Robert Lemos

When emails leaked from surveillance tools vendor Hacking Team hinted at a critical vulnerability in Microsoft’s Silverlight multimedia player, researchers at security firm Kaspersky Lab wondered if they would be able to find a way to catch an attacker exploiting the flaw. Turns out they could. On Jan. 12, Microsoft patched a critical vulnerability in […]

Ransomware, Cyber-Spying Among Top Security Trends to Watch We look at 10 trends–from rising ransomware incidents to malware-less attacks from nation-states–that will likely play a pivotal role in security this year. Companies Will Find Ways to Deal With Shortage of Security Pros Demand for security pros will continue to rise. A tremendous shortage of professionals […]

Computer education in public schools, lightly enforced computer crime laws, and a deep divide between the haves and the have-nots have resulted in a vibrant cyber-criminal underground in Brazil, causing significant troubles for Latin American law enforcement agencies, according to research published on Jan. 5 by security firm Trend Micro. The report, part of a […]

The mystery surrounding two backdoors in Juniper’s virtual private networking (VPN) products—and whether one of them may have originated with a U.S. intelligence agency—has added fuel to the debate surrounding government access to communications and data. On Dec. 17, Juniper announced that an internal code review had revealed that two backdoors had been added to […]

Companies that have BitTorrent running inside their networks are more likely to have systems infected with malware and other signs of a breach, according to a study of more than 30,000 companies conducted by security firm BitSight. BitTorrent is not the cause of the issues although applications and games downloaded through the service often carry […]

A security researcher gained access to a database holding information on millions of users of the often-criticized MacKeeper Mac OS X utility program, after a simple Internet search highlighted the developer’s misconfigured MongoDB server, developer Kromtech acknowledged on Dec. 14. Researcher Chris Vickery notified the firm after he used the Shodan port-scanning service to find […]

It has not been a good year for children’s privacy. On Nov. 14, digital thieves breached two services at toy maker VTech, compromising the company’s Learning Lodge app store and Kid Connect servers and accessing information on more than 6.3 million kids and their 4.8 million parents. While parents’ accounts included names, email and IP […]

A Belgium court ruled in November that Facebook must stop setting cookies for visitors who do not have an account on the social network. Now, four more European countries have made the same demand. On Dec. 3, Facebook complied with the Belgian court order and warned that non-members would not receive a specific cookie—known as […]

A dozen health care insurance firms that cover 60 percent of the U.S. population took part in CyberRX 2.0, a cyber exercise aimed at evaluating the organizations’ response and minimizing the impact of a data breach, participants said on Dec. 4. The exercise simulated an attack that attempted to profit from the submission of forged […]

Developers have botched encryption in seven out of eight Android apps and 80 percent of iOS apps, according to Veracode’s State of Software Security report. PHP—and less popular Web development languages ColdFusion and Classic ASP—are the riskiest programming languages for the Web, while Java and .NET are safest, according to the Veracode report. The report, […]