security

Back in July, Dropbox usernames and passwords were compromised via third-party Web sites. As a result, Dropbox said it would work on adding more security features to help keep accounts safe. Almost a month later, the company's delivered an extra feature that you'll need to enable on your own: two-step verification.

For each new device you use to access the Dropbox Web site or service, you'll need to enter your current password and a security code using this new method. This code can be sent to you via SMS or be generated by a mobile authenticator app. … Read more

SHENZHEN, China --Chen Lifang is a bit flummoxed.

Chen is a board member and senior vice president at Huawei, the giant telecommunications gear maker based here. She's digesting news that broke a day earlier that the U.S. House Intelligence Committee has increased the pressure it's putting on the company to disclose details about its ties to the Chinese government. The bombshell came in the form of a letter, released to the media, from the committee's chairman and the ranking Democrat to Huawei founder and Chairman Ren Zhengfei.

Really, the letter was more of an 11-page laundry … Read more

Earlier this month, news surfaced that iPhones were more susceptible to spoofed SMS messages and phishing attempts via text, and now it seems the vulnerability is more or less exclusive to iOS.

That's according to research from mobile security firm AdaptiveMobile, which says it may be harder to spot spoofed texts and phishing attacks on the iPhone than on other mobile OSes. At issue is the fact that iOS displays the "reply to" number for received texts, which can be modified to make it appear as if a text message originated from a different number than it … Read more

The 2013 updates to the Kaspersky protection suites bring to consumers some of the most advanced security technology currently available. It involves introducing an exploit prevention engine as part of the security suite, but also a Safe Money banking protection tool that you can interact directly with. The suite's scans aren't the fastest, but it definitely will protect you.

Installation Installing Kaspersky has been dramatically simplified over the past two years. Following on 2012's fuss-free install, the installer for 2013 will remove conflicting security programs and any detected malware automatically.

You're still on the hook for … Read more

A safer way to conduct online transactions and a new exploit blocker are the keystones to Kaspersky Lab's 2013 security suites, the company announced today.

The major new feature that's in both Kaspersky Internet Security 2013 (download exclusively from Download.com today) and Kaspersky Anti-Virus 2013 (download) is the exploit blocking engine called Automatic Exploit Prevention. It's a response to the increase in the number of phishing attacks and includes an anti-phishing engine -- similar to the antivirus and anti-malware engines -- that updates daily.

Roel Schouwenberg, a senior antivirus researcher at Kaspersky and founding member of … Read more

The U.S. Department of Homeland Security has issued an alert warning that hackers could exploit code in Siemens-owned technology to attack power plants and other national critical infrastructure.

Security researcher Justin Clarke exposed the flaw at a Los Angeles conference last week, claiming he discovered a way of spying on encrypted traffic in hardware owned by a Siemens subsidiary, RuggedCom.

The DHS advisory noted: "An attacker may use the key to create malicious communication to a RuggedCom network device."

DHS added that the government department was in contact with RuggedCom and the researcher in order to … Read more

The U.S. Department of Justice has taken aim at three sites that allegedly pirated Android apps.

According to the Justice Department, it seized three Web sites -- applanet.net, appbucket.net, and snappzmarket.com -- that were allegedly offering copies of copyrighted Android apps. It marked the first time that sites were seized over allegedly pirating copyrighted mobile apps.

The Federal Bureau of Investigation conducted the sting operation by downloading "thousands of copies of popularity copyright apps" from the sites, the Justice Department said. The agency didn't specify the apps, but the servers hosting them were … Read more

Google plans to shut down Postini, the e-mail security and archiving product it acquired in 2007, shifting users over to Google Apps next year.

The Web announced the transition today, saying that it has spent the last year building Postini's features into Google Apps for Business, a professional suite, and Google Apps Vault, an e-mail archiving and discovery service.

"With this transition to Google Apps, you can receive similar email security, protection, and archiving, but through the more robust Google Apps service," Google said in a company blog post. "Google Apps also works with mail servers … Read more

A Russian court Web site has been defaced following a verdict that saw the members of the all-female punk-rock band Pussy Riot sentenced to two years in jail.

The Khamovnichesky District Court was hacked today by a group claiming to be affiliated with the U.S. branch of Anonymous. The site uploaded a message in Russian saying that it doesn't "forget" or "forgive." The group also posted a Pussy Riot song, called "Putin Is Lighting the Fires of the Revolution," and video of Bulgarian singer Aziz.

The BBC was first to report on … Read more