Countdown to chaos: Top 10 security stories of 2013

[Matt]

10. Apple iOS 6.1.3 fix contains another lock screen bypass flaw

An Apple iOS software fix was designed to repair a nasty bug that let unauthorized users bypass the lock screen for iPhones and iPads — and access user data. Good idea, except it contained yet another major flaw.

9. Mega users: If you're hacked once, you're hacked for life

Pessimists, or perhaps realists, in the security industry say that being hacked is a matter of when, not if. But if you're a user of Kim Dotcom's Mega site, do whatever you can to make sure you're never hacked, because you can't change your password and you can't delete your account.

8. Hacker, activist Aaron Swartz commits suicide

Aaron Swartz, Reddit co-founder, was dedicated to sharing data and information online. He worked tirelessly to develop and popularize standards for free and open information sharing.

7. The real story in the NSA scandal is the collapse of journalism

If the NSA scandal, which exposed the US government for spying on its citizens, wasn't enough, media sources trying to pin down the big scoop couldn't get the story straight. Details, details.

6. CISPA passes U.S. House: Death of the Fourth Amendment?

The Cyber Intelligence Sharing and Protection Act would allow private-sector firms to search personal and sensitive user data of ordinary U.S. residents to identify "threat information", which can then be shared with other opt-in firms and the U.S. government — without the need for a court-ordered warrant.

Described as "misguided" and "fatally flawed" by the two largest US privacy groups, CISPA is considered a threat to the online privacy of ordinary US residents.

5. Homeland Security warns to disable Java amid zero-day flaw

The US Department of Homeland Security was the latest body to warn users to disable Java software amid escalating concerns over a serious, exploitable vulnerability.

4. Anonymous posts over 4,000 U.S. bank executive credentials

Anonymous appears to have published login and private information from over 4,000 American bank executive credentials its Operation Last Resort, demanding US computer crime law reform.

3. How to disable Java in your browser on Windows, Mac

Amid a serious security flaw in the latest version of Java 7, there's one way to make sure it doesn't affect you. Disable it.

Oracle released an emergency fix for Java over the weekend. However, security professionals say that this measure doesn't go far enough.

2. Anger mounts after Facebook's 'shadow profiles' leak in bug

Facebook said it fixed a bug that exposed contact info for over 6 million accounts. The admission revealed its "shadow profile" data collection activities, and users are furious.

1. Feds stumbling after Anonymous launches 'Operation Last Resort'

Hacktivist group Anonymous took control of the U.S. Sentencing Commission website Friday, January 25, in a new campaign called "Operation Last Resort".

Sursa Zdnet.Com