News Bytes

IEEE Computer Society shares top security design flaws

The group's Center for Secure Design released a report detailing how to avoid common design flaws.

FTC seeks public comment on adult verification company AgeCheq

Under the agency's COPPA ruling, website that collect personal information on its young users must receive parental consent before doing so.

Experts discover variant of BIFROSE backdoor in targeted attack

A variant of the BIFROSE backdoor which is more evasive than its predecessor has been discovered by experts.

Apple health app protocol bars developers from selling user info

Under its new protocol, app developers are prohibited from selling users' personal health information.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach goes undisclosed

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.

At 10 years old, NetTraveler works much the same, few changes

Researchers at Kaspersky Labs analyzed the evolution, slight as it might be, of the NetTraveler toolkit.

Microsoft reissues problematic update

The MS14-045 update caused some users' systems to crash, and in response, Microsoft pulled the update.

PCI Council urges retailers to defend against Backoff POS attacks

The warning comes soon after the Secret Service and DHS issues a warning on the threat.

Racing Post website SQL injection attack compromises 677K accounts

The website of Racing Post was hit by a SQL injection attack in October 2013, enabling an attacker to access a database including information on 677,335 customers.

Sign up to our newsletters