Oops! Washington state disposes of old computers without wiping medical records, tax forms and other confidential information

Medical records. Social Security Numbers. Employee performance evaluations. Those were just some of the confidential records found on old computers that several agencies in Washington state were sending to surplus, violating policies for properly wiping computer hard drives, according to a new report from the Auditor’s Office. “With the right knowledge of data retrieval, the confidential information… Read More


Amazon, Facebook, Google and other tech companies deploy fixes for ‘Heartbleed’ bug

Amazon Web Services has rolled out fixes for several of its online services to address the “Heartbleed” vulnerability that has roiled the Internet this week with reports that hackers can use the flaw to access account information and passwords. It’s one of many technology companies that have been scrambling to roll out updates to fix the… Read More


IronBox wants to make email encryption seamless

While revelations from Edward Snowden and others have led to people worrying about the security of their digital correspondence, actually securing email is a harder task. Many of the tools that have been created for that purpose can be difficult to use, or hard to understand. IronBox wants to help. The Redmond-based security startup announced… Read More


National security expert Richard Clarke to advise Seattle big data startup Context Relevant

Seattle big data startup Context Relevant has struck a partnership with Richard Clarke’s cybersecurity consulting firm Good Harbor Security Risk Management. As part of the deal, Clarke, the former counterterrorism chief in the Bill Clinton and George W. Bush administrations, is joining the company’s advisory board. “Cybersecurity is both a national security and an economic challenge… Read More


Hack attack prompts massive password reset for Yahoo Mail

Yahoo reported today that hackers have attempted a coordinated attack on a number of Yahoo Mail accounts. According to the company’s blog post, Yahoo believes that the attack was caused by attackers trying to use credentials stolen from a third-party to gain access to users’ mail accounts. Once inside, the software the attackers used was… Read More


Syrian Electronic Army may have stolen government data requests, Microsoft says

All of a sudden, the Syrian Electronic Army’s attacks on Microsoft have become a lot more than just a minor nuisance. The group of hackers loyal to Syrian President Bashar al-Assad has stolen documents relating to government data requests, Adrienne Hall, Microsoft’s Trustworthy Computing Group General Manager, wrote in a blog post. According to the… Read More

(photo by Ralf Roletschek via Wikimedia Commons)

The weakest link in data privacy is, well, you

Happy Data Privacy Day! The first round of credit card numbers is on me! Yes, this Tuesday, Jan. 28 really is Data Privacy Day in the U.S. and Canada, commemorating the 1981 signing of Convention 108, an international treaty dealing with privacy and data protection. (In Europe, where it originated, it’s known as Data Protection… Read More


Syrian Electronic Army hits Microsoft…again

It’s a bad month to be one of Microsoft’s social media properties. For who missed it. #SEA — SyrianElectronicArmy (@Official_SEA16) January 11, 2014 The Syrian Electronic Army managed to take over the company’s @MSFTnews and @Xbox Twitter handles, as well as the Official Microsoft Blog for a short time today. The attack comes a… Read More

Target Chairman and CEO Gregg Steinhafel

Target security breach encompasses 70 million

Target revealed today that the massive security breach that hit 40 million customers’ credit and debit cards also encompasses the personal information of 70 million people. As a part of its investigation into the breach, the retailer said that the attackers who stole millions of credit cards also got email addresses, phone numbers, names and… Read More


Steam, Origin and others taken down in latest attacks against gaming services

Valve’s Steam platform, Activision Blizzard’s and EA’s Origin storefront were all brought down last night by Distributed Denial-of-Service attacks — as an ongoing campaign by digital miscreants started earlier this week continued, leaving players and developers in the lurch. We've directed the Gaben Laser Beam™ @ the EA login servers. Origin #offline — DERP… Read More

Brad Smith, Microsoft general counsel

Here’s what Microsoft plans to do about government surveillance

Microsoft is battening down the hatches when it comes to protecting its customers against government surveillance. In a blog post published tonight, Brad Smith, Microsoft’s General Counsel, laid out the company’s plans for dealing with governments that want to get a hold of its users’ data. First and foremost, Microsoft now considers government surveillance to… Read More


Seattle hospital discloses malware attack that exposes 90,000 patient records

Personal information of about 90,000 patients of Harborview Medical Center and University of Washington Medical Center was exposed after a malware incident last month. UW Medicine, an umbrella organization that oversees Harborview and regional health clinics, disclosed the data breach in a press release this week, noting that it occurred after an employee opened an email… Read More


It’s time to kill the password — before it kills us

It’s time to shoot the password. And multiple screens are the trigger. I had this epiphany when wrestling with one Rhapsody music service on two devices using three pieces of software. Firing up the Rhapsody Android smartphone app, I unexpectedly was prompted for my password. Okay, I figured, the app had been updated and needed… Read More

Forensics Lab

Microsoft’s Internet cops get high-tech, high-security HQ

Not every tech company has its own evidence room and forensics lab. And not every police station has a giant touch-screen display. The worlds of technology and criminal investigation are colliding in a new “Cybercrime Center” on Microsoft’s Redmond campus, home to investigators, researchers and engineers who battle botnets and other online threats around the world…. Read More


Microsoft will patch zero-day IE vulnerability Tuesday

As a part of tomorrow’s Patch Tuesday, Microsoft will be patching a zero-day vulnerability that the internet’s nefarious elements have been using to attack users of Internet Explorer. The vulnerability, known as “CVE-2013-3918,” was first spotted by security researchers at FireEye last Friday, and has been used to infect computers that access a compromised website… Read More