Don't-Miss Security Stories

computer security keyboard lock

Private I: Trust and verify for network certificate roots

Google spotted an unauthorized use of a certificate that validates a web site’s identity, and that’s a good thing.

security hole in fence clouds gap opening

FREAKish apps still have security holes

Apple patched iOS and OS X, but apps can still be vulnerable due to Apple's limited update policy.

hack security malware

Hundreds of Android and iOS apps are still vulnerable to FREAK attacks

FireEye's findings highlight how even serious software flaws can take a long time to get fixed

password

Why Yahoo's new on-demand password system is no two-factor authentication killer

The new authentication option offers better security than static passwords, but it's not as strong as two-step verification

Yahoo wants to kill the password one text message at a time

Forget biometrics, Yahoo wants to kill the password with text messages.

warning sign

Don't FREAK out about the latest security warnings

FREAK is last week's worry, but installing untrusted applications is a perennial worry. It's a two-fer (or two-fear) in this column, about security issues new and old.

Snowden docs show CIA's attempts to hack Apple devices

Documents leaked by Edward Snowden detail how the CIA repeatedly tried to crack the security in Mac OS X and iOS applications.

hack security malware

Apple secures Safari against FREAK attacks

Apple has patched the FREAK flaw in both OS X and iOS, issuing updates for both operating systems to protect users of its Safari browser.

b of a apple pay

Fraud comes to headlines about Apple Pay

The problem lies with the banks, but there are things you can do to stay alert.

hack security malware

FREAK is another serious flaw in the Web's encryption

US export restrictions on encryption technology from the 1990s have come back to haunt the modern Web.

cybersecurity

China defends cybersecurity back door demands as Obama protests

Proposed security rules from China would demand U.S. tech companies hand over sensitive technology to the country's government.

fake icloud

iPhone theft victims tricked into unlocking devices

Victims are lured through text messages to a fake iCloud login page

qualcomm sense id

Sense ID is Qualcomm's ultrasonic answer to Apple's Touch ID

'Sense ID' promises to detect fingerprints through metal and glass, and encourages damp fingers.