Online real-time strategy game League of Legends, from Riot Games, is the latest large web property to own up to a data breach.
There's a silver lining, namely that the company's notification is frank and helpful, stating clearly what was stolen, and what wasn't.
Microsoft has now gone public with additional information about the certificate forgery in the Flame malware. The attackers used an MD5 collision.
Learn more about hash collisions, and how to avoid them in your own IT environment.
Last weekend, Chronic Dev tweeted about the latest jailbreak tool for Apple's iDevices. In just two days, nearly one million people used it.
With such clear minority interest in jailbreaking, what should Apple do next?
Breaking into a browser isn't as easy as it was a few years ago. Back then, many browsers ran as a single monolithic process which could be leapt in a single bound.
That's unusual these days, so this is a hacking story of considerable derring-do.
You might not yet have heard of Wikipedia GLAM. It's a project targeting galleries, libraries, archives and museums, aimed at "improving Wikipedia's coverage of topics related to the cultural sector".
Intriguingly, GLAM has just notched up its first Wikipedia Town.
SSCC 91 - Utah explains data breach, Facebook hacker jailed, FlashBack removal for Leopard, Pentagon expands data sharing
This week's Chet Chat returns to our usual news format this week with guest Gary Korhonen (@hundredaire). Gary and Chet discuss the Utah data breach, Facebook hacker's prison term, OS X Leopard's FlashBack removal tool, Pentagon data sharing and Operation Phish Phry sentencing.
A recently-patched bug in the widely-used sudo command makes for interesting reading.
The patch reminds us of some important points in security-related programming.
Penetration testing is a valuable but tool but can quickly get expensive. Focusing on testing the right things in the right manner is key to getting the best bang for your buck.
Apple's latest update to iOS just came out.
Version 5.1.1 is more than just a cosmetic fix: it patches at least three security flaws, all of which should be considered serious.
Chester Wisniewski and Paul Ducklin chat about the security issues surrounding Apple's new iTunes security, knowledge-based authentication, Mac malware and Google's fine from the FCC.
Flaming Retort is back, this time trying to Coole and Explayne the flames we've had from some Mac users in the past few days.
In a back-to-front way of making Mac fans feel better, I'll start by making everyone feel slightly worse, taking a small potshot at Windows, OS X and Linux fans alike.
BSides Austin - Security tools for the cloud, password storage, GoogleTV hacks, card key hacking and how to get ahead in IT
There were lots of fantastic presentations at BSides Austin last week, here are a few of our favorites.
A new version of the Mac OS X Sabpab Trojan horse has come to light, and rather than relying upon a Java vulnerability - it appears to be exploiting malformed Word documents instead.
A summary of talks from BSides Austin including the Verizon Data Breach Investigation Report, the state of cloud security and the importance of high quality random numbers in cryptography.
Microsoft released six patches for eleven vulnerabilities today for Windows, Office, SQL and other products. Adobe also updated their Reader app to fix four vulnerabilities that can be exploited by malicious PDF files.
David Schwartzberg is this week's guest on the Chet Chat to talk about the data breach at Global Payments, a new Mac botnet and Flash Player updating. David also explained the new AES-NI encryption acceleration in Intel chips and a new way to safely store files in the cloud.
Planning some activities this Easter? Perhaps buying some Easter eggs? Maybe hand decorating some eggs?
Before you go searching for tips, take a read of this post which highlights how seemingly innocent search terms can lead to malware.