A collection of notable security news items for the week ending November 21, 2014. Covers enterprise, controversies, reports and more.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
What scams and schemes do you need to watch out for during the holiday season?
The Masque bug that affects iOS apps has the potential to steal data from legitimate sources, due to a lack of encryption in apps across the board.
Because the last thing you want is a potentially hostile country controlling the light switches in America from half the world away.
The new free certificate authority is a great idea, as far as it goes. Should Symantec and the other big CAs be worried? Probably not.
According to Verisign, DDoS attacks going beyond 10Gbps continue to rise, causing a headache for the enterprise.
The human rights group says the new anti-surveillance tool is a 'strike back' against governments that have overextended their reach.
The Windows KDC didn't properly validate parts of Kerberos tickets. It may be possible for admins to detect if they have been exploited.
The latest stable version of Chrome removes the source of the POODLE bug and SSLv3 support will be out altogether over time. The Canary version disparages implementations not up to standards.
The top security threats of 2014 include equal parts old mistakes, new adversaries, innocent human nature and the evils that people do.