Anne Saita

A Canadian college student was expelled after reporting a vulnerability in the school’s Web site that potentially exposed private data on more than 250,000 students.The high-achieving computer science major, Hamed Al-Khabaz and another student, Ovidiu Mija, in November were developing a mobile app using Omnivox Web portal software when they discovered “sloppy coding” that could lead to a major data breach. Ominvox is used at hundreds of Canadian campuses, including theirs at Montreal’s Dawson College.

Google is looking at a number of hardware-based authentication mechanisms to bypass one of security’s biggest vulnerabilities: the written password.

A Maine-based company announced Thursday it fired an otherwise exemplary employee who dowloaded medical data onto a jump drive and then lost the device while traveling between Salt Lake City, Denver and Washington, D.C.

At least 100 restaurants’ customers are at risk of credit and debit card fraud after a U.S. fast food chain announced it’s found data-swiping malware on some of its franchises’ computer hard drives.

During the past three months, unnamed malware infected two power plants’ control systems using unprotected USB drives as an attack vector. At both companies, a lack of basic security controls made it much easier for the malicious code to reach critical networks.

A 24-year-old Algerian man remains in a Thai jail awaiting extradition to the United States, where he is suspected of masterminding more than $100 million in global bank heists using the ZeuS and SpyEye Trojans.Malaysian authorities believe they’ve apprehended the hacker Hamza Bendelladj, who they say has been jetsetting around the world using millions of dollars stolen online from various banks. He was arrested at a Bangkok airport enroute from Malaysia to Egypt.

A hacker, or possibly group, that’s issued terrorists threats using remotely controlled computers in Japan remains at large despite a rare 3 million yen bounty and continuous games with media and police.