Don't-Miss Security Stories

AOL traces mystery spam flood to security breach; passwords and more stolen

E-mail addresses and encrypted passwords compromised for oughly 2 percent of accounts, AOL says.

on pcworld.com

Mozilla to strengthen SSL certificate verification in Firefox

The software maker will pay US$10,000 for any critical vulnerability found in its new certificate verification code

on pcworld.com

Mac OS X

Apple users put at risk by 3-week delay between OS X and iOS patches, researchers say

IOS users were kept vulnerable for three weeks to known security issues previously patched in Safari for OS X, a former Apple employee said.

Apple releases Heartbleed fix for AirPort Base Stations

Apple on Tuesday released a fix for a bug related to the Heartbleed OpenSSL bug, though it cautioned that only certain models were affected and no passwords were disclosed.

Mysterious 'Unflod' malware steals Apple credentials from jailbroken iOS devices

Some iOS users found a malicious library of unknown origin on their jailbroken devices

laciestore

LaCie warns hackers may have customer info, credit cards after year-long breach

For almost an entire year beginning in March 2013, malicious attackers may have been harvesting customer information including credit card data, LaCie says.

Report: NSA secretly exploited devastating Heartbleed bug for years (Update: NSA denies)

News of the Heartbleed bug has brought the Web to its knees, and Bloomberg says the NSA has been exploiting it for at least two years.

on pcworld.com

Apple says iOS, OSX and 'key web services' not affected by Heartbleed security flaw

recode.net

A company spokesperson confirmed to Re/code that none of its web services use the OpenSSL software which is at the center of the security uproar.

heartbleed bug

Healing Heartbleed: LastPass offers automated checker, major sites admit vulnerability

As the list of major sites hit by Heartbleed grows, LastPass is helping its users figure out which accounts need password changes.

on pcworld.com

Adobe patches a critical flaw in Flash Player and AIR shown at Pwn2Own contest

Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.

on pcworld.com

heartbleed bug

Critical OpenSSL 'Heartbleed' bug puts encrypted communications at risk

Administrators are advised to patch and revoke old private keys

on pcworld.com

Reading List: Inactivation lock, iAds for the masses, a penny earned

An iOS 7 bug could interfere with Activation Lock, iAds are now open to all and sundry, and Apple announces its next quarterly conference call.