Don't-Miss Security Stories

Mysterious 'Unflod' malware steals Apple credentials from jailbroken iOS devices

Some iOS users found a malicious library of unknown origin on their jailbroken devices

laciestore

LaCie warns hackers may have customer info, credit cards after year-long breach

For almost an entire year beginning in March 2013, malicious attackers may have been harvesting customer information including credit card data, LaCie says.

Report: NSA secretly exploited devastating Heartbleed bug for years (Update: NSA denies)

News of the Heartbleed bug has brought the Web to its knees, and Bloomberg says the NSA has been exploiting it for at least two years.

on pcworld.com

Apple says iOS, OSX and 'key web services' not affected by Heartbleed security flaw

recode.net

A company spokesperson confirmed to Re/code that none of its web services use the OpenSSL software which is at the center of the security uproar.

heartbleed bug

Healing Heartbleed: LastPass offers automated checker, major sites admit vulnerability

As the list of major sites hit by Heartbleed grows, LastPass is helping its users figure out which accounts need password changes.

on pcworld.com

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.

on pcworld.com

heartbleed bug

Critical OpenSSL 'Heartbleed' bug puts encrypted communications at risk

Administrators are advised to patch and revoke old private keys

on pcworld.com

Reading List: Inactivation lock, iAds for the masses, a penny earned

An iOS 7 bug could interfere with Activation Lock, iAds are now open to all and sundry, and Apple announces its next quarterly conference call.

Fake Tor app has been sitting in Apple's App Store for months, Tor Project says

Apple has not removed the fake app so far despite being notified in December, Tor developers say

on pcworld.com

EA Games site hacked to steal Apple IDs

The attackers sought credentials and other personal information through a phishing scheme, researchers said

google drive 600w

Phishing campaign targets Google Docs, Drive users

A fake login page looks legitimate since it is served up by Google over SSL, Symantec said

on pcworld.com

snowden sxsw

Edward Snowden at SXSW: The NSA is setting fire to the future of the Internet

"It's the makers, thinks, and the development community" that can help protect your data from a surveillance dragnet, the NSA whistleblower said via video at a South by Southwest panel

on techhive.com

Comixology app

ComiXology realizes it was hacked, requires password reset for all users

Digital comic service says usernames, e-mails and passwords were stolen.

on techhive.com

Protecting your iCloud keychain from snooping

tidbits.com

Frequent Macworld contributor Rich Mogull has pored over Apple's recently released security documents and summarized the impressive safeguards that go into the company's keychain syncing service and how to secure it even further.

ios security

Five things you should know about iOS security

Digital keys galore, synchronized hardware encryption, and extreme paranoia are just some of the more exciting ingredients that keep your mobile data safe from prying eyes, whether on your device or in the cloud.