Don't-Miss Security Stories

ios security

Apple lays out what it can tell law enforcement about you

Worried about what data the police could get their hands on from your iPhone and iCloud accounts? Much--but not all--of it is safe from prying eyes, says Apple.

Reading List: The iPad can get some (satisfaction)

Siri lets potential hackers view your contact list, the iPad rebounds in Tim Cook's favorite metric, and Apple's retail presence is not to be denied.

Reading List: Buying and selling

Apple has made another acquisition, may be planning a new push to get iPhone users to upgrade, and isn't really making headphones with health sensors (probably).

AOL traces mystery spam flood to security breach; passwords and more stolen

E-mail addresses and encrypted passwords compromised for oughly 2 percent of accounts, AOL says.

on pcworld.com

Mozilla to strengthen SSL certificate verification in Firefox

The software maker will pay US$10,000 for any critical vulnerability found in its new certificate verification code

on pcworld.com

Mac OS X

Apple users put at risk by 3-week delay between OS X and iOS patches, researchers say

IOS users were kept vulnerable for three weeks to known security issues previously patched in Safari for OS X, a former Apple employee said.

Apple releases Heartbleed fix for AirPort Base Stations

Apple on Tuesday released a fix for a bug related to the Heartbleed OpenSSL bug, though it cautioned that only certain models were affected and no passwords were disclosed.

Mysterious 'Unflod' malware steals Apple credentials from jailbroken iOS devices

Some iOS users found a malicious library of unknown origin on their jailbroken devices

laciestore

LaCie warns hackers may have customer info, credit cards after year-long breach

For almost an entire year beginning in March 2013, malicious attackers may have been harvesting customer information including credit card data, LaCie says.

Report: NSA secretly exploited devastating Heartbleed bug for years (Update: NSA denies)

News of the Heartbleed bug has brought the Web to its knees, and Bloomberg says the NSA has been exploiting it for at least two years.

on pcworld.com

Apple says iOS, OSX and 'key web services' not affected by Heartbleed security flaw

recode.net

A company spokesperson confirmed to Re/code that none of its web services use the OpenSSL software which is at the center of the security uproar.

heartbleed bug

Healing Heartbleed: LastPass offers automated checker, major sites admit vulnerability

As the list of major sites hit by Heartbleed grows, LastPass is helping its users figure out which accounts need password changes.

on pcworld.com