Top 10 Stories

Softpedia: After examining the password policies of the top 100 e-commerce websites in France and the United States, Dashlane has also reviewed the most popular sites in the United Kingdom. Internet users will often set weak passwords such as “123456” or “password” because they’re easy to remember. The worst part is that they use the same password for all their online accounts.  

IT Pro: Eugene Kaspersky, CEO of Kaspersky Lab. You'd be hard pushed to find a more bubbly, cheerful and occasionally explosive presenter on the depressing, inescapable and often implausible field of cyber security. Then again, I guess he should be pretty jolly, since he’s in the business of plugging the leaks, Wiki or otherwise, in companies and home-user . Kaspersky was presenting at this year’s CeBIT exhibition, in Hannover. Or rather, he was presenting in one of...

CIO Insight: In the wake of the news that Target's profit fell more than 40 percent during the fourth quarter of 2013, due in large part to a data breach that affected up to 110 million customers, CIO Insight interviewed Eric Cole, a SANS Institute Faculty Fellow and the head of SANS's Cyber Defense Foundations program, about the Target breach, how the retailer's lack of a chief security officer (CSO) might have affected the incident's...

IB Times: A security flaw with WordPress has been exploited by hackers to turn over 162,000 legitimate websites into tools to carry out widespread distributed denial of service (DDoS) attacks. The criminal botnet was discovered by security firm Sucuri when a popular website run by one client went offline because of a DDoS attack - a method used by cyber-criminals to send vast amounts of data requests to a website's servers that cause the site...

SC Magazine: Mt. Gox CEO Mark Karpeles lied when he said that the former world's biggest Bitcoin exchange – which filed for bankruptcy protection in the U.S. on Sunday and in Japan on Feb. 28 – had been relieved of 850,000 Bitcoins by hackers, according to the alleged hackers themselves. “We stole no bitcoins,” the alleged miscreants wrote on Karpeles' hacked and defaced blog on Sunday, which was posted on Pastebin not long after. “There were none to steal.”...

Net Security: Pinterest has joined the ranks of Internet companies who publish a bi-annual transparency report by issuing one covering the six months from July to December 2013. "Every company that stores information - from banks to phone companies to email providers - must respond to requests for that information from folks like law enforcement agencies, courts, and others. We think it’s important that you know about these requests," commented Adam Barton, a project manager at...

SC Magazine: Following on from high-profile attacks against US retailers Target, Nieman Marcus and Michaels Stores, McAfee Labs examined how many data breaches are being caused by relatively basic malware, often brought “off-the-shelf” on the black market. “The breaches were unprecedented in numbers of records stolen, but what is even more notable is how well the malware industry served its customers,” reads the executive summary from the report. “The attackers purchased off-the-shelf point-of-sale malware, they...

The Hacker News: Pop Singer Justin Bieber's Twitter account hacked for around 15 minutes before it was corrected! The Twitter account with 50.2 Million Followers was compromised i.e. Twitter account with the second most Twitter followers. Spammers tweeted in Indonesian language from his hacked account with the links to a malicious twitter app named "ShootingStarPro", and messages reading “Justin Bieber Cemberut?”, means - "Justin Bieber sullen?"  

Register: Twitter has killed a bug that had allowed some stalkers on the micro-blogging site to view protected tweets via SMS or push notifications. It has taken the company four months to fix the flaw, which affected the selectively shared accounts of 93,788 users on the service.  

Threatpost: Apple has fixed a slew of vulnerabilities that could lead to code execution on the iPhone, along with a number of other security vulnerabilities in the latest version of its mobile operating system, iOS 7.1. The new release comes just a little more than two weeks after Apple released iOS 7.06 to fix the SSL certificate validation error. Unlike that release, which fixed just the one vulnerability, significant though it was, iOS 7.1 is a major security...