Researchers discover a method to disable the webcam indicator light on some Apple MacBook models to surreptitiously spy on users. The President’s panel recommends some changes for the NSA.

The launch code for the US nuclear arsenal was set to 00000000 for almost 20 years. A French government ministry used an intermediate certificate authority to create a man-in-the-middle attack to pretend to be Google.

Twitter enables Forward Secrecy for users. The Pony botnet captures a lot of passwords.

Following the lead of Google, Yahoo! begins encrypting its fiber connections between data centers. The website for the Affordable Care Act, Healthcare,gov, has some security issues.

Facebook determines which users have the same password as on the compromised Adobe site and warns them. A watering hole attack uses an IE 0-day vulnerability to inject a malicious payload directly into memory.

BadBIOS? Is it real, imagined, or a hoax? The NSA is tapping the fiber connecting the data centers of Google and Yahoo!

The EFF provides ten steps to avoid Internet surveillance. Several major corporations are owned in the DEFCON Social Engineering Capture the Flag contest.

Apple’s iCloud and Two-Factor Authentication have some issues discovered. A dispute leads to court-ordered seizures due to use of the term “hacker”.

Matthew Green looks to fund a project to audit Truecrypt in light of recent NSA revelations. Cryptolocker is some nasty ransomware.

A leaked presentation from Edward Snowden reveals that the NSA thinks that Tor stinks. Microsoft is recycling old email addresses just like Yahoo!

Kids in the LA Unified School District break the security on school-issued iPads. Circle Security, a privacy software company, is moving away from government-approved crypto algorithms.

We review some previous subjects to see what has happened lately. We look at Oracle’s Java security issues, Yahoo! recycling email addresses, and the iPhone 5s fingerprint sensor.

Apple’s iPhone 5S includes a fingerprint reader in the home button.

Through revelations from Edward Snowden, the National Security Agency (NSA) has intentionally weakened cryptography products, acquired private keys, and built systems to brute force attack encrypted data.

We have a discussion on password complexity, length, and the applications that use passwords. Apple Mac OS X and iOS have a bug in CoreText that causes crashes with a specific Arabic text string of six characters.

Two US-based email providers close their doors or shut their email services due to issues with the NSA and the PATRIOT Act. A security researcher convinces Facebook’s security team that he found a bug by publicly exploiting the problem on Mark Zuckerberg’s TImeline.

We look at some interesting revelations from Blackhat and DEFCON.

The FBI may used malware to attack Tor to find criminals. Twitter has overhauled its two-factor authentication system.

We take a look at a variety of security breaches in the news lately.

The Apple Developer web site was hacked by one of its own developers. Tumblr for iOS had a security issue that exposed user passwords.

A vulnerability is discovered in the Android package contents verification. Trading in 0-day exploits is big business.

Club Nintendo has more than 15m password guessing attempts and almost 24k account compromised. One type of system in the Emergency Alert System has known SSH private key for root.

We talked about a variety of privacy tools available to avoid NSA monitoring.

Facebook reports on a bug that leaked private information on 6 million users. Microsoft starts a bug bounty program with some sizable payouts.

Yahoo! has decided to clean up and release old, unused accounts. The Food and Drug Administration is providing security guidance for medical devices.