A collection of notable security news items for the week ending October 17, 2014. Covers enterprise, controversies, reports and more.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Patches are released for Mavericks, Mountain Lion, OS X Server and iTunes. A fix for the POODLE bug is included where appropriate. Most of the bugs are old ones in iTunes.
Apple's and Google's encryption plans have not gone down well with US law enforcement, and the agency's director says the companies are leading us down a dark path.
The social media giant has doubled reward levels for developers who point out flaws in the firm's advertising code.
At times of crises like POODLE, Heartbleed and Shellshock, a good network IPS often provides effective protection long before it's practical to have systems patched.
The Drupal 7 core is vulnerable to a "Highly Critical" SQL injection bug that could allow an attacker to compromise the site.
Intel Data Protection Technology for Transactions encrypts transaction data from end to end, even from card readers.
If Dropbox is correct that the Pastebin file of passwords were all reused from other services then they are innocent. The users involved are guilty of laziness.
A total of 24 vulnerabilities, many severe and a few being exploited in the wild, have been revealed and patched.
If you believe that you have "nothing to hide" from the prying eyes of the NSA, you shouldn't mind letting a stranger rifle through your bank statements, emails, and photos — right?