- 14-01-2016: New York bill would ban strong encryption, mandate backdoors in all devices. [ExtremeTech] [Ars Technica] [HardOCP] [Inedependent]
- 13-01-2016: Cisco admits hardcoded password in wireless points. [The Register]
- 13-01-2016: The debate over government 'backdoors' into encryption isn't just happening in the US. [NZ Herald]
- 12-01-2016: French government may try to ban strong encryption. [THG]
- 14-01-2016: France doesn't think encryption backdoors are the answer. [Engadget] [THG] [Schneier]
- 12-01-2016: Dutch police claim they can crack PGP-encrypted BlackBerrys. [ExtremeTech] [The Register]
- 12-01-2016: Fortinet explains SSH 'backdoor' discovered in firewalls. [The Register] [Ars Technica]
- 23-01-2016: Thought you were safe from the Fortinet SSH backdoor? Think again. [The Register]
- 12-01-2016: DD4BC DDoS extortion gang smashed by international cops. [Graham Cluley]
- 08-01-2016: Facebook, Google, Microsoft, Twitter, Yahoo slag Snooper’s Charter. [Ars Technica] [HardOCP] [ZDNet] [The Register]
- 08-01-2016: Power grid vulnerability threatens national security. [DC Knowledge]
- 08-01-2016: Checkpoint hacks across air-gaps. [The Register]
- 07-01-2016: US leaders meet with tech CEOs to fight terrorism online. [Engadget] [Wired]
- 07-01-2016: ProPublica launches dark web's first major news site. [Wired] [Engadget]
- 07-01-2016: FBI hacked the Dark Web to bust 1,500 pedophiles. [Engadget]
- 07-01-2016: Trend Micro: Internet scum grab Let's Encrypt certs to shield malware. [The Register]
- 06-01-2016: The father of online anonymity has a plan to end the crypto war. [Wired]
- 06-01-2016: Hackers cause a blackout for the first time. [HardOCP] [Washington Post] [Engadget]
- 04-01-2016: Dutch govt says no to backdoors, gives $540k to OpenSSL. [The Register] [BBC News] [Schneier]
- 04-01-2016: Irked train hackers talk derailment flaws, drop SCADA password list. [The Register]
2015 News- 31-12-2015: Forget anonymity, we can remember you wholesale with machine intel, hackers warned. [The Register]
- 31-12-2015: Trustworthy x86 laptops? There is a way, says system-level security ace. [The Register]
- 31-12-2015: Cory Doctorow on software security and the Internet of Things. [Schneier] [The Guardian]
- 31-12-2015: Microsoft to warn of nation-state hacks. [BBC News]
- 31-12-2015: Web attack knocks BBC websites offline. [BBC News] [Graham Cluley]
- 02-01-2016: 'Anti-IS group' claims BBC website attack. [BBC News]
- 30-12-2015: John McAfee rattles tin for password replacement tech. [The Register]
- 28-12-2015: 2016 reality: lazy authentication still the norm. [Krebs] [HardOCP]
- 27-12-2015: Destroying a hard drive permanently. [HardOCP] [Scientific American]
- 27-12-2015: North Korea’s computer operating system revealed. [HardOCP] [The Guardian] [Engadget] [Hexus] [Stuff] [ExtremeTech] [BBC News] [The Register]
- 27-12-2015: China anti-terrorism law makes firms give up encryption keys. [Engadget] [ReadWriteWeb] [The Register]
- 26-12-2015: Researchers propose using patterns and icons for passwords. [Engadget] [HardOCP] [Plymouth University]
- 22-12-2015: Oracle ordered to admit it deceived users over Java security updates for years. [Graham Cluley]
- 21-12-2015: Iranian hackers 'targeted' New York dam. [BBC News] [Graham Cluley] [The Register]
- 18-03-2016: America accuses Iran of hacking the dam, cyber-squirrels rejoice. [Engadget] [The Register]
- 25-03-2016: Federal grand jury indicts 7 Iranians for “campaign of cyber attacks". [Ars Technica] [Wired]
- 20-12-2015: The CIA secret to cybersecurity that no-one seems to get. [Wired]
- 19-12-2015: Clinton wants a Manhattan Project for encryption. [Gizmodo] [The Register] [Ars Technica]
- 19-12-2015: A cybersecurity bill loathed by tech companies is now law. [Gizmodo]
- 19-12-2015: Xbox Live pummeled by DDoS attack; hacker group claims responsibility. [Ars Technica]
- 18-12-2015: Users their own worst enemy when it comes to encrypted messaging apps. [Graham Cluley]
- 18-12-2015: “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic. [Ars Technica] [The Register] [Engadget] [BBC News] [DC Knowledge] [Graham Cluley] [Gizmodo] [Schneier]
- 18-12-2015: FBI is investigating the Juniper Networks security hole. [Engadget]
- 20-12-2015: Juniper admits up to two attacks from 'unauthorised code'. [The Register]
- 21-12-2015: How to log into any backdoored Juniper firewall – hard-coded password published. [The Register]
- 22-12-2015: Researches solve Juniper backdoor -- signs point to NSA. [Wired] [THG]
- 22-12-2015: Cisco probes self for Juniper-style backdoors. [The Register]
- 23-12-2015: Juniper's VPN security hole is proof that govt backdoors are bonkers. [The Register]
- 23-12-2015: Juniper backdoors and vendor stone throwing. [Network Inferno]
- 23-12-2015: NSA helped GCHQ find security holes in Juniper firewalls. [The Intercept]
- 28-12-2015: NSA/GCHQ exploits against Juniper networking equipment. [Schneier]
- 08-01-2016: New discovery around Juniper backdoor raises more questions about the company. [Wired]
- 10-01-2016: Juniper drops NSA-developed code following new backdoor revelations. [Ars Technica] [Graham Cluley]
- 10-01-2016: Juniper resets 'days since last rogue code incident' clock. [The Register]
- 19-04-2016: Details about Juniper's firewall backdoor. [Schneier]
- 28-04-2016: A systematic analysis of the Juniper Dual EC incident. [Russ White] [IACR]
- 14-07-2016: Crypto flaw made it easy for attackers to snoop on Juniper customers. [Ars Technica]
- 16-12-2015: Former national security officials urge government to embrace rise of encryption. [NZ Herald]
- 16-12-2015: Meet CISA, a de facto cyber patriot act. [THG] [The Register]
- 16-12-2015: Unisys predicts entirely new classes of cyberthreats will require fresh countermeasures in 2016. [Stuff]
- 16-12-2015: Fact-checking the debate on encryption. [Ars Technica]
- 15-12-2015: Dumb human errors can undermine the security of encrypted communication apps. [Gizmodo]
- 14-12-2015: Moonfruit takes customers’ sites offline, as it prepares for DDoS attack. [Graham Cluley]
- 14-12-2015: Twitter warns users of possible 'state sponsored' attacks. [Graham Cluley] [Stuff] [Ars Technica]
- 14-12-2015: A Tor alternative uses spam traffic to hide messages. [Gizmodo]
- 13-12-2015: Tor's new executive director is a digital privacy legend. [Engadget]
- 12-12-2015: Your VPN may be worthless. [Engadget]
- 11-12-2015: Silicon Valley's Congresswoman comes to the defense of Tor. [The Register] [Wired]
- 10-12-2015: FBI Director: Silicon Valley’s encryption is a “business model problem". [Ars Technica] [Gizmodo]
- 08-12-2015: Internet's root servers take hit in DDoS attack. [The Register] [Ars Technica] [Schneier]
- 08-12-2015: Getting a Linux box corralled into a DDoS botnet is easier than many think. [Ars Technica]
- 08-12-2015: How Israel regulates encryption. [Schneier] [LawFare]
- 08-12-2015: Europe agrees response to cyber-attacks. [BBC News]
- 07-12-2015: Bank refuses to pay $3,000,000 ransom, hacker exposes customer account details. [Graham Cluley]
- 07-12-2015: UK research network Janet under ongoing and persistent DDoS attack. [The Register]
- 08-12-2015: Day 2: Janet still being hit by DDoS attack. [The Register]
- 15-12-2015: Janet pulls open network info for good after DDoSers exploit it. [The Register]
- 06-12-2015: France mulls tighter noose around crypto. [The Register] [Gizmodo] [ExtremeTech] [Ars Technica]
- 04-12-2015: White hats, FBI and cops team up for Dorkbot botnet takedown. [The Register] [HardOCP] [Engadget]
- 03-12-2015: Watching amateur coders foil a 'bioterrorist plot'. [Engadget]
- 03-12-2015: Seven years on, the Conficker worm is not dead... but dominating. [Graham Cluley]
- 03-12-2015: Fake LinkedIn profiles used by hackers. [BBC News]
- 03-12-2015: Industrial control system gateway fix opens Heartbleed, Shellshock. [The Register]
- 01-12-2015: Sued for using HTTPS: big brands told to cough up in crypto patent fight. [The Register] [Ars Technica] [Gizmodo]
- 04-12-2015: Big names settle out of court with CryptoPeak in HTTPS patent spat. [The Register]
- 25-11-2015: Encryption stops criminals -- weakening it doesn't make sense. [Graham Cluley]
- 23-11-2015: Dell does a Superfish, ships PCs with easily cloneable root certificates. [Ars Technica] [The Register] [ExtremeTech] [Engadget] [Graham Cluley] [Krebs] [THG]
- 21-11-2015: TrueCrypt is safer than previously reported, detailed analysis concludes. [Ars Technica] [HardOCP] [The Register]
- 20-11-2015: Price list for secret hacker techniques. [HardOCP] [Wired]
- 19-11-2015: The internet of insecure, untrustworthy things. [Graham Cluley]
- 19-11-2015: KilerRat spying software takes njrat to the next level. [Graham Cluley]
- 18-11-2015: Tor is getting a major security upgrade. [ExtremeTech]
- 18-11-2015: DoD head enlists Silicon Valley to transform the military. [Wired]
- 18-11-2015: UK says it will hit back against Internet attacks. [Graham Cluley]
- 17-11-2015: Congress considers letting US companies hack Chinese attackers. [Engadget] [HardOCP] [AP]
- 17-11-2015: Why the G20’s new “anti-hacking” agreement is pointless. [Ars Technica]
- 16-11-2015: Paris attacks blamed on strong encryption and Snowden. [Schneier] [Gizmodo] [NZ Herald] [Wired] [Krebs]
- 16-11-2015: ISIS encrypted communications with Paris attackers. [Ars Technica] [BBC News]
- 17-11-2015: Islamic State is plotting deadly cyber-attacks. [BBC News]
- 18-11-2015: Congressmen want parts of the Internet ISIS use shut down. [The Register]
- 18-11-2015: UK to create cybersecurity forces to fight off ISIS hackers. [Engadget] [Gizmodo]
- 18-11-2015: Paris terrorists didn't use encryption. [Schneier]
- 18-11-2015: Encryption row intensifies. [BBC News]
- 19-11-2015: Telegram encrypted messaging service cracks down on ISIS broadcasts. [Ars Technica] [Engadget] [BBC News]
- 19-11-2015: Tech firms fight anti-encryption demands after Paris murders. [The Register] [BBC News]
- 19-11-2015: ISIS' opsec manual reveals how it handles cybersecurity. [Wired]
- 19-11-2015: Let's have an argument about encryption. [Engadget]
- 20-11-2015: Clinton, others: stop helping terrorists, Silicon Valley – weaken your encryption. [The Register] [ExtremeTech] [Wired] [Engadget] [Gizmodo] [Wired]
- 20-11-2015: Tech goliaths stand firm against demands for weaker encryption after Paris terror attacks. [The Register]
- 20-11-2015: Politicians to Silicon Valley: the government is not your adversary. [HardOCP] [cNet]
- 07-12-2015: Obama calls out encryption in terror strategy speech. [The Register]
- 16-11-2015: Police body cams found pre-installed with notorious Conficker worm. [Ars Technica]
- 15-11-2015: Op-ed: (How) did they break Diffie-Hellman? [Ars Technica]
- 13-11-2015: Beware of ads that use inaudible sound to link your phone, TV, tablet, and PC. [Ars Technica] [Schneier]
- 13-11-2015: 'Let's Encrypt' service available to everyone on December 3, as public beta opens. [THG]
- 03-12-2015: Free HTTPS certs for all – Let's Encrypt opens doors to everyone. [The Register] [THG]
- 08-03-2016: Let’s Encrypt has issued 1 million certificates and counting, boosting HTTPS adoption. [THG]
- 13-11-2015: Jail for British DDoS attacker, who said too much on Twitter. [Graham Cluley]
- 12-11-2015: Pay or we’ll knock your site offline -- DDoS-for-ransom attacks surge. [Ars Technica]
- 11-11-2015: ToR says Feds paid Carnegie Mellon $1M to help unmask users. [THG] [The Register] [Ars Technica] [BBC News] [Gizmodo]
- 12-11-2015: Why the attack on Tor matters. [Ars Technica]
- 13-11-2015: FBI: “The allegation that we paid CMU $1M to hack into Tor is inaccurate”. [Ars Technica]
- 16-11-2015: Did Carnegie Mellon attack Tor for the FBI? [Schneier]
- 17-11-2015: The million-dollar hole in the FBI 'paying CMU to crack Tor' story. [The Register]
- 10-01-2015: Two months after FBI debacle, Tor Project still can’t get an answer from CMU. [Ars Technica]
- 24-02-20-16: Judge confirms what many suspected: Feds hired CMU to break Tor. [Ars Technica] [BBC News] [Gizmodo] [Wired]
- 11-11-2015: How the FBI got basic security wrong. [HardOCP] [ZDNet]
- 10-11-2015: Outrageous OPSEC: What happens when skiddies play natsec. [The Register]
- 10-11-2015: Buggy ransomware locks up your data, then throws away the encryption key. [Graham Cluley]
- 09-11-2015: Cryptowall 4.0: Update makes world's worst ransomware worse still. [The Register]
- 08-11-2015: NSA discloses most security flaws, but that's not the whole story. [Engadget] [HardOCP] [NSA]
- 06-11-2015: CIA email hackers return with major law enforcement breach. [Wired]
- 06-11-2015: Hackers have infiltrated the US arrest records database. [Engadget] [HardOCP]
- 06-11-2015: Crypto e-mail service pays $6,000 ransom, gets taken out by DDoS anyway. [Ars Technica] [Graham Cluley] [The Register]
- 07-11-2015: ProtonMail says it won't ever again pay ransom to DDoS blackmailers. [Graham Cluley]
- 09-11-2015: ProtonMail DDoS wipeout: Day 6. Yes, we're still under attack. [The Register]
- 10-11-2015: ProtonMail 'mitigates' DDoS attacks, says security not breached. [The Register]
- 10-11-2015: More websites hit by Armada Collective DDoS blackmail attacks, but won't pay up. [Graham Cluley]
- 06-11-2015: Booming crypto ransomware industry employs new tricks to befuddle victims. [Ars Technica]
- 05-11-2015: Teen hackers strike again, leak info of government employees. [Gizmodo]
- 05-11-2015: WSJ: Iran hacked the Obama administration after arresting American citizen. [Gizmodo] [WSJ]
- 05-11-2015: User data plundering by Android and iOS apps is as rampant as you suspected. [Ars Technica] [BBC News]
- 04-11-2015: Stuxnet-style code signing of malware becomes darknet cottage industry. [The Register]
- 03-11-2015: Hackers use anti-adblocking service to deliver nasty malware attack. [Ars Technica]
- 03-11-2015: Hacking tool swipes encrypted credentials from KeePass. [Ars Technica] [The Register]
- 02-11-2015: The rise of political doxing. [Schneier]
- 02-11-2015: E-mail crypto is as usable as it ever was, say boffins. [The Register]
- 02-11-2015: Kim Dotcom is building his own private internet. [Stuff]
- 01-11-2015: Crypto is for everyone - and American history proves it. [Gizmodo]
- 30-10-2015: America’s crypto battles. [BBC News]
- 28-10-2015: It's official: Tor's .onion domains will be kept off the public internet. [The Register]
- 28-10-2015: The doxing trend. [Schneier] [CNN]
- 27-10-2015: Is the NSA trying to warn us that cryptography is dead? [ExtremeTech] [Schneier]
- 27-10-2015: Hacked shopping mall CCTV cameras are launching DDoS attacks. [Graham Cluley]
- 27-10-2015: NSA warns of growing danger of cyber-attack by nation states. [BBC News]
- 26-10-2015: This 11-year-old is selling cryptographically secure passwords for $2 each. [Ars Technica]
- 24-10-2015: What's the internet community doing about the NSA cracking VPN, HTTPS encryption? [The Register]
- 24-10-2015: The perfect password that's also easy to remember. [Stuff]
- 23-10-2015: Microsoft runs the largest botnets to protect Azure customers. [DC Knowledge]
- 23-10-2015: Chattering Wi-Fi devices are a short hop away from the crown jewels of your network. [Graham Cluley]
- 23-10-2015: NSA advisory sparks concern of secret advance ushering in cryptoapocalypse. [Ars Technica]
- 22-10-2015: UK/China cyber security deal: National security attacks still OK. [The Register]
- 30-03-2016: Former FBI spy hunter: Don’t trust China on ‘no hack’ pact. [The Register]
- 22-10-2015: The challenges of Internet retailing - DDoS attacks. [Hexus]
- 22-10-2015: New attacks on NTP can defeat HTTPS and create chaos. [Ars Technica] [The Register]
- 22-10-2015: 'Get a VPN to defeat metadata retention' is good advice. Sometimes. [The Register]
- 21-10-2015: German infosec bureaucrats want mail providers to encrypt. [The Register]
- 20-10-2015: One step closer to an encrypted web. Next stop: HTTPS for everyone. [Graham Cluley]
- 20-10-2015: Hacker releases new purported personal data for top CIA, DHS officials. [Ars Technica]
- 19-10-2015: The Australian cyber security report. [Russ White] [Palo Alto]
- 19-10-2015: GCHQ to pore over blueprints of Chinese built Brit nuke plants. [The Register]
- 16-10-2015: How to protect yourself from the NSA if you use 1024-bit DH encryption. [Gizmodo]
- 16-10-2015: How the NSA can break trillions of encrypted Web and VPN connections. [Ars Technica]
- 15-10-2015: Inside Mandiant's biggest forensics breach battle: Is this Anthem? [The Register]
- 15-10-2015: Ingenious attack shows how Siri could be hijacked silently from 16 feet away. [Graham Cluley]
- 14-10-2015: FBI takes down Dridex botnet, seizes servers, arrests suspect. [The Register]
- 14-10-2015: Encryption is the only guarantee of data destruction in the cloud. [Graham Cluley]
- 13-10-2015: SYNful Knock is no Stuxnet. [The Register]
- 12-10-2015: Soviet spying on IBM Selectric typewriters. [Schneier] [NSA PDF] [Ars Technica]
- 12-10-2015: Where do major tech companies stand on encryption? [Gizmodo]
- 10-10-2015: China arrests hacking suspects on behalf of the US. [Engadget] [Gizmodo]
- 13-10-2015: Arrest of Chinese hackers not a first for US. [Krebs]
- 14-10-2015: FireEye: US-China cyber espionage treaty 'will do nothing'. [The Register]
- 19-10-2015: China accused of hacking US firms even after cyber-peace treaty. [Engadget] [HardOCP] [Reuters]
- 08-10-2015: DDoS defences spiked by CloudPiercer tool - paper. [The Register]
- 07-10-2015: Cisco disrupts $30m Angler hacking operation. [BBC News] [DC Knowledge]
- 05-10-2015: How to tackle the network intruders. [BBC News]
- 02-10-2015: Home routers 'vaccinated' by benign virus. [BBC News] [HardOCP] [TechWeek]
- 01-10-2015: When security experts gather to talk consensus, chaos ensues. [Wired]
- 01-10-2015: Identifying CIA officers in the field. [Schneier] [Salon]
- 29-09-2015: Botnet preying on Linux computers delivers potent DDoS attacks. [Ars Technica] [Engadget] [Gizmodo] [HardOCP] [ZDNet]
- 29-09-2015: Here are the God-mode holes that gave TrueCrypt audit the slip. [The Register] [ExtremeTech] [Engadget]
- 28-09-2015: How to send and receive encrypted email for free. [ExtremeTech]
- 26-09-2015: US and China have an 'understanding' to fight cyber economic espionage. [Engadget]
- 27-09-2015: Analysis: China-US hacking accord is tall on rhetoric, short on substance. [Ars Technica]
- 30-03-2016: Former FBI spy hunter: Don’t trust China on ‘no hack’ pact. [The Register]
- 24-09-2015: How the mysterious Dark Net is going mainstream. [TED YouTube]
- 23-09-2015: Obama administration explored backdoors for bypassing smartphone crypto. [Ars Technica] [Engadget] [HardOCP] [Washington Post]
- 23-09-2015: How the mysterious Dark Net is going mainstream. [TED: YouTube]
- 23-09-2015: Bidding for breaches, redefining targeted attacks. [Krebs]
- 22-09-2015: US Navy develops new system to defend against internet attacks. [Graham Cluley]
- 21-09-2015: History of hacktivism. [Schneier] [Georgetown Journal]
- 21-09-2015: SYNful knock attack against Cisco routers. [Schneier] [FireEye: exec, part 1]
- 21-09-2015: FireEye: The face of hacking is changing – and it's getting uglier. [The Register]
- 20-09-2015: The rate of Chinese hacking attempts is slowing down. [Engadget]
- 19-09-2015: The tricky encryption that could stump quantum computers. [Wired]
- 18-09-2015: MI5's website uses obsolete encryption protocol. [Graham Cluley]
- 17-09-2015: A guide to ransomware, the scary hack that’s on the rise. [Wired]
- 17-09-2015: Seven years of malware linked to Russian state-backed cyber espionage. [Ars Technica] [Graham Cluley] [Gizmodo]
- 17-09-2015: Schneider patches yet another dumb vulnerability. [The Register]
- 16-09-2015: Obama edges toward full support for encryption – but does he understand what that means? [The Register]
- 15-09-2015: Cisco routers in at least 4 countries infected by highly stealthy backdoor. [Ars Technica]
- 15-09-2015: Microsoft throws crypto foes an untouchable elliptic curveball. [The Register]
- 14-09-2015: How to avoid surveillance... with your phone. [TED YouTube]
- 14-09-2015: Serious cyber attacks against NZ surge, GCSB figures show. [NZ Herald]
- 13-09-2015: Near-perfect computer security may be surprisingly close. [Wired]
- 11-09-2015: How to pick the perfect password. [BBC News]
- 11-09-2015: 2FA has finally become more convenient. [ReadWriteWeb]
- 10-09-2015: Library gets cop visit for running exit relay in US. [The Register]
- 10-09-2015: Monsters defeated in quest to free .onion from clutches of DNS-snooping demons. [The Register] [BBC News] [Gizmodo]
- 09-09-2015: How highly advanced hackers (ab)used satellites to stay under the radar. [Ars Technica] [The Register]
- 08-09-2015: Researchers respond to developer’s accusation that they used crypto wrong. [Ars Technica]
- 08-09-2015: Our insecure Internet of Things is becoming terrifying. [ExtremeTech]
- 07-09-2015: Why Security Experts Are Using An Ancient Email Format In 2015. [HardOCP] [Motherboard]
- 07-09-2015: Kill the password. [HardOCP] [TechCrunch]
- 04-09-2015: Bored Brazilian skiddie claims DDoS against Essex Police. [The Register]
- 03-09-2015: The declining half-life of secrets. [Schneier] [Peter Swire: PDF]
- 03-09-2015: Greater Manchester plod site targeted by nuisance DDoS attack. [The Register]
- 03-09-2015: Vulnerabilities found in Siemens SIMATIC HMI devices. [Graham Cluley]
- 01-09-2015: Cyberwar: a global guide to nation-state digital attacks. [Wired]
- 01-09-2015: NSA boss: encrypted software needs government backdoors. [Wired]
- 04-09-2015: FTC commissioners call for strong encryption, push back against FBI, NSA. [ExtremeTech] [The Register]
- 06-09-2015: US trade watchdog to FBI: you think the crims won't know about the back door too? [The Register]
- 30-08-2015: NSA wants encryption that fends off quantum computing hacks. [Engadget]
- 28-08-2015: LizardStresser: Six people arrested in connection with Lizard Squad’s DDoS attack tool. [Graham Cluley] [BBC News] [Krebs] [HardOCP] [ZDNet] [Engadget]
- 27-08-2015: BitTorrent patched against flaw that allowed crippling DoS attacks. [Ars Technica]
- 27-08-2015: Cisco's RAT-catchers spot sysadmin-targeted phish. [The Register]
- 27-08-2015: Iranian phishing. [Schneier] [Citizen Lab]
- 26-08-2015: Concerns new Tor weakness is being exploited prompt dark market shutdown. [Ars Technica] [BBC News] [Tripwire]
- 26-08-2015: Tor is being cut up and making security pros cry. [The Register]
- 25-08-2015: System routes Internet traffic around countries you don't trust. [HardOCP] [IEEE Spectrum]
- 25-08-2015: Are data breaches getting larger? [Schneier]
- 24-08-2015: Samsung smart fridge leaves Gmail logins open to attack. [The Register] [Schneier] [Pen Test Partners]
- 21-08-2015: China using cyberspies in border disputes with India and neighbours. [The Register]
- 21-08-2015: NSA preps quantum-resistant algorithms to head off crypto-apocalypse [Ars Technica] [Schneier]
- 21-08-2015: SS7 phone-switch flaw enabled surveillance. [Schneier] [Engadget]
- 21-08-2015: How firms are fighting off spies and hackers. [BBC News]
- 20-08-2015: Researchers can steer your emails away from hostile nations. [Engadget]
- 19-08-2015: Schneier: 'We're in early years of a cyber arms race'. [The Register]
- 19-08-2015: Hackers exploiting wide-open Portmap to amp up DDoS attacks. [The Register] [DC Knowledge]
- 17-08-2015: Your torrent client could help hackers hijack your computer. [ExtremeTech]
- 17-08-2015: The noise around you could strengthen your passwords. [HardOCP] [Wired] [Gizmodo]
- 16-08-2015: How BitTorrent could let lone DDoS attackers bring down big sites. [Ars Technica]
- 13-08-2015: NSA funds $300k to build a safer Internet of Things. [The Register]
- 12-08-2015: Attackers are hijacking critical networking gear from Cisco. [Ars Technica] [Schneier]
- 12-08-2015: Another salvo in the second crypto war (of words). [Schneier]
- 12-08-2015: Five years after Stuxnet, your USB drive is still being patched. [Graham Cluley]
- 12-08-2015: Apple and Google are killing kids with encryption, complain lawyers. [The Register]
- 11-08-2015: Security tool tricks workers into revealing company secrets. [Wired]
- 11-08-2015: Random numbers aren't, says infosec expert. [The Register]
- 10-08-2015: I watched hackers pull off a real life Ocean's 11 heist . [Gizmodo] [DefCon]
- 07-08-2015: Imperva demos cloud man-in-the-middle attack. [The Register] [HardOCP] [BlackHat]
- 06-08-2015: Pentagon email hacked, Russia already blamed. [The Register] [HardOCP] [CNBC] [Gizmodo] [Wired] [Gizmodo]
- 06-08-2015: How the Arab Spring blew the lid off the commercial spyware. [The Register]
- 04-08-2015: TrueCrypt 'decrypted' by FBI to nail doc-stealing sysadmin. [The Register]
- 04-08-2015: Chinese VPN service as attack platform? [Krebs]
- 04-08-2015: Hackers target internet address bug to disrupt sites. [BBC News]
- 03-08-2015: Next-gen secure email using internet's own DNS – your help needed. [The Register]
- 31-07-2015: New attack on Tor can deanonymize hidden services with surprising accuracy. [Ars Technica]
- 31-07-2015: NSA report shows China hacked 600+ US targets over 5 years. [Ars Technica]
- 31-07-2015: Back doors won't solve Comey's going dark problem. [Schneier]
- 30-07-2015: Derelict TrueCrypt Russia portal 'is command hub for Ukraine spying op'. [The Register] [Graham Cluley]
- 30-07-2015: Reports shows Russians hackers used Twitter, photos to breach US computers. [Stuff]
- 29-07-2015: Bizarre high-tech kidnapping. [Schneier] [Wired]
- 28-07-2015: Firewalls can't protect today's connected cars. [HardOCP] [Network World]
- 28-07-2015: Hackers break into Brinks ultra secure safe. [HardOCP] [Network World] [The Register] [Schneier]
- 28-07-2015: How the way you type can shatter anonymity -- even on Tor. [Ars Technica] [Graham Cluley]
- 28-07-2015: New RC4 attack. [Schneier] [PDF]
- 27-07-2015: Researchers hack air-gapped computer with simple cell phone. [Wired] [Engadget] [The Register]
- 27-07-2015: Even former heads of NSA, DHS think crypto backdoors are stupid. [Ars Technica] [Schneier]
- 26-07-2015: Websites, please stop blocking password managers -- it’s 2015. [Wired] [HardOCP]
- 25-07-2015: What amateurs can learn from security pros about staying safe online. [Ars Technica]
- 24-07-2015: US Treasury's intelligence network was susceptible to cyberattacks. [Engadget]
- 23-07-2015: Watch how malicious apps can secretly devour your data. [Gizmodo] [Bloomberg]
- 23-07-2015: Researchers claim they’ve developed a better, faster Tor. [Ars Technica] [Engadget] [BBC News] [The Register] [HardOCP]
- 22-07-2015: Nigerian prince swaps the sweet talk for keyloggers and exploits. [The Register]
- 22-07-2015: Google, Facebook, and co launch web blacklist to nail ad scammers. [The Register]
- 21-07-2015: Black Hat 2015: 32 SCADA, mobile zero-day vulns will drop. [The Register]
- 18-07-2015: Cyber-security's dirty little secret: It's not as bad as you think. [The Register]
- 16-07-2015: You need to speak up for Internet security -- right now. [Wired]
- 16-07-2015: Once-theoretical crypto attack against HTTPS now verges on practicality. [Ars Technica] [The Register]
- 15-07-2015: "Hornets nest of criminal hackers" destryed by Feds. [Gizmodo] [ExtremeTech]
- 15-07-2015: The Darkode cybercrime forum, up close. [Krebs]
- 14-07-2015: Telegram messaging app cops 200Gbps DDoS. [The Register]
- 11-07-2015: The crypto wars aren't over. [Wired]
- 10-07-2015: Brit teen who unleashed 'biggest ever DDoS' walks free from court. [The Register]
- 10-07-2015: Cybercrime kingpin pleads guilty. [Krebs]
- 09-07-2015: UK politicos easily pwned on insecure Wi-Fi networks. [The Register] [Graham Cluley]
- 09-07-2015: The risks of mandating backdoors in encryption products. [Schneier]
- 09-07-2015: Multi-billion dollar corporations hit by mystery hacking gang. [Graham Cluley]
- 08-07-2015: Encryption backdoors for cops put Internet security at risk. [HardOCP] [ZDNet]
- 06-07-2015: DDoSers call 1988 and want its routing protocol hacked. [The Register]
- 03-07-2015: UK’s Cameron wants to ban encryption. [ExtremeTech]
- 30-06-2015: VPNs may not protect your information as well as you think. [Engadget]
- 29-06-2015: Chinese hackers take up white hats, become internet gatekeepers. [Stuff]
- 27-06-2015: Tougher encryption guidelines close a back door for NSA spies. [Engadget]
- 26-06-2015: US spy chief James Clapper says China lead suspect in cyber hack. [BBC News]
- 26-06-2015: FBI says crypto ransomware has raked in >$18 million for cybercriminals. [Ars Technica]
- 25-06-2015: DDoS attacks evolve and skyrocket on the Internet. [Cisco]
- 24-06-2015: What is the DoD's position on backdoors in security systems? [Schneier]
- 22-06-2015: “Free” proxies aren’t necessarily free. [Krebs]
- 22-06-2015: US the world's botnet mothership says Level 3. [The Register]
- 18-06-2015: Reddit, Wikipedia, Bing and the FBI agree - an encrypted web is a safer web. [Graham Cluley] [Ars Technica]
- 16-06-2015: Emoji passcodes promise more security than numbers. [Engadget]
- 17-06-2015: Maybe emoji passwords aren't such a good idea. [Wired]
- 15-06-2015: Hack of cloud-based LastPass exposes hashed master passwords. [Ars Technica]
- 16-06-2015: Am I an idiot for still using a password manager? [Gizmodo]
- 16-06-2015: When breaches happen: LastPass hack showcases the value of strong encryption. [DailyTech]
- 16-06-2015: Don’t let the LastPass hack destroy your faith in password managers. [Graham Cluley]
- 15-06-2015: Encrypting Windows hard drives. [Schneier]
- 12-06-2015: Even with a VPN, open Wi-Fi exposes users. [Ars Technica]
- 12-06-2015: Europol operation crushes phiendish global phishing ring. [The Register]
- 11-06-2015: The latest hack lesson? Great defense is never enough. [Wired]
- 11-06-2015: Decrypted WhatsApp chats laid groundwork for Belgian terror raids. [The Register]
- 11-06-2015: Mystery continues to surround the nude celebrity iCloud hack. [Graham Cluley]
- 11-06-2015: FBI seized computers linked to celeb photo leak scandal. [Engadget]
- 11-06-2015: German parliament cyber-attack still 'live'. [BBC News]
- 10-06-2014: Russia's to blame for pro-ISIS megahack on French TV network. [The Register]
- 10-06-2015: Techies to Obama: keep your hands off encryption. [Stuff]
- 09-06-2015: If the FBI has a backdoor to Facebook or Apple encryption, we are less safe. [BoingBoing] [The Guardian]
- 09-06-2015: CIA cybersecurity guru Dan Geer doesn’t use a cell phone. [Wired]
- 09-06-2015: Obama issues HTTPS-only order to US Federal sysadmins. [The Register] [BoingBoing] [TechDirt] [Graham Cluley] [The Register]
- 09-06-2015: Undetectable NSA-linked hybrid malware hits Intel Security radar. [The Register]
- 09-06-2015: US Army website defaced by Syrian Electronic Army hackers. [Graham Cluley]
- 05-06-2015: FBI: Apple and Google are helping ISIS by offering strong crypto. [The Register]
- 04-06-2015: Russia behind German govt cyber attack -- report. [The Register]
- 04-06-2015: We stand on the brink of global cyber war, warns encryption guru. [The Register]
- 01-06-2015: Hola VPN used to perform DDoS attacks, violate user privacy. [Ars Technica] [BBC News] [Graham Cluley] [The Register] [NZ Herald]
- 10-06-2015: Do you use Hola VPN? You could be part of a DDoS, content theft – or worse. [The Register]
- 30-04-2015: SHA-1 crypto hash retirement fraught with problems. [The Register]
- 30-04-2015: Another layer of defence against cyberattacks. [DC Knowledge]
- 28-04-2015: DDoSsers use reflection amplification to crank up the volume to 100Gbps+. [The Register]
- 28-04-2015: A day in the life of a stolen healthcare record. [Krebs]
- 27-04-2015: 'Use 1 capital' password prompts make them too predictable – study. [The Register]
- 27-04-2015: Thirty Meter Telescope website falls over in hacktivist DDoS attack. [Graham Cluley]
- 27-04-2015: Hackers hijack Tesla’s website, Twitter account and email – but how? [Graham Cluley]
- 26-04-2015: Your Tor-based email isn't as secure as you think. [Engadget] [Tor Project]
- 25-04-2015: Russian hackers scooped up the President's unclassified email. [Engadget] [Ars Technica] [Gizmodo] [BoingBoing]
- 24-04-2015: DoD’s new ‘transparent’ policy on cybersecurity is still opaque. [Wired] [Gizmodo]
- 24-04-2015: Here's why the Pentagon is publishing its cyber-warfare rulebook – if China hasn't already hacked in and read it. [The Register]
- 24-04-2015: Ransomware decryptor. [BoingBoing] [Kaspersky]
- 24-04-2015: The further democratization of QUANTUM. [Schneier]
- 24-04-2015: Federal Trade Commissioner Julie Brill on obscurity [Schneier] [CS Monitor]
- 24-04-2015: Security researcher: it's "trivial to bypass security tools on Macs". [Gizmodo] [Threat Post]
- 23-04-2015: Cash register maker used same password – 166816 – non-stop since 1990. [The Register] [BoingBoing] [CSO] [HardOCP]
- 21-04-2015: White House cyber-general says US must be able to cyber-nuke the cyber-worst. [The Register]
- 21-04-2015: RSA supremo rips into 'failed' security industry, warns of 'super-mega hack'. [The Register]
- 21-04-2015: The secrets of webcam hackers. [Graham Cluley]
- 19-04-2015: Every version of Windows is affected by this vulnerability. [HardOCP] [MakeUseOf]
- 19-04-2015: Inside Islamic State's spookocracy. [BoingBoing] [Der Spiegel]
- 18-04-2015: Russians are using undiscovered exploits to hack the US government. [Engadget]
- 16-04-2015: IBM’s 700TB security threat database enters the cloud. [The Register] [DC Knowledge]
- 16-04-2015: APT group hacks cyber-spy gang in spy-on-spy pwnage. [The Register]
- 15-04-2015: Hackers could commandeer new planes through passenger WiFi. [Wired] [HardOCP]
- 15-04-2015: Meet the e-voting machine so easy to hack, it will take your breath away. [Ars Technica] [The Register] [Schneier] [BradBlog]
- 15-04-2015: Malware attack discovered - what does Kaspersky do? Call in a comic strip artist. [Graham Cluley]
- 15-04-2015: Elite cyber crime group strikes back after attack by rival APT gang. [Ars Technica]
- 14-04-2015: The number of people who fall for phishing emails is staggering. [Gizmodo] [Wired]
- 13-04-2015: Researchers accuse China of over 10 years' cyber espionage and attack. [Gizmodo] [FireEye PDF]
- 13-04-2015: Anyone can buy the malware used to hack Sony. [Gizmodo] [HardOCP] [cNet]
- 11-04-2015: Police operation disrupts Beebone Botnet used for malware distribution. [HardOCP] [PCWorld]
- 10-04-2015: More defenses against psuedo random subdomain attacks. [Secure64]
- 10-04-2015: BitTorrent's P2P browser for decentralized websites now in beta. [THG]
- 10-04-2015: Don’t be fodder for China’s ‘Great Cannon'. [Krebs] [Schneier] [CitizenLab]
- 09-04-2015: Edward Snowden says your password should be MargaretThatcherIs110%SEXY. [Graham Cluley] [Gizmodo] [Lifehacker]
- 13-04-2015: Snowden's "sexy Margaret Thatcher" password isn't so secure. [Wired]
- 09-04-2015: Attacking researchers who expose voting vulnerabilities. [Schneier] [EFF]
- 09-04-2015: Denial of service attacks pour through rift in Network Time Protocol. [The Register]
- 09-04-2015: Motorola cable modem has hardcoded 'technician' backdoor. [The Register]
- 08-04-2015: Your home automation things are a security nightmare. [The Register]
- 07-04-2015: Russia might have hacked the White House. [Engadget] [Stuff]
- 08-04-2015: White House hackers allegedly accessed sensitive data. [HardOCP] [cNet]
- 07-04-2015: UK government website hijacked by Islamist hackers. [Graham Cluley]
- 04-04-2015: Bugs in Tor network used in attacks against underground markets. [Ars Technica]
- 03-04-2015: TrueCrypt security audit is good news, so why all the glum faces? [Ars Technica] [Lifehacker] [NCC Group PDF] [The Register] [Gizmodo] [Schneier] [ExtremeTech]
- 02-04-2015: Google exiles a Chinese certificate authority from the web. [ReadWriteWeb] [THG]
- 02-04-2015: Mozilla piles on China's SSL cert overlord: we don't trust you either. [The Register]
- 02-04-2015: Snowden didn't scare many out of US clouds says Forrester. [The Register]
- 02-04-2015: China DDoS attacks used unencrypted websites to hijack browsers. [Gizmodo]
- 02-04-2015: Google shares staggering adware infection stats. [Graham Cluley]
- 01-04-2015: President's order lets the US sanction foreign cyberattackers. [Engadget] [Gizmodo] [The Register]
- 01-04-2015: Mystery 'Explosive' cyber-spy campaign traced back to Lebanon. [The Register]
- 01-04-2015: Energy companies around the world infected by newly discovered malware. [Ars Technica]
- 31-03-2015: Feds subpoena reddit in effort to learn about users behind Dark Web chatter. [Ars Technica]
- 31-03-2015: GitHub battles “largest DDoS” in site’s history, targeted at anti-censorship tools. [Ars Technica] [THG]
- 31-03-2015: Massive denial-of-service attack on GitHub tied to Chinese government. [Ars Technica] [DC Knowledge]
- 03-04-2015: DDoS attacks that crippled GitHub linked to Great Firewall of China. [Ars Technica]
- 26-03-2015: As crypto wars begin, FBI silently removes sensible advice to encrypt your devices. [BoingBoing] [TechDirt]
- 26-03-2015: New router DNS attack delivers porn and game ads on mainstream websites. [ExtremeTech]
- 25-03-2015: DDoS attacks reduce in frequency but grow in volume. [HardOCP] [BetaNews]
- 27-03-2015: As GitHub is hit hard, experts disagree whether DDoS attacks are becoming more or less frequent. [Graham Cluley]
- 24-03-2015: Google discovers new security holes -- is the entire system fundamentally flawed? [ExtremeTech]
- 23-03-2015: The trick to hacking top-secret computers: just add heat. [Gizmodo] [The Register] [Schneier]
- 23-03-2015: Hilton Honors flaw exposed all accounts. [Krebs] [Ars Technica] [Graham Cluley]
- 22-03-2015: LightEater malware attacks millions of BIOS chips. [HardOCP] [BetaNews]
- 21-05-2015: China finally admits it has an army of hackers for cyberwar. [HardOCP] [Gizmodo]
- 21-03-2015: Automating remote BIOS attacks. [BoingBoing] [Forbes]
- 20-03-2015: Hacking BIOS chips isn't just the NSA's domain anymore. [Wired] [Schneier]
- 20-03-2015: Massive DDoS racks up $30,000-a-day Amazon bill for China activists. [The Register]
- 19-03-2015: Kaspersky Lab hits back at Bloomberg's Russian spy link hit piece. [The Register] [Graham Cluley]
- 24-03-2015: Kaspersky hit by new below-the-belt sauna spy attack in the WSJ. [Graham Cluley]
- 19-03-2015: OpenSSL warns of two high-severity bugs, but no Heartbleed. [Ars Technica] [Graham Cluley]
- 19-03-2015: GCHQ: Ensure biz security by stopping everyone from talking. [The Register]
- 18-03-2015: OpenSSL patch to plug severe security holes. [Krebs]
- 18-03-2015: Dark web’s ‘Evolution Market’ vanishes. [Krebs] [Wired] [Graham Cluley]
- 18-03-2015: 'Dark web' keeps criminals out of reach of metadata retention laws. [Stuff]
- 17-03-2015: The NSA is going to love these USB-C charging cables. [Gizmodo]
- 16-03-2015: China has hacked every major US corporation, former NSA head says. [DC Knowledge]
- 16-03-2015: ‘AntiDetect’ helps thieves hide digital fingerprints. [Krebs]
- 16-03-2015: Princeton boffins sniff Tor users' IDs from TCP ACKs and server sweat. [The Register]
- 14-03-2015: Fearing hackers, US State Dept. has shut off part of its email system. [Gizmodo]
- 14-03-2015: Computer terror simulation used to recruit 'cyber defenders'. [BBC News]
- 13-03-2015: CloudFlare keyless SSL scales down internet connections. [EtherealMind]
- 13-03-2015: Epic Google snafu leaks hidden whois data for 280,000 domains. [Ars Technica] [ExtremeTech] [Engadget]
- 12-03-2015: CryptoLocker look-alike searches for and encrypts PC game files. [Ars Technica]
- 11-03-2015: CloudFlare launches nameserver DDoS shield. [The Register]
- 10-03-2015: Spammers charged over 'largest' email breach. [BBC News]
- 10-03-2015: Banning Tor unwise and infeasible, MPs told [BBC News] [BoingBoing] [Parliament] [The Daily Dot] [Ars Technica]
- 10-03-2015: Cutting-edge hack gives super user status by exploiting DRAM weakness. [Ars Technica] [Wired] [Schneier]
- 10-03-2015: OpenSSL audit kicks off for post-Heartbleed strengthening programme. [The Register]
- 09-03-2015: Ethiopia is hacking US journalists with commercial spyware. [Engadget]
- 17-03-2015: Details on hacking team software used by Ethiopian government. [Schneier] [Citizen Lab]
- 09-03-2015: Tor doesn't want to depend on US government money anymore. [Gizmodo] [The Daily Dot]
- 09-03-2015: Identifying when someone is operating a computer remotely. [Schneier] [BioCatch]
- 08-03-2015: UK man arrested on suspicion of US DoD hacking. [Ars Technica] [Engadget]
- 07-03-2015: Give biometrics the finger: horror tales from the ENCRYPT. [The Register]
- 06-03-2015: France fingered as source of Syria-spying Babar malware. [The Register]
- 05-03-2015: DNS enhancement catches malware sites by understanding sneaky domain names. [Ars Technica]
- 04-03-2015: US air traffic control computer system vulnerable to terrorist hackers. [Ars Technica] [HardOCP] [Engadget]
- 04-03-2015: FREAK attack: what is it, and what you need to know. [Graham Cluley] [Gizmodo] [ExtremeTech] [Engadget] [Gizmodo] [Stuff] [Schneier]
- 04-03-2015: Tom Ridge can find terrorists anywhere. [Schneier]
- 02-03-2015: Would you trust 'spyproof' mobes made in Putin's Russia? [The Register]
- 02-03-2015: Silent Circle revamps secure smartphone. [The Register] [Gizmodo]
- 05-03-2015: How Blackphone turned a security fail into a win. [ReadWriteWeb]
- 02-03-2015: The democratization of cyberattack. [Schneier] [Motherboard]
- 01-03-2015: VPNs: which ones value your privacy? [BoingBoing] [TorrentFreak]
- 28-02-2015: The U.S. doesn't like it when China wants to build encryption backdoors. [Gizmodo] [HardOCP] [ZDNet] [Engadget] [Graham Cluley]
- 27-02-2015: Ramnit botnet shut down. [HardOCP] [Europol]
- 26-02-2015: It took police three years to fully shut down a money-stealing botnet. [Gizmodo]
- 26-02-2015: FinFisher, the spyware loved by cruel dictators, stomps all over human rights, says UK govt. [The Register]
- 26-02-2015: Everyone wants you to have security, but not from them. [Schneier]
- 26-02-2015: Spam uses default passwords to hack routers. [Krebs]
- 26-02-2015: PrivDog chews HTTPS, hurls clear text. [The Register]
- 25-02-2015: "Surreptitiously Weakening Cryptographic Systems". [Schneier] [IACR, PDF]
- 25-02-2015: Anthem hack puts at least 8.8 million non-customers at risk. [Graham Cluley]
- 25-02-2015: Police shut down network 'used to steal bank details'. [BBC News]
- 25-02-2015: FBI says sixty different hacker groups linked to nation-states. [Stuff]
- 25-02-2015: Feds offer $3m reward for 'CryptoLocker baron'. [The Register]
- 24-02-2015: Banking malware spreading via Microsoft Word macros. [Graham Cluley]
- 24-02-2015: Lizard Squad disrupts Google in Vietnam to promote DDoS-for-hire service. [Graham Cluley]
- 23-02-2015: Ad-blocking software is 'worse than Superfish'. [BBC News] [Lumension]
- 23-02-2015: Security software found using Superfish-style code, as attacks get simpler. [Ars Technica]
- 21-02-2015: Accused British hacker, wanted for crimes in US, won’t give up crypto keys. [Ars Technica]
- 20-02-2015: Hello, NSA? The US State Department can't kick hackers out of its networks – report. [The Register]
- 20-02-2015: Cybersecurity: Tackling the threat from within. [BBC News]
- 20-02-2015: Horrors of murky TrueCrypt to be probed once more. [The Register] [IsTrueCryptAuditedYet]
- 19-02-2015: Lenovo pre-installed malware on laptops. [BoingBoing] [BBC News] [Graham Cluley] [ExtremeTech] [Schneier] [Gizmodo]
- 19-02-2015: Lenovo ditches adware - but that doesn't fix SSL mega-vulnerability. [The Register] [Engadget] [Ars Technica]
- 19-02-2015: How to test your PC for the new "Superfish" security vulnerability. [Lifehacker]
- 19-02-2015: Lenovo honestly thought you’d enjoy that Superfish HTTPS spyware. [Ars Technica]
- 19-02-2015: How to get unhooked from Lenovo's dangerous Superfish spyware. [ReadWriteWeb] [ExtremeTech] [Gizmodo]
- 19-02-2015: Lenovo CTO says “We didn’t do enough,” promises to wipe Superfish off PCs. [Ars Technica]
- 20-02-2015: US cyber-cops declare WAR on Superfish ad-spewing malware lurking in Lenovo laptops. [The Register]
- 20-02-2015: How could Lenovo miss its Superfish security hole? [Engadget]
- 21-02-2015: Superfish doubles down, says HTTPS-busting adware poses no security risk. [Ars Technica]
- 21-02-2015: “SSL hijacker” behind Superfish debacle imperils large number of users. [Ars Technica]
- 21-02-2015: Windows Defender now removes Superfish malware… if you’re lucky. [Ars Technica]
- 21-02-2015: Lenovo offers tool to remove hidden adware 'Superfish'. [BBC News] [Gizmodo] [HardOCP] [The Verge] [The Register]
- 22-02-2015: Microsoft, McAfee vs. SuperFish. [HardOCP] [Mashable]
- 23-02-2015: Mozilla mulls Superfish torpedo. [The Register]
- 23-02-2015: Superfish points fingers over ad software. [Stuff]
- 23-02-2015: Facebook security chap finds 10 Superfish sub-species. [The Register]
- 23-02-2015: Lenovo CTO: we have no intention of shipping a Superfish product again. [Gizmodo]
- 24-02-2015: Still smarting from HTTPS-busting Superfish debacle, Lenovo says sorry. [Ars Technica]
- 24-02-2015: Lenovo users lawyer up over hole-filled, HTTPS-breaking Superfish adware. [Ars Technica] [The Register]
- 24-02-2015: Give us a week to clean the Superfish, begs Lenovo CTO. [The Register]
- 25-02-2015: Lenovo falls on its sword as Superfish impact spreads. [ExtremeTech]
- 25-02-2015: Lenovo's website hacked, apparently by Lizard Squad. [Engadget] [The Register] [The Register] [Graham Cluley] [Ars Technica] [Gizmodo]
- 26-02-2015: Lenovo's Superfishing trip. [NZ Herald]
- 27-02-2015: Bruised Lenovo promises 'a cleaner, safer PC'. [Graham Cluley] [ExtremeTech] [THG]
- 07-03-2015: Two weeks on, Superfish debacle still causing pain for some Lenovo customers. [Ars Technica]
- 09-03-2015: Lenovo still shipping infected systems as customers grapple with removal. [ExtremeTech]
- 06-05-2015: There's another 'massive security risk' in Lenovo's computers. [Gizmodo]
- 12-08-2015: Lenovo crams unremovable crapware on Windows laptops – by hiding it in the BIOS. [The Register] [Lifehacker]
- 06-09-2017: Lenovo fined over Superfish adware-ridden laptops. [BBC News] [Graham Cluley] [ExtremeTech]
- 18-02-2015: America already has a Manhattan Project for developing cyber attacks. [Wired]
- 16-02-2015: How “omnipotent” hackers tied to NSA hid for 14 years -- and were found at last. [Ars Technica]
- 14-02-2015: Hackers stole hundreds of millions in massive malware bank heist. [Gizmodo] [NYT] [Engadget] [Ars Technica] [Graham Cluley] [The Register] [Krebs]
- 13-02-2015: Obama’s new order urges companies to share cyber-threat info with the government. [Wired] [Engadget] [The Register]
- 13-02-2015: Biter bitten as hacker leaks source code for popular exploit kit. [The Register]
- 12-02-2015: Electronic surveillance failures leading up to the 2008 Mumbai terrorist attacks. [Schneier]
- 12-02-2015: 1 billion data records stolen last year due to poor security. [HardOCP] [ZDNet]
- 12-02-2015: Cyber attack takes down Dutch government sites. [BBC News] [The Register]
- 11-02-2015: A crypto trick that makes software nearly impossible to reverse-engineer. [Wired]
- 11-02-2015: The consumer data revolt is coming. [HardOCP] [Bloomberg]
- 11-02-2015: Facebook helps online services warn each other about security threats. [Engadget] [The Register] [HardOCP] [ThreatExchange]
- 11-02-2015: Jeb Bush redacts correspondents' leaked information. [BBC News] [DailyTech]
- 13-02-2015: Jeb Bush is sorry he published social security numbers. [Gizmodo]
- 11-02-2015: Air gaps: Happy gas for infosec or a noble but inert idea? [The Register]
- 11-02-2015: Steal the hackers' thunder by revealing yourself online. [Stuff]
- 10-02-2015: Hackers unknowingly gather intel for the NSA. [HardOCP] [Computer World]
- 10-02-2015: NSA claims Iran learned from Western cyberattacks. [The Intercept] [Wired] [Engadget]
- 10-02-2015: Did the NSA and the UK’s spy agency launch a joint cyberattack on Iran? [Wired]
- 10-02-2015: Uber left its lost-and-found database open to anyone on the internet. [Graham Cluley] [The Register]
- 10-02-2015: US launching a new cyberwarfare agency in wake of Sony attacks. [Engadget] [DC Knowledge] [HardOCP] [Stuff]
- 10-02-2015: Take a security checkup on Safer Internet Day. [Google]
- 10-02-2015: It’s Safer Internet Day. So where is our Internet of Secure Things? [Graham Cluley]
- 10-02-0215: Fearing an FBI raid, researcher publishes 10 million passwords/usernames. [Ars Technica] [The Register] [HardOCP] [BGR] [Schneier] [Gizmodo] [The Guardian] [Xato]
- 09-02-2015: DARPA's Memex for searching the deep Web. [BoingBoing] [Scientific American] [DARPA] [Wired]
- 06-02-2015: The world’s email encryption relies on a guy who is going broke. [Gizmodo]
- 06-02-2015: Why even strong crypto wouldn’t protect SSNs exposed in Anthem breach. [Ars Technica]
- 05-02-2015: Siemens: SCADA bugs abound. [The Register]
- 05-02-2015: Your crypto apps are useless unless you check them for backdoors. [Ars Technica]
- 04-02-2015: Here's why your bank account is less secure than your Gmail. [Gizmodo]
- 04-02-2015: The utterly crazy story of the death threat hacker. [Graham Cluley] [The Register]
- 03-02-2015: The Hells Angels are old pros at encryption . [Gizmodo]
- 03-02-2015: Cybersecurity: Defending 'unpreventable' cyber attacks. [BBC News]
- 02-02-2015: Femmes fatales steal Syrian opposition’s Skype chats and military plans. [Graham Cluley] [BBC News] [The Register] [Ars Technica] [Gizmodo]
- 01-02-2015: The British Army is creating a battalion of "Facebook Warriors". [Gizmodo] [HardOCP] [Neowin]
- 31-01-2015: The army just open-sourced its security software. [Gizmodo] [Engadget]
- 30-01-2015: WhatsApp privacy hole exposes users’ private profile photos. [Graham Cluley] [The Register]
- 29-01-2015: China, FBI and UK all want backdoors in Western technology. [The Register] [Graham Cluley]
- 29-01-2015: China’s new rules for selling tech to banks have US companies spooked. [Wired]
- 29-01-2015: The Internet of Dangerous Things. [Krebs]
- 29-01-2015: Mozilla dusts off old servers, lights up Tor relays. [The Register]
- 29-01-2015: IT vendors cry foul at new Chinese security rules requiring built-in backdoors. [Ars Technica]
- 28-01-2015: Use a Raspberry Pi as a Tor/VPN router for anonymous browsing. [Lifehacker] [Make]
- 28-01-2015: No, Department of Justice, 80% of Tor traffic is not child porn. [Wired] [HardOCP]
- 28-01-2015: Bug in ultra secure BlackPhone let attackers decrypt texts, stalk users. [Ars Technica] [HardOCP] [Security Week]
- 27-01-2015: FTC warns of the huge security risks in the Internet of Things. [Wired] [FTC] [The Register]
- 27-01-2015: Hacktivists step up web attack volumes. [BBC News] [Stuff]
- 27-01-2015: Facebook and Instagram get knocked offline... for about an hour. [BBC News] [Engadget] [The Register]
- 27-01-2015: Facebook back up after site crash. [Stuff]
- 27-01-2015: Lizard Squad claims to take down Facebook, Instagram, Tinder (briefly). [Gizmodo]
- 27-01-2015: Lizard Squad blamed for Facebook downtime. Facebook says “Err... no”. [Graham Cluley]
- 27-01-2015: Facebook outage affects sites that used social network’s login system. [DC Knowledge]
- 28-01-2015: Facebook blames internal glitch for blackout. [NZ Herald] [Stuff] [The Register] [HardOCP] [Chicago Tribune]
- 27-01-2015: 'Path to Hell': Davos elites warned about catastrophic cyber attacks. [Stuff]
- 26-01-2015: Lizard Squad threatens Malaysia Airlines with data dump: We did too hack your site. [The Register]
- 23-01-2015: Internet attack could shut down US gas stations. [Ars Technica] [HardOCP]
- 22-01-2015: A brief attempt at explaining the madness of cryptocurrency. [Engadget]
- 22-01-2015: Did feds mount a sustained attack on Tor to decloak crime suspects? [Ars Technica]
- 21-01-2015: What Obama gets wrong about digital security. [Gizmodo]
- 21-01-2015: Playing NSA, hardware hackers build USB cable that can attack. [Ars Technica]
- 21-01-2015: The 25 most popular passwords of 2014. [Lifehacker] [Engadget] [HardOCP] [PRWeb] [BBC News] [Stuff]
- 20-01-2015: Life inside a DDOS "booter site". [BoingBoing] [Ars Technica]
- 20-01-2015: NSA: We're in your botnet. [The Register]
- 19-01-2015: The daunting challenge of reporting on cyberwar. [BBC News]
- 18-01-2015: New "Skeleton Key" malware allows bypassing of passwords. [HardOCP] [Neowin]
- 17-01-2015: NSA brags about turning the tables on cyberwarfare hackers. [Engadget]
- 17-01-2015: Need a hacker? Check out Hacker's List. [HardOCP] [PCMag]
- 17-01-2015: New Snowden documents show scope of United States' cyber war plans: infiltrate and control or destroy enemy systems and networks. [Der Spiegel]
- 16-01-2015: 'Cyber attack war games' to be staged by UK and US. [BBC News]
- 16-01-2015: Here are some dummies giving Jimmy Kimmel their passwords on national TV. [Gizmodo]
- 16-01-2015: Freelance hackers will bust into your boyfriend's email... for a fee. [ReadWriteWeb]
- 16-01-2015: The problem with the White House cybersecurity proposals. [BoingBoing] [UoC]
- 15-01-2015: Thousands of French websites face DDoS attacks since Charlie Hebdo massacre. [DC Knowledge] [BBC News]
- 15-01-2015: Got a GE industrial Ethernet switch? Get patching. [The Register]
- 15-01-2015: Cryptolocker 3.0 scum bounce victims over Invisible net. [The Register] [PCWorld]
- 14-01-2015: NSA official: Support of backdoored Dual_EC_DRBG was “regrettable”. [Ars Technica] [The Register]
- 13-01-2015: Obama renews push for comprehensive cybersecurity legislation. [Engadget] [HardOCP] [Yahoo News] [Gizmodo] [BBC News] [Wired] [BoingBoing]
- 14-01-2015: Obama's proposed laws against hacking will negatively impact cybersecurity professionals, create a cyber police state. [Errata Security]
- 15-01-2015: Mr President, is this a war on hackers – or a war on people stopping hackers? [The Register]
- 13-01-2015: Thunderstrike! How a radar-proof rootkit could infect your Mac. [Graham Cluley]
- 13-01-2015: Attackers planting banking Trojans in industrial systems. [The Register]
- 12-01-2015: Keysweeper: creepy keystroke logger camouflaged as USB charger. [BoingBoing] [Keysweeper] [Ars Technica] [Coolest Gadgets]
- 12-01-2015: Hackers claiming ties to ISIS take control of Pentagon social accounts. [Engadget] [BBC News] [Stuff] [Gizmodo] [The Register] [Wired] [HardOCP] [Fox News] [BoingBoing] [Ars Technica]
- 13-01-2015: US military’s CENTCOM Twitter account hacked – were they not using 2FA? [Graham Cluley]
- 13-01-2015: It doesn’t really matter if ISIS sympathizers hacked Central Command’s Twitter. [Wired]
- 13-01-2015: What are the odds CENTCOM really was hacked by ISIS? Next to zero. [BoingBoing] [The Daily Beast]
- 13-01-2015: Centcom - a PR disaster, not cyberwar. [BBC News]
- 09-01-2015: Security hole found in North Korea’s home-grown OS. [Ars Technica] [The Register]
- 12-01-2015: Hands-on with North Korea's web browser. [WhiteHatSec]
- 12-01-2015: North Korea’s official news site delivers malware. [Ars Technica]
- 09-01-2015: Lizard stresser runs on hacked home routers. [Krebs] [Ars Technica]
- 09-01-2015: MI5 boss: We need to break securo-tech, get 'assistance' from data-slurp firms. [The Register]
- 09-01-2015: Post-POODLE, OpenSSL shakes off some fleas. [The Register]
- 08-01-2015: 8chan, related sites go down in Lizard Squad-powered DDoS. [Ars Technica]
- 08-01-2015: Browsing in privacy mode isn't as secure as you think. [ReadWriteWeb]
- 08-01-2015: Pro-Russian cyberattacks bring down German government websites. [Engadget]
- 07-01-2015: Immobilise national property register left 28 million doors wide open for burglars to plunder data. [Graham Cluley] [The Register]
- 07-01-2015: Spies do 'happy dance' after encryption cracked. [Stuff]
- 06-01-2015: The biggest security threats we’ll face in 2015. [HardOCP] [Wired]
- 06-01-2015: Lavabit founder wants to make “dark” e-mail secure by default. [Ars Technica] [BoingBoing]
- 05-01-2015: Why today's security measures just don't cut it. [Wired] [HardOCP] [cNet]
- 05-01-2015: Gogo Inflight Internet is intentionally issuing fake SSL certificates. [Neowin]
- 03-01-2015: 2014 was the biggest year for malware yet. [HardOCP] [Digital Trends]
- 09-01-2015: 2014: the year of infrastructure vulnerability. [DC Knowledge]
- 03-01-2015: Cyber criminals demand a modern approach to security. [Stuff]
- 01-01-2015: North Korea/Sony story shows how eagerly US media still regurgitate government claims. [The Intercept]
- 01-01-2015: The most dangerous people on the internet right now. [Wired]
2014 News- 31-12-2014: The hackers who hit Sony also threatened CNN. [HardOCP] [Engadget] [The Intercept] [Ars Technica] [Engadget] [Gizmodo]
- 02-01-2015: The FBI thought this guy's joke was a legit threat to CNN. [Gizmodo] [Fusion]
- 31-12-2014: FBI investigating whether companies are engaged in revenge hacking. [Bloomberg] [Engadget]
- 30-12-2014: The year’s biggest winners and losers in privacy and security. [Wired]
- 30-12-2014: Security research at The Hague: the mobile malware threat. [HotHardWare]
- 29-12-2014: Inside the NSA's war on internet security. [HardOCP] [Der Spiegel]
- 29-12-2014: Tor de farce: NSA fails to decrypt anonymised network. [The Register]
- 30-12-2014: The encryption tools the NSA still can't crack revealed in new leaks. [Gizmodo] [THG]
- 30-12-2014: New NSA leaks: does crypto still work? [BoingBoing] [Cryptographic Engineering]
- 31-12-2014: NSA has VPNs in Vulcan death grip -- no, really, that’s what they call it. [Ars Technica]
- 31-12-2014: Newly published NSA documents show agency could grab all Skype traffic. [Ars Technica] [BoingBoing]
- 29-12-2014: “How a North Korean cyber attack could cripple Britain”. The Daily Mail goes bonkers. [Graham Cluley]
- 29-12-2014: Hackers find that fingerprints can be stolen through public photos. [PetaPixel] [BoingBoing] [VentureBeat] [THG] [ExtremeTech] [The Register] [ReadWriteWeb] [Ars Technica] [BBC News]
- 28-12-2014: Hacker group names, ranked. [Gizmodo]
- 28-12-2014: Cyberattacks used security software to cover their trail. [Engadget]
- 26-12-2014: Hackers who shut down PSN and Xbox Live now attacking Tor. [Gizmodo] [The Verge] [The Register] [Engadget] [HardOCP]
- 26-12-2014: White hats figure out live phone tracking via protocol vuln. [The Register]
- 25-12-2014: Xbox Live and PlayStation Network both down due to an apparent attack. [Engadget] [Gizmodo] [BBC News] [NZ Herald] [Ars Technica] [BBC News] [HardOCP] [The Guardian] [TrustedReviews] [Stuff] [ReadWriteWeb] [Krebs]
- 26-12-2014: Kim Dotcom stops Xbox and PlayStation attacks. [HardOCP] [TorrentFreak] [DC Knowledge]
- 26-12-2014: Xbox Live and PSN are still messed up after attack by hackers . [Gizmodo] [NZ Herald]
- 26-12-2014: Xbox Live is up, PlayStation’s network still recovering after a Christmas Day outage. [Washington Post]
- 27-12-2014: PSN back online days after DDoS attack paralysed network. [The Register] [HardOCP] [TechRadar]
- 28-12-2014: PSN is still down for some as Sony gets service back online. [VentureBeat] [Kotaku] [Stuff]
- 28-12-2014: Sony fingers DDoS attackers for ruining PlayStation's Xmas. [The Register]
- 28-12-2014: These are the hackers who wrecked your holiday gaming. [Engadget] [The Daily Dot]
- 29-12-2014: PlayStation network back online after three days. [NZ Herald]
- 29-12-2014: Sony talks PSN outage, doesn't name attackers. [HardOCP] [BetaNews]
- 30-12-2014: FBI claimed to be investigating Xbox Live, PlayStation Network DDoS perpetrators. [Ars Technica] [HardOCP] [The Daily Dot]
- 05-01-2015: 'We do apologize': life at Sony customer service during the PSN attack [Kotaku]
- 24-12-2014: FBI warned of a Sony-style hack in a report last year. [Engadget]
- 23-12-2014: The webcam hacking epidemic. [The Atlantic]
- 23-12-2014: 2008 cyberattack against Turkish oil pipeline. [Schneier] [Bloomberg]
- 23-12-2014: German steel works suffered “massive damage” after hack attack. [Graham Cluley]
- 22-12-2014: Gang hacked ATMs from inside banks. [Krebs]
- 22-12-2014: South Korea nuclear plant operator says hacked, raising alarm. [Reuters] [Gizmodo] [Stuff] [Ars Technica] [Gizmodo]
- 24-12-2014: South Korea calls on China for help following hack attempt on nuclear power company. [Ars Technica]
- 30-12-2014: South Korea says nuclear worm is nothing to worry about. [The Register]
- 22-12-2014: North Korea's internet under mass cyber attack. [HardOCP] [Vox] [Gizmodo] [Engadget] [BoingBoing] [NYT] [The Register] [Stuff] [Graham Cluley] [THG] [Ars Technica] [BBC News] [Schneier]
- 22-12-2014: It starts with an email: how a hacking gang has stolen $17 million from banks and retailers since 2013. [Tripwire]
- 20-12-2014: Cyber espionage targets Syrian activists, linked to ISIS. [Ars Technica]
- 20-12-2014: If Tor vanishes over the weekend, this is why. [The Register] [HardOCP]
- 20-12-2014: A look at North Korea's cyberwar capabilities. [NZ Herald]
- 19-12-2014: German researchers discover a flaw that could let anyone listen to your cell calls. [HardOCP] [Washington Post]
- 18-12-2014: The Syrian Electronic Army Strikes Again: International Business Times hacked. [Graham Cluley]
- 18-12-2014: Watching a USB hack in action makes me never want to leave my computer. [Gizmodo] [BoingBoing]
- 18-12-2014: Hackers can read your texts thanks to huge security flaw. [Gizmodo]
- 18-12-2014: The continued threat of DDoS attacks, four ways to address the concern. [DC Knowledge]
- 18-12-2014: Hacking tutorials, identity documents gain popularity on black market. [Ars Technica]
- 17-12-2014: ICANN e-mail accounts, zone database breached in spearphishing attack. [Ars Technica] [HardOCP] [ZDNet] [The Register] [BBC News] [Gizmodo] [Engadget]
- 17-12-2014: Google's end-to-end email encryption moves to Github. [BoingBoing] [Google]
- 16-12-2014: The FBI used the web’s favorite hacking tool to unmask Tor users. [Wired] [Ars Technica] [Gizmodo] [Schneier]
- 17-12-2014: Tor is still safe. [Gizmodo]
- 15-12-2014: Uncrackable quantum authentication uses photons to secure your data. [ExtremeTech]
- 15-12-2014: Senator: Backdoor for the Feds is a backdoor for hackers. [The Register]
- 15-12-2014: Next gen ransomware: Elliptic cryptic, talks on Tor, demands Bitcoin. [The Register]
- 12-12-2014: Iranian hackers used Visual Basic malware to wipe Vegas casino’s network. [Ars Technica] [Bloomberg]
- 11-12-2014: Nation-backed malware targets diplomats’ iPhones, Androids, and PCs. [Ars Technica]
- 11-12-2014: GCHQ, police to team up to hunt down child abuse on the darknet. [The Register]
- 08-12-2014: Powerful, highly stealthy Linux trojan may have infected victims for years. [Ars Technica]
- 08-12-2014: Hacker group Lizard Squad takes down PlayStation Network and Xbox Live. [DC Knowledge] [HardOCP] [cNet] [ExtremeTech] [reCode]
- 09-12-2014: PlayStation store back after cyber attack. [Stuff]
- 08-12-2014: The government likes to blame stuff on Tor. [Gizmodo]
- 08-12-2014: Tor privacy service used in a majority of online bank heists. [Ars Technica]
- 08-12-2014: North Korea's elite, pampered hackers. [Stuff]
- 08-12-2014: Taiwan: a canary in the cyber coalmine. [Stuff]
- 05-12-2014: 'Sign in with LinkedIn' spoof allows baddies to penetrate Slashdot, NASDAQ.com and more. [The Register]
- 05-12-2014: Stupid humans and their expensive data breaches. [The Register]
- 04-12-2014: The Feds are finally going to help companies avoid getting hacked. [Gizmodo]
- 03-12-2014: Iranian "Cleaver" hacks through airport security, Cisco boxen. [The Register] [Engadget]
- 03-12-2014: GCHQ boffins quantum-busted its own crypto primitive. [The Register] [Schneier]
- 01-12-2014: Hackers are gaming the stock market with a stupid simple approach. [Gizmodo] [NYT] [BBC News] [DC Knowledge]
- 28-11-2014: World's best threat detection pwned by BAB0. [The Register]
- 27-11-2014: Siemens issues emergency SCADA patch. [The Register]
- 27-11-2014: Syrian hacking group places pop-up message on websites. [BBC News] [Stuff] [The Register] [GigaOM] [Gizmodo]
- 24-11-2014: Security bill: The challenge of identifying internet users. [BBC News]
- 24-11-2014: Crypto protocols held back by legacy, says ENISA. [The Register]
- 23-11-2014: 15 arrested in new European crackdown of peeping tom malware users. [Ars Technica] [The Guardian] [Stuff] [NZ Herald]
- 21-11-2014: Detekt: a new malware detection tool. [HardOCP] [EFF] [Gizmodo]
- 21-11-2014: DDoS attacks of more than 10Gbps rise significantly in Q3. [DC Knowledge]
- 20-11-2014: Cloudflare: 500 Gbps DDoS carried out against independent Hong Kong news sites. [Forbes]
- 20-11-2014: FTC announces crackdown on computer speedup/tech support scams. [DailyTech] [HardOCP] [FTC]
- 20-11-2014: Malware’s new target: your password manager’s password. [Ars Technica] [Schneier]
- 19-11-2014: US government insists it doesn’t stockpile zero-day exploits. [HardOCP] [Wired]
- 19-11-2014: Fake antivirus scams: It's a $120m business – and alleged ringleaders have just been frozen. [The Register]
- 19-11-2014: Beefed up iPhone crypto will lead to a child dying, DOJ warned Apple execs. [Ars Technica] [Pocketnow] [WSJ] [DailyTech]
- 19-11-2014: Asian mobiles the DDOS threat of 2015, security mob says. [The Register]
- 19-11-2014: The real lesson from recent cyberattacks: let's break up the NSA. [ReadWriteWeb]
- 18-11-2014: Snarky 1992 NSA report on academic cryptography. [Schneier] [Scott Aaronson]
- 18-11-2014: New free CA. [Schneier]
- 18-11-2014: Many Tor-anonymized domains seized by police belonged to imposter sites. [Ars Technica] [New Web Order] [Gizmodo]
- 17-11-2014: Hackers are building and open-sourcing spy tools based on leaked NSA documents. [Motherboard]
- 17-11-2014: The NSA's efforts to ban cryptographic research in the 1970s. [Schneier] [Medium]
- 17-11-2014: Link found in Staples, Michaels breaches. [Krebs]
- 17-11-2014: Attack reveals 81% of Tor users but admins call for calm. [The Register] [Engadget]
- 17-11-2014: US State Dept hacked, email shut down. [Stuff] [Washington Post] [Engadget] [HardOCP] [Gizmodo] [BoingBoing] [Yahoo]
- 16-11-2014: Everything needs crypto, says IAB. [The Register]
- 14-11-2014: For a year, gang operating rogue Tor node infected Windows executables. [Ars Technica]
- 14-11-2014: ‘Microsoft partner’ claims fuel support scams. [Krebs]
- 14-11-2014: The return of crypto export controls? [Schneier] [The Register]
- 13-11-2014: Network hijackers exploit technical loophole. [Krebs]
- 12-11-2014: Hackers use DNS TXT records to amplify DDoS attacks:. [DC Knowledge] [Akamai PDF]
- 12-11-2014: FBI’s most wanted cybercriminal used his cat’s name as a password. [Ars Technica] [Gizmodo] [Stuff]
- 12-11-2014: Target, Home Depot and UPS attacks: need to rethink point-of-sale security. [The Register]
- 12-11-2014: Why are ISPs removing their customers' email encryption? [Gizmodo] [BoingBoing] [EFF] [The Register] [Schneier]
- 13-11-2014: Condemnation mounts against ISP that sabotaged users’ e-mail encryption. [Ars Technica]
- 11-11-2014: Don’t blame Obama, but DDoS attacks are now using his press releases. [Ars Technica]
- 11-11-2014: German spies want millions of Euros to buy zero-day code holes. [The Register]
- 11-11-2014: “DarkHotel” uses bogus crypto certificates to snare Wi-Fi-connected execs. [Ars Technica] [Wired] [NZ Herald] [HardOCP] [Kaspersky] [The Register] [Stuff] [BBC News] [Gizmodo] [Schneier]
- 10-11-2014: Google reveals alarming success rates for manual hijacking of accounts. [DC Knowledge] [Whir]
- 10-11-2014: China suspected of breaching US Postal Service computer networks. [Washington Post] [Engadget] [The Register] [Gizmodo] [Lifehacker] [BoingBoing] [LA Times] [Reuters] [Ars Technica]
- 10-11-2014: Mozilla will start hosting Tor relays as part of Polaris privacy push. [GigaOM]
- 08-11-2014: Another reminder on why you need to change default passwords. [HardOCP] [Network World]
- 07-11-2014: Aussie spooks warn of state-sponsored online attacks during G20. [The Register]
- 06-11-2014: Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud. [Ars Technica]
- 05-11-2014: Still spamming after all these years. [Krebs]
- 05-11-2014: This system will self destruct: Crimeware gets powerful new functions. [Ars Technica]
- 04-11-2014: How hackers can smuggle out your company’s data, via video. [Collaborista]
- 03-11-2014: Flaw in new ‘secure’ credit cards would let hackers steal $1M per card. [Wired] [Gizmodo] [HardOCP] [BoingBoing]
- 03-11-2014: Pro-democracy Hong Kong sites DDoS'd with Chinese cyber-toolkit. [The Register]
- 01-11-2014: The Amazons of the dark net. [The Economist]
- 30-10-2014: Chip & PIN vs chip & signature. [Krebs]
- 30-10-2014: Sandworm uses PowerPoint against Swiss bank customers. [The Register]
- 29-10-2014: Hackers are using Gmail drafts to update their malware and steal data. [Wired] [BoingBoing]
- 29-10-2014: White House hit by “sustained” cyber attack, hackers breach unclassified network. [Graham Cluley] [ReadWriteWeb] [The Register]
- 28-10-2014: Security Avengers team up to take down Chinese hacking group. [The Register]
- 28-10-2014: Leader of “most sophisticated cybercrime ring” sentenced to 11 years. [Ars Technica]
- 27-10-2014: Targeted attacks against businesses on the rise. [HardOCP] [ZDNet]
- 27-10-2014: 'Replay’ attacks spoof chip card charges. [Krebs]
- 27-10-2014: Exposing the hidden history of computer hacking. [BBC News]
- 25-10-2014: Hackers target military, embassy and defense workers in Operation Pawn Storm. [Graham Cluley]
- 24-10-2014: Now everyone wants to sell you a magical anonymity router -- choose wisely. [Wired]
- 21-10-2014: What's the best way to weaken crypto? [BoingBoing] [PDF]
- 20-10-2014: Credit card breach at Staples stores. [Krebs] [BBC News] [The Register] [Ars Technica]
- 20-10-2014: GCHQ spokesperson says cyber terrorism is 'not a concer'. [Tripwire]
- 20-10-2014: Spike in malware attacks on aging ATMs. [Krebs] [Gizmodo]
- 17-10-2014: How Facebook uses leaked passwords to keep your account safe. [Gizmodo] [The Register]
- 16-10-2014: Tor Browser goes 4.0. [BoingBoing] [Tor Project]
- 16-10-2014: NSA classification ECI = Exceptionally Controlled Information. [Schneier]
- 15-10-2014: Meet the Internet's nasty new "Poodle" attack. [ReadWriteWeb] [Graham Cluley] [HardOCP] [7 News] [Google] [Ars Technica] [Wired] [The Register]
- 17-10-2014: How to protect yourself against Poodle attack. [ReadWriteWeb]
- 11-12-2014: 'Poodle’ bug returns, bites big bank sites. [Krebs]
- 29-04-2015: Barclays, Halifax and Tesco banks still vulnerable to POODLE attack. [Graham Cluley]
- 14-10-2014: It's time to enable two-step authentication on everything -- here’s how. [Gizmodo]
- 13-10-2014: With this tiny box, you can anonymize everything you do online. [Wired] [ReadWriteWeb] [THG]
- 13-10-2014: Bahraini activists hacked by their government go after UK spyware maker. [Wired]
- 12-10-2014: SEANux – a version of Linux from the Syrian Electronic Army. [Graham Cluley]
- 10-10-2014: Malware-based credit card breach at Kmart. [Krebs] [Buzzfeed] [Engadget] [Graham Cluley] [BBC News]
- 10-10-2014: Online activism and the computer fraud and abuse act. [Schneier] [BoingBoing]
- 10-10-2014: Malware analysts tell crooks to shape up and write decent code. [The Register]
- 09-10-2014: Gadgets held as evidence being remotely wiped. [BoingBoing]
- 08-10-2014: America must end its paranoid war on hackers. [Wired]
- 08-10-2014: Sir Tim Berners-Lee defends decision not to bake security into web. [The Register]
- 08-10-2014: FBI director sees progress in the US' ability to fight cyberattacks. [Engadget]
- 07-10-2014: Russian cybercrime group compromised half a million computers. [ComputerWorld]
- 07-10-2014: Monster banking Trojan botnet claims 500,000 victims. [The Register]
- 07-10-2014: Huge data leak at largest US bond insurer. [Krebs]
- 07-10-2014: FBI director says Chinese hackers are like a “drunk burglar”. [Ars Technica] [HardOCP] [CBS News]
- 06-10-2014: iPhone encryption and the return of the crypto wars. [Schneier]
- 02-10-2014: 76 million households affected by JPMorgan Chase data breach. [Gizmodo] [HardOCP] [ZDNet] [The Register]
- 02-10-2014: The unpatchable malware that infects USBs is now on the loose. [Wired] [Gizmodo] [Engadget] [BoingBoing] [ExtremeTech] [BBC News] [Graham Cluley] [HardOCP] [Schneier]
- 07-10-2014: The only fix for that terrible USB malware requires epoxy. [Gizmodo]
- 08-10-2014: Fixing the unfixable USB bug. [BoingBoing] [Wired]
- 18-11-2014: USB coding anarchy: Consider all sticks vulnerable. [The Register]
- 02-10-2014: 17,000 Macs recruited into malware botnet, with a little help from Reddit. [Graham Cluley]
- 01-10-2014: The criminal indictment that could finally hit spyware makers hard. [Wired]
- 30-09-2014: Hacked security plugin firm stored customer passwords in plaintext. [TripWire]
- 30-09-2014: A teenage hacker ring stole $100 Million in army and Xbox tech. [Gizmodo] [The Guardian] [Engadget] [HardOCP] [Stuff] [Ars Technica] [BBC News]
- 30-09-2014: How RAM scrapers work: the sneaky tools behind the latest credit card hacks. [Wired]
- 30-09-2014: Global IPv6 traffic is growing, DDoS dying, says Akamai. [The Register]
- 29-09-2014: We take your privacy and security. Seriously. [Krebs]
- 29-09-2014: CloudFlare introduces Universal SSL. [CloudFlare] [THG] [Ars Technica]
- 29-09-2014: Insider hacking a big threat for employers. [NZ Herald]
- 25-09-2014: Security tradeoffs of cloud backup. [Schneier] [Daring Fireball]
- 22-09-2014: Google’s war on spam and how encryption could finally win it – for the spammers. [ExtremeTech]
- 22-09-2014: Security for vehicle-to-vehicle communications. [Schneier]
- 19-09-2014: Millennials don’t care about mobile security, and here’s what to do about it. [Wired]
- 19-09-2014: Tor users become FBI's no.1 hacking target after legal power grab. [The Register]
- 19-09-2014: Google and Apple to introduce default encryption. [BBC News]
- 18-09-2014: The Dark Web gets darker with rise of the ‘Evolution’ drug market. [Wired]
- 18-09-2014: This new Internet security tool guards Goldman Sachs from eavesdroppers. [Wired]
- 18-09-2014: Terrible article on Vernam ciphers. [Schneier] [io9]
- 18-09-2014: US military contractors 'hit by Chinese hackers'. [BBC News]
- 17-09-2014: No evidence Snowden leaks inspired jihadists to up their crypto game. [BoingBoing] [Flashpoint Partners]
- 17-09-2014: Middle-school dropout codes clever chat program that foils NSA spying. [Wired]
- 17-09-2014: Identifying Dread Pirate Roberts. [Schneier] [Krebs]
- 15-09-2014: Several Massachusetts libraries installing Tor on all public PCs, coordinating privacy classes. [BoingBoing]
- 13-09-2014: Turning the tables on "Windows Support" scammers by compromising their PCs. [Ars Technica]
- 12-09-2014: Connected home: a next-gen botnet army? [Wired]
- 12-09-2014: CryptoLocker-style ransomware booms 700% this year. [The Register]
- 10-09-2014: Safeplug security analysis. [Schneier] [Freedom-to-Tinker] [USENIX PDF]
- 10-09-2014: Consumers worried about call centre security, new survey reveals. [Graham Cluley]
- 09-09-2014: Use home networking kit? DDoS bot is back... and it has evolved. [The Register]
- 05-09-2014: The security of password managers. [Schneier]
- 04-09-2014: Scared of brute force password attacks? Just 'GIVE UP' says Microsoft. [The Register]
- 04-09-2014: Military kill switches: a great idea that won't happen soon. [Gizmodo]
- 03-09-2014: The open source tool that lets you send encrypted emails to anyone. [Wired]
- 03-09-2014: Hackers using same tools as police to hack into iCloud accounts. [THG]
- 02-09-2014: Fake cell towers could be attacking your cellphone up to 80-90 times per hour. [THG] [Gizmodo]
- 01-09-2014: Second hacking crew joins Syrian Electronic Army on Team Assad. [The Register]
- 01-09-2014: HP: NORKS' cyber spying efforts actually a credible cyberthreat. [The Register]
- 31-08-2014: Decryptolocker saves you from the popular Cryptolocker ransomware. [Lifehacker] [Decryptolocker]
- 30-08-2014: Cyberattacks: perpetual state of siege for US companies. [Stuff]
- 29-08-2014: Improved Cryptolocker clone "Cryptowall" has locked over half a million PCs, 5 billion files. [THG] [SC Magazine]
- 29-08-2014: Kaspersky Lab “accidentally” defends monitoring of innocent internet users in online article. [Graham Cluley]
- 29-08-2014: Even Homeland Security isn't immune from hackers -- details of 25,000 workers exposed. [Collaborista]
- 29-08-2014: ISIS threatens US with terrorism. [Schneier]
- 29-08-2014: JPMorgan and other US banks get hacked. Why is Russia getting the blame? [Graham Cluley]
- 29-08-2014: The cost of DNSSEC. [Geoff Huston]
- 29-08-2014: How the internet may be taken down. [DC Knowledge]
- 28-08-2014: Mozilla left thousands of email addresses and passwords lying around - again. [HotForSecurity]
- 28-08-2014: Feds warn first responders of dangerous hacking tool: Google Search. [Ars Technica]
- 26-08-2014: Security by obscurity at Healthcare.gov site. [Schneier] [TechDirt]
- 25-08-2014: NIST to sysadmins: clean up your SSH mess. [The Register]
- 25-08-2014: The problems with PGP. [Schneier] [Cryptography Engineering]
- 25-08-2014: Sony Online Entertainment hit by 'large scale DDoS attack'. [The Register] [Engadget] [DC Knowledge] [ExtremeTech]
- 23-08-2014: Check your credit cards: that Target hack is running wild. [Gizmodo]
- 22-08-2014: UPS Store data breach – the post mortem can wait, it’s time to warn and advise the victims. [HotForSecurity]
- 21-08-2014: NSA and GCHQ agents 'leak Tor bugs' alleges developer. [BBC News] [The Register] [Engadget]
- 21-08-2014: The NSA is scaring people away from Tor. [Gizmodo]
- 21-08-2014: How hackers could mess with 911 systems and put you at risk. [Wired]
- 21-08-2014: Hacking Gmail with 92 percent success. [HardOCP] [Phys.org]
- 20-08-2014: US Air Force is focusing on cyber deception. [Schneier]
- 19-08-2014: Hacking into traffic lights with a plain old laptop is scary simple. [Gizmodo] [UoM PDF] [Schneier]
- 19-08-2014: Think crypto hides you from spooks on Facebook? Think again. [The Register]
- 18-08-2014: QUANTUM technology sold by cyberweapons arms manufacturers. [Schneier]
- 16-08-2014: Time to ditch HTTP – govt malware injection kit thrust into spotlight. [The Register]
- 14-08-2014: It's time for PGP to die, says... no, not the NSA – a US crypto prof. [The Register] [Cryptography Engineering]
- 14-08-2014: A portable router that conceals your Internet traffic. [Ars Technica] [ExtremeTech]
- 13-08-2014: Fifteen zero days found in hacker router comp romp. [The Register]
- 11-08-2014: Yahoo ads network helps hackers spread CryptoWall ransomware. [Graham Cluley]
- 11-08-2014: How to hack an aeroplane's satellite communications system. [Stuff]
- 10-08-2014: Why hackers won't be able to hijack your next flight - the facts. [The Register]
- 10-08-2014: Security experts: car hacking is real and we need to prepare. [Gizmodo] [cNet]
- 10-08-2014: Father of PGP encryption: Telcos need to get out of bed with governments. [Ars Technica]
- 10-08-2014: Hacking is simple, says author claiming role in breach of spyware firm. [Ars Technica]
- 08-08-2014: US spying brings German encryption boom. [NZ Herald]
- 07-08-2014: Hacker redirects traffic from 19 internet providers to steal Bitcoins. [Wired]
- 07-08-2014: Yahoo to join Gmail in offering users end-to-end encryption. [Forbes] [Stuff] [DailyTech] [THG] [Stuff]
- 06-08-2014: CIA insider: US should buy all security exploits, then disclose them. [Wired] [The Register] [Ars Technica] [BBC News]
- 06-08-2014: PayPal left red-faced after more security holes found in two factor authentication. [Graham Cluley]
- 06-08-2014: How to recover files from a CryptoLocker attack for free. [Graham Cluley] [The Register] [HardOCP] [BBC News] [Ars Technica] [Krebs]
- 06-08-2014: Snowden leaks spur new secure communications. [Stuff]
- 06-08-2014: Shadowy Russian hacker group hijacked 1.2 billion usernames, passwords. [Ars Technica] [Lifehacker] [NYT] [Gizmodo] [The Register] [BBC News] [Stuff] [HardOCP] [NZ Herald] [NZ Herald] [BGR] [Graham Cluley] [THG]
- 06-08-2014: Firm that exposed breach of 'billion passwords' quickly offered $120 service to find out if you're affected. [Forbes] [Graham Cluley]
- 06-08-2014: Q&A on the reported theft of 1.2B email accounts. [Krebs]
- 06-08-2014: The Russian 'hack of the century' doesn't add up. [The Verge]
- 07-08-2014: Over a billion passwords stolen? [Schneier] [BoingBoing] [The Register]
- 04-08-2014: Researcher can hack airplanes through in-flight entertainment systems. [Gizmodo] [BGR]
- 04-08-2014: Chinese government drops foreign security software. [Engadget] [DC Knowledge]
- 03-08-2014: 70% of Internet of Things devices vulnerable to hacking. [HardOCP] [Mashable]
- 02-08-2014: Terrorists embracing new Android crypto in wake of Snowden revelations. [Ars Technica]
- 01-08-2014: Gambling website Paddy Power took four years to tell 650,000 customers their data had been stolen. [Graham Cluley]
- 01-08-2014: Cyber extortionists pose growing threat to tech firms. [BBC News]
- 30-06-2014: Cryptowall ransomware: what you need to know. [Collaborista]
- 30-06-2014: How Air Force One's communications are kept private. [HardOCP] [cNet]
- 30-06-2014: London teen charged over Spamhaus mega-DDoS attacks. [The Register]
- 30-06-2014: Blackphone review. [Schneier] [Ars Technica] [BoingBoing]
- 27-06-2014: Battling the botnets. [BBC News]
- 27-06-2014: Tired of passwords? You aren't alone. [NZ Herald] [Stuff]
- 25-06-2014: World-class password fail of the day. [HardOCP] [Twitter] [Gizmodo]
- 25-06-2014: How to bypass PayPal 2FA. [Lumension] [HardOCP] [Dark Reading]
- 25-06-2014: Experts reveal police hacking methods. [NZ Herald]
- 25-06-2014: Sysadmins rejoice: patch rampage killing off nasty DDoS attack vector. [The Register]
- 24-06-2014: Got a botnet? Thinking of using it to mine Bitcoin? Don't bother. [The Register]
- 24-06-2014: Exposed: massive mobile malware network used by cops globally [The Register]
- 23-06-2014: 'Most sophisticated DDoS' ever strikes Hong Kong democracy poll. [The Register]
- 22-06-2014: Reuters website ‘hacked’ by the Syrian Electronic Army. [HotForSecurity] [Ars Technica] [The Register]
- 21-06-2014: Internet firm goes out of business after DDoS extortion attack. [WeLiveSecurity]
- 21-06-2014: DARPA: the Internet of Things needs better security. [HardOCP] [GigaOM]
- 21-06-2014: Fundraiser to support "NSA-proof" email gets off to a roaring start. [HardOCP] [VentureBeat]
- 19-06-2014: World still standing? It's been two weeks since Cryptolocker, Gameover Zeus takedown by feds. [The Register]
- 10-07-2014: Crooks seek revival of 'Gameover Zeus' botnet. [Krebs]
- 18-06-2014: Would your company pay millions to internet blackmailers? Nokia did. [F-Secure]
- 18-06-2014: State-sponsored hackers breached UK government network, claims minister. [Graham Cluley]
- 18-06-2014: Terror suspect can’t get NSA evidence gathered against him. [Ars Technica]
- 17-06-2014: New app kills the world’s scariest Android malware for free. [BGR]
- 18-06-2014: Undergrad breaks Android crypto ransomware. [Ars Technica]
- 17-06-2014: FBI arrests claims NullCrew hacker in Tennessee takedown. [The Register] [Sophos]
- 19-06-2014: Hacker taunts arrested comrade after someone drops dime to FBI. [Ars Technica]
- 17-06-2014: Story of a $10 million remote scam. [Schneier] [BoingBoing]
- 17-06-2014: GCHQ to share threat intel – and declassify secret inventions. [The Register]
- 17-06-2014: Chinese Android smartphone comes with malware pre-installed. [Graham Cluley]
- 16-06-2014: Domino’s Pizza refuses to pay ransom after customer database hacked. [WeLiveSecurity] [Stuff]
- 16-06-2014: AT&T confirms inside job responsible for customer data breach. [BGR]
- 16-06-2014: Listen to the results of our Internet spy project. [Ars Technica]
- 14-06-2014: Hacked restaurant chain goes back to the 1970s, to protect itself from hackers. [HotForSecurity]
- 13-06-2014: Apple: we’ll ‘soon’ begin encrypting iCloud email in transit between providers. [9to5Mac]
- 12-06-2014: Powerful worm on Twitter unleashes torrent of out-of-control tweets. [Ars Technica]
- 11-06-2014: Feedly refuses to give in to blackmail demands, gets hit by DDoS attack. [Graham Cluley] [Schneier] [TNW] [Ars Technica]
- 11-06-2014: Evernote cloud service brought down by denial-of-service attack. [Graham Cluley] [The Register]
- 11-06-2014: It’s official: mMalicious hackers have crappy password hygiene, too. [Ars Technica]
- 11-06-2014: Web giants encrypt their services - but leaks remain. [Ars Technica]
- 10-06-2014: Whistleblower org says it will go to jail rather than turning over its keys. [BoingBoing] [Ars Technica]
- 10-06-2014: iOS 8 randomising MAC addresses. [Schneier] [Ars Technica]
- 10-06-2014: Report: there's a new Chinese hacker army attacking the US. [Gizmodo]
- 10-06-2014: After Heartbleed, we're overreacting to bugs that aren't a big deal. [Wired]
- 10-06-2014: Chinese military tied to prolific hacking group targeting US aerospace industry. [Ars Technica]
- 10-06-2014: Crypto-boffins propose safer buddy list protocol. [The Register]
- 09-06-2014: To defeat encryption, feds deploy the subpoena. [Ars Technica]
- 09-06-2014: The man behind the biggest cyberscam the world has seen. [NZ Herald]
- 09-06-2014: Punching the clock for a darknet kingpin. [Ars Technica]
- 08-06-2014: We “will be paying no ransom,” vows town hit by Cryptowall ransom malware. [Ars Technica]
- 07-06-2014: NSA-proof server Protonet smashes crowdfunding record. [HardOCP] [IB Times]
- 07-06-2014: Crypto ransomware makes its debut on Android. [Ars Technica]
- 05-06-2014: They hack because they can. [Krebs]
- 04-06-2014: China threatens "severe" punishments for Google, Apple over NSA spying. [DailyTech]
- 06-06-2014: Microsoft tells Chinese customers it's not helping US gov't spy on them. [DailyTech] [HardOCP] [Neowin]
- 04-06-2014: UK proposes life sentences for hackers who threaten national security. [The Guardian] [BoingBoing] [Gizmodo] [HotForSecurity]
- 03-06-2014: Remember Anna Kournikova? Come with us on a tour of bug-squishing history. [The Register]
- 02-06-2014: ‘Operation Tovar’ targets ‘Gameover’ ZeuS botnet, CryptoLocker scourge. [Krebs] [Graham Cluley] [BBC News] [Graham Cluley]
- 16-06-2014: Police tell UK public they have only hours to combat GameOver Zeus malware. [Graham Cluley]
- 02-06-2014: Chinese hacking of the US. [Schneier]
- 30-05-2014: Google, Amazon among tech companies trying to prevent the next Heartbleed. [BGR]
- 29-05-2014: Iranian hackers set up fake news website, and posed as journalists on Facebook to spy on United States and others. [HotForSecurity] [Stuff] [BoingBoing] [The Register]
- 29-05-2014: Cyber crims smash through Windows into the great beyond. [The Register]
- 28-05-2014: Police at the door? Hit the PANIC button to erase your RAM. [The Register]
- 28-05-2014: TrueCrypt's web site updates with ominous warning, details unknown. [Lifehacker] [The Register] [Ars Technica] [BoingBoing] [Krebs] [Graham Cluley] [Schneier] [Engadget]
- 29-05-2014: TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead. [The Register]
- 29-05-2014: Snowden's crypto software may be tainted forever. [Wired]
- 29-05-2014: Security enthusiasts may revive encryption tool after mystery shutdown. [Reuters]
- 30-05-2014: Bombshell TrueCrypt advisory: Backdoor? Hack? Hoax? None of the above? [Ars Technica]
- 30-05-2014: The mystery of TrueCrypt's disappearance. [HardOCP] [TechArp]
- 30-05-2014: TrueCrypt security audit presses on, despite developers jumping ship. [Ars Technica]
- 03-06-2014: TrueCrypt “must not die”. [Graham Cluley] [The Register]
- 11-06-2014: Troubled Truecrypt the only option for S3, but Amazon stays silent. [The Register]
- 16-06-2014: Did TrueCrypt’s developers embed a hidden Latin message for us all? [Graham Cluley] [BoingBoing] [Live Business Chat]
- 17-06-2014: TrueCrypt – a matter of assurance. [Graham Cluley]
- 20-06-2014: Following TrueCrypt’s bombshell advisory, developer says fork is “impossible”. [Ars Technica]
- 28-05-2014: Backdoor in call monitoring, surveillance gear. [Krebs] [The Register] [Schneier]
- 27-05-2014: Inside the FBI's fight against Chinese cyber-espionage. [Foreign Policy]
- 27-05-2014: China cites US for “unscrupulous” spying, wants IBM out of banks. [Ars Technica] [NZ Herald]
- 28-05-2014: That Snowden chap was spot on says China. [The Register]
- 26-05-2014: 128-bit crypto scheme allegedly cracked in two hours. [The Register]
- 25-05-2014: Fake key e-mails, win a $25M court case. [Ars Technica]
- 24-05-2014: US gov may block Chinese nationals from Defcon hacker event. [BoingBoing] [Reuters] [Ars Technica] [Engadget]
- 21-05-2014: Hackers broke into a public utility control room by guessing a password. [Gizmodo]
- 21-05-2014: eBay urges password changes after breach. [Krebs]
- 21-05-2014: Why is eBay burying news of its security breach from its millions of web visitors? [Graham Cluley]
- 23-05-2014: After the breach: eBay’s flawed password reset leaves much to be desired. [Ars Technica]
- 23-05-2014: eBay faces investigations over massive data breach. [BBC News] [The Register]
- 24-05-2014: Security breach at eBay a reminder of damage cyber criminals can wreak. [NZ Herald]
- 27-05-2014: It took eBay a *long* time to tell me to change my password. [Graham Cluley]
- 27-05-2014: eBay thought user data was safe, but 145 million accounts were compromised in massive hack. [BGR]
- 31-05-2014: College student finds another eBay security flaw. [HardOCP] [Digital Trends]
- 22-09-2014: eBay XSS password-stealing security hole “existed for months”. [Graham Cluley]
- 21-05-2014: The NSA is not made of magic. [Schneier]
- 21-05-2014: You’ll never guess the critical resource the FBI needs to successfully fight cyber crimes. [BGR]
- 21-05-2014: Why you should ditch Adobe Shockwave. [Krebs]
- 21-05-2014: Study: 97% of companies using network defenses get hacked anyway. [Ars Technica]
- 20-05-2014: All of .mil TLD is down. [Reddit]
- 19-05-2014: US charges China with cyber-spying on American firms. [NBC News] [NZ Herald] [Stuff] [HotForSecurity]
- 19-05-2014: US cyber-thief gets 20-year jail term. [BBC News] [HotForSecurity]
- 16-05-2014: Encrypted web traffic more than doubles after NSA revelations. [Wired] [TorrentFreak]
- 16-05-2014: Crypto-guru slams 'NSA-proof' tech, says today's crypto is strong enough. [The Register]
- 15-05-2014: Photos of an NSA “upgrade” factory show Cisco router getting implant. [Ars Technica] [Gizmodo] [Reddit] [SiliconBeat] [BoingBoing] [HardOCP] [Engadget]
- 13-05-2014: US Government has overreached, and should not interfere with the lawful delivery of our products. [Cisco]
- 18-05-2014: In letter to Obama, Cisco CEO complains about NSA allegations. [re/code] [The Register] [BBC News] [Stuff]
- 21-05-2014: NSA’s hardware tampering may alter global product flow. [DC Knowledge]
- 23-05-2014: China responds to NSA tampering with network gear vetting process. [Ars Technica]
- 14-05-2014: New Al-Qaeda encryption software. [Schneier]
- 14-05-2014: IETF plans to NSA-proof all future internet protocols. [The Register]
- 13-05-2014: New Zealand requires network operators to register with cops, give spies oversight of their network ops. [BoingBoing] [ITnews] [Reddit] [BoingBoing]
- 12-05-2014: NSA sabotaged exported US-made routers with backdoors. [BoingBoing] [The Guardian] [The Register] [Ars Technica] [BGR] [Reddit]
- 12-05-2014: Significant portion of HTTPS Web connections made by forged certificates. [Ars Technica] [BoingBoing] [Schneier]
- 08-05-2014: Net tech bods at IETF mull anti-NSA crypto-key swaps in future SSL. [The Register]
- 07-05-2014: Network admin allegedly hacked navy -- while on an aircraft carrier. [Wired] [Ars Technica]
- 21-05-2014: Navy sailor pleads guilty to hacking from an aircraft carrier. [Engadget]
- 07-05-2014: How a whitehat hacked a university and became an FBI target. [Ars Technica]
- 06-05-2014: Dropbox users leak tax returns, mortgage applications and more. [Graham Cluley]
- 06-05-2014: Dropbox told about vulnerability in November 2013, only fixed it when the media showed interest. [Graham Cluley] [The Register] [BGR]
- 05-05-2014: “Pavlovian password management” aims to change sloppy habits. [Ars Technica]
- 02-05-2014: Security flaw found in OAuth and OpenID, here's what it means for you. [Lifehacker] [cNet] [BGR] [HardOCP] [The Inquirer] [The Register]
- 02-05-2014: Script fools n00b hackers into hacking themselves. [The Register]
- 30-04-2014: Security guru: You can't blame Snowden for making US clouds look leaky. [The Register]
- 28-04-2014: A new pencil-and-paper encryption algorithm. [Schneier] [IACR: PDF]
- 25-04-2014: Spy back doors? That would be suicide, says Huawei. [The Register]
- 24-04-2014: 87% of electronic spying is conducted by governments, with cyber espionage accounting for 22% of data breaches. [The Drum]
- 23-04-2014: NSA's spying won't impact Huawei's growth. [DailyTech]
- 23-04-2014: State of the Hack: 43% of all DDoS attacks in Q4 originated in China. [BGR]
- 23-04-2014: The security of various programming languages. [Schneier] [Help Net Security]
- 17-04-2014: It's time to encrypt the entire Internet. [HardOCP] [Wired]
- 15-04-2014: Detecting criminal gangs using mobile phone data. [HardOCP] [MIT Technology Review]
- 15-04-2014: After Heartbleed, why forward secrecy is more important than ever. [ReadWriteWeb]
- 10-04-2014: US Army compares new hacker school to "the birth of the Air Force". [Gizmodo]
- 09-04-2014: Internet security: Cyber-criminals more cunning in attacks. [NZ Herald]
- 08-04-2014: Symantec sees new era of "Mega Breaches". [GeekZone] [Symantec] [Voxy]
- 07-04-2014: Vint Cerf wanted to make internet secure from the start, but secrecy prevented it. [The Register]
- 07-04-2014: The Great Hash Bakeoff: Infosec bods cook up next-gen crypto. [The Register]
- 04-04-2014: New “unbreakable” encryption is inspired by your insides. [Gizmodo]
- 08-04-2014: "Unbreakable" encryption almost certainly isn't. [Schneier]
- 03-04-2014: US states investigating breach at Experian. [Krebs]
- 03-04-2014: Your files held hostage by CryptoDefense? Don't pay up! The decryption key is on your hard drive. [The Register]
- 02-04-2014: Android botnet targets Middle East banks. [Krebs]
- 02-04-2014: The phantom NSA-RSA backdoor that never was. [The Register]
- 01-04-2014: Hackers can now create fake traffic jams. [Gizmodo]
- 31-03-2014: NSA infiltrated RSA security more deeply than thought - study. [Reuters] [Ars Technica] [Engadget] [Stuff]
- 31-03-2014: Cyber Emergency Response Team launched by UK. [BBC News] [The Register]
- 31-03-2014: China's CERT blames US for a THIRD of all attacks on Middle Kingdom PCs. [The Register] [Graham Cluley]
- 30-04-2014: Google: 84% of online news sites hacked by governments. [HardOCP] [The Inquirer]
- 28-03-2014: State-sponsored hackers are attacking news outlets on a massive scale. [Engadget]
- 27-03-2014: DDoS traffic triples as 20Gbps becomes the new normal. [The Register]
- 25-03-2014: Forget black hats – the best hackers are going grey and getting legit. [The Register]
- 25-03-2014: When gov’t spies fake your company’s website, what can be done? [Ars Technica]
- 22-03-2014: Targeting Huawei: NSA spied on Chinese government and networking firm. [Der Spiegel] [Gizmodo] [Ars Technica] [DailyTech] [The Register] [BoingBoing] [NYT] [Schneier] [Engadget]
- 24-03-2014: China wants answers following revelations about NSA's Huawei spying. [DailyTech]
- 27-03-2014: How a Chinese tech firm became the NSA's surveillance nightmare. [Wired]
- 29-03-2014: Huawei on NSA: If foreign spies attacked a US firm, there’d be “outrage”. [Ars Technica]
- 18-03-2014: Over 500,000 PCs attacked every day after 25,000 UNIX servers hijacked by Operation Windigo. [WeLiveSecurity]
- 17-03-2014: NATO hit in cyber attack linked to Crimea. [Stuff] [Graham Cluley]
- 17-03-2014: UK holds cyberwar game in WW2 bunker. [Stuff]
- 16-03-2014: Who is winning the 'crypto-war'? [BBC News]
- 15-03-2014: Kremlin gets DDoS’d by Anonymous Caucasus. [Ars Technica] [HardOCP]
- 12-03-2014: Attackers trick 162,000 WordPress sites into launching DDoS attack. [Ars Technica] [Graham Cluley]
- 09-03-2014: Want someone to click on your targeted attack? Disguise it as a LinkedIn message. [Graham Cluley]
- 06-03-2014: Even HTTPS can leak your PRIVATE browsing. [The Register] [Ars Technica]
- 06-03-2014: DDoS attacks get bigger, smarter, more damaging. [Stuff]
- 05-03-2014: Botnet built using freely-available cloud services. [HardOCP] [Dark Reading]
- 02-03-2014: Anti-virus firm finds alleged Kremlin cyberweapon, undetected for at least three years. [Graham Cluley] [The Register]
- 28-02-2014: Report from Trustycon: like RSA, but without the corruption. [BoingBoing] [cNet] [NYT]
- 01-03-2014: Trustycon: how to redesign NSA surveillance to catch more criminals and spy on a lot fewer people. [BoingBoing] [YouTube]
- 28-02-2014: Government-built malware running out of control, F-Secure claims. [The Register]
- 27-02-2014: Was the iOS SSL flaw deliberate? [Schneier]
- 26-02-2014: DDoSing a cell phone network. [Schneier]
- 25-02-2014: Chinese water tortuer: a slow drip DNS DDoS attack. [Secure64]
- 24-02-2014: Syria war stirs new US debate on cyberattacks. [NYT]
- 20-02-2014: Iranians hacked Navy network for four months? Not a surprise. [Ars Technica]
- 18-02-2014: The Moon router worm -- your AV has probably been updated to detect it, but won’t protect you. [Graham Cluley] [Krebs]
- 15-02-2014: Making NSA-style spying harder, CloudFlare offers more robust Web crypto. [Ars Technica]
- 14-02-2014: South Korea shuns Huawei over fears that it spies on the US. [Engadget]
- 14-02-2014: Forbes website hacked by the SEA. [Graham Cluley] [ReCode]
- 17-02-2014: SEA slurps a MILLION reader passwords from Forbes [The Register]
- 12-02-2014: White House unveils guidelines for protecting critical systems against cyber attacks. [Engadget] [White House] [HardOCP] [The Register]
- 12-02-2014: Japan weathered a record 12.8 billion cyberattacks in 2013. [Hexus]
- 12-02-2014: Bitcoin exchanges hit by DoS attacks. [ReadWriteWeb]
- 12-02-2014: Five arrested in Utopia dark net marketplace crackdown. [BBC News]
- 11-02-2014: Europe shrugs off largest DDoS attack yet, traffic tops 400Gbps. [The Register] [BGR] [Ars Technica] [InformationWeek]
- 14-02-2014: The new normal: 200-400Gbps DDoS attacks. [Krebs]
- 11-02-2014: Huge hack 'ugly sign of future' for internet threats. [BBC News]
- 10-02-2014: The NSA's secret role in the US assassination programme. [The Intercept]
- 06-02-2014: DARPA begins work on self-destructing electronics. [ExtremeTech]
- 06-02-2014: DDoS attacks against data centers on the rise. [Network Computing]
- 06-02-2014: SEA meddle - briefly - with Facebook's domain. [Graham Cluley]
- 06-02-2014: When Syrian hackers attacked, Facebook’s bacon was saved by security measures. [Graham Cluley]
- 06-02-2014: Syrian Electronic Army: We hijacked Facebook... honest, guv. [The Register]
- 05-02-2014: Somebody attacked an electrical substation in California last year. This should make you concerned. [BoingBoing] [Gizmodo]
- 04-02-2014: Revolutionary new cryptography tool could make software unhackable. [ExtremeTech]
- 03-02-2014: Want to email people without the FBI reading it? Try Safe-mail. [BGR]
- 03-02-2014: NSA, GCHQ, accused of hacking Belgian smartcard crypto guru. [The Register] [Graham Cluley] [Schneier]
- 31-01-2014: Mass hack attack on Yahoo Mail accounts prompts password reset. [Ars Technica] [GottaBeMobile] [NZ Herald] [Stuff] [Graham Cluley] [BBC News]
- 30-01-2014: Give hackers your data, says former RSA man. [The Register]
- 29-01-2014: Latest encryption trick to thwart hackers is as sweet as Honey. [BGR] [Gizmodo]
- 29-01-2014: Microsoft to Australian government: our kit has no back doors. [The Register]
- 28-01-2014: New smartphone malware tracks your swipes to steal your PIN. [BGR]
- 27-01-2014: FBI seized the entire TorMail database in Freedom Hosting investigation. [Wired] [Ars Technica] [Gizmodo] [The Register] [BoingBoing] [BGR]
- 27-01-2014: After Snowden: How vulnerable is the internet? [BBC News]
- 24-01-2014: CNN website, Twitter and Facebook hijacked by SEA. [Graham Cluley]
- 02-02-2014: Syrian Electronic Army hackers embarrass PayPal UK by displaying anti-US message. [Graham Cluley]
- 24-01-2014: Ex-NSA guru builds $4m encrypted email biz - but its nemesis right now is control-C, control-V. [The Register]
- 23-01-2014: CrowdStrike report says cyberspooks are everywhere. [The Register]
- 23-01-2014: Hack most likely not the reason Chinese traffic bombarded US addresses. [Ars Technica]
- 22-01-2014: Researchers say they see Russian hackers’ hands in cyber espionage against Western energy interests. [The Switch]
- 21-01-2014: NSA surveillance revives calls for an all-encrypted Internet. [Network Computing]
- 21-01-2014: EFF claims Vietnam targeted its staff with spear phishing attack. [The Register]
- 21-01-2014: F-Secure's Hypponen leads RSA refuseniks to NSA-free infosec chatfest. [The Register] [BoingBoing] [TechWeek] [Ars Technica]
- 27-01-2014: TrustyCon rises from the NSA/RSA ashes and sells out. [CSO]
- 21-01-2014: Internet users ditch “password” as password, upgrade to “123456”. [Ars Technica] [BGR]
- 24-01-2014: Companies look to end password era. [Stuff]
- 18-01-2014: UK's security branch says Ubuntu most secure end-user OS. [HardOCP] [ZDNet]
- 17-01-2014: PowerLocker uses Blowfish. [Schneier] [Ars Technica]
- 16-01-2014: The Internet of Things has been hacked. [ReadWriteWeb]
- 16-01-2014: DDoS attacks abusing NTP flood the web. [Juniper] [Network Computing] [Schneier] [THG]
- 21-01-2014: Don't be a DDoS dummy: Patch your NTP servers, plead infosec bods. [The Register]
- 18-02-2014: This is what it looks like when your router participates in an NTP DDoS attack. [Reddit]
- 18-02-2014: What would it take to filter a NTP attack? [Reddit]
- 16-01-2014: Huawei dismisses NSA backdoor claims as profits soar. [The Register]
- 15-01-2014: Microsoft confirms SEA hacked into employee email accounts. [The Verge]
- 15-01-2014: SEA has its *own* website hacked. [Graham Cluley] [The Register]
- 14-01-2014: Research finds security holes in 90% of top mobile banking apps. [BGR]
- 14-01-2014: New DoS attacks taking down game sites deliver crippling 100Gbps floods. [Ars Technica]
- 12-01-2014: More well-known U.S. retailers victims of cyber attacks - sources. [Reuters] [Gizmodo] [Ars Technica] [BGR]
- 10-01-2014: Senior execs are the biggest risk to IT security. [BoingBoing] [Help Net Security]
- 09-01-2014: When the FBI asks you to weaken your security so it can spy on your users. [BoingBoing] [PCMag]
- 09-01-2014: Cicada 3301: The dark net treasure trail reopens. [BBC News]
- 09-01-2014: DoS attacks that took down big game sites abused Web’s time-synch protocol. [Ars Technica]
- 09-01-2014: Hackers use Amazon cloud to scrape mass number of LinkedIn member profiles. [Ars Technica] [The Register]
- 08-01-2014: NSA employee will continue to co-chair influential crypto standards group. [Ars Technica] [The Register]
- 06-01-2014: US backdoored our satellites, claim UAE. [The Register]
- 05-01-2014: Malware strikes thousands of Yahoo users via poisoned adverts. [Graham Cluley] [The Register]
- 03-01-2014: Gaping admin access holes found in SoHo routers from Linksys, Netgear and others. [NakedSecurity]
- 02-01-2014: CryptoLocker creeps lure victims with fake Adobe, Microsoft activation codes. [The Register] [Graham Cluley]
- 02-01-2014: "Military style" raid on California power station. [Schneier] [Foreign Policy]
- 02-01-2014: Skype’s Twitter, Facebook, and blog hacked by SEA demanding an end to spying. [TNW] [BBC News] [Graham Cluley] [NZ Herald] [Ars Technica] [GottaBeMobile]
- 03-01-2014: Microsoft tweets advice about phishing, but too late to save Skype. [Graham Cluley]
- 01-01-2014: Hackers claim to reveal millions of Snapchat usernames and phone numbers. [Graham Cluley] [BoingBoing] [DailyTech] [BGR] [Gizmodo] [The Verge] [TNW] [NZ Herald] [BBC News] [Stuff] [The Register]
|