Dan Goodin / Security Editor

Email

[email protected]

Twitter

Google Profile

Feeds

Dan Goodin is Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, and hardware hacking. A journalist with more than 15 years experience, he has been chronicling the exploits of white-hat, grey-hat and black-hat hackers since 2005 as a reporter for the Associated Press and later, The Register. He has a Bachelors Degree in English from the University of Massachusetts and a Masters of Journalism from UC Berkeley. In his spare time, he enjoys gardening, cooking, and following the independent music scene. To send Dan encrypted e-mail, his public key is here.

Recent stories by Dan Goodin

Incensing critics, Google engineer ends push for crypto-only setting in Allo

Updated personal blog post deletes comments that were cited by Google critics.

by Dan Goodin - May 20, 2016 9:30 pm UTC

129
Foul-mouthed worm takes control of wireless ISPs around the globe

Active attack targets Internet-connected radios from Ubiquiti Networks.

by Dan Goodin - May 19, 2016 8:14 pm UTC

45
Then there were 117 million. LinkedIn password breach much bigger than thought

With a pricetag of $2,200, the new haul came from a 2012 breach.

by Dan Goodin - May 18, 2016 3:10 pm UTC

58
At the cost of security everywhere, Google dorking is still a thing

With a handful of Web searches, you too can be a hacker.

by Dan Goodin - May 17, 2016 8:24 pm UTC

101
That time a patient’s heart procedure was interrupted by a virus scan

Securing computers has never been easy. It's especially hard in hospitals.

by Dan Goodin - May 16, 2016 5:58 pm UTC

107
Breach of Nulled.io crime forum could cause a world of pain for members

Dump exposes users' private messages, IPs, e-mail addresses, and password data.

by Dan Goodin - May 13, 2016 7:08 pm UTC

48
Old habits die hard

Dozens of companies found open to SAP bug patched years ago

Dangerous Invoker servlet function was disabled in 2010, but it lives on.

by Dan Goodin - May 12, 2016 12:41 am UTC

21
THE REPRIEVE IS OVER

No more get-out-of-jail-free card for CryptXXX ransomware victims

Victims have few options for recovering data other than paying $500 fee.

by Dan Goodin - May 11, 2016 3:31 pm UTC

59
KEEP CALM AND PATCH

Microsoft and Adobe warn of separate zero-day vulnerabilities under attack

Exploits exist for both bugs and allow for remote code execution.

by Dan Goodin - May 10, 2016 11:59 pm UTC

74
Feds probe mobile phone industry over the sad state of security updates

FCC and FTC coordinate probe of OS developers, hardware makers, and carriers.

by Dan Goodin - May 10, 2016 8:55 pm UTC

124
How a security pro’s ill-advised hack of a Florida elections site backfired

Whistleblowing is overshadowed when SQL injection gives way to unauthorized access.

by Dan Goodin - May 10, 2016 12:37 am UTC

80
Exploits gone wild: Hackers target critical image-processing bug

Vulnerability in ImageMagick allows attackers to execute malicious code.

by Dan Goodin - May 9, 2016 6:40 pm UTC

42
Garbage in, garbage out: Why Ars ignored this week’s massive password breach

When a script kiddie sells 272 million accounts for $1, be very, very skeptical.

by Dan Goodin - May 7, 2016 12:13 am UTC

108
Critical Qualcomm security bug leaves many phones open to attack

Fix still isn't available for most users, and many will probably never get it.

by Dan Goodin - May 5, 2016 6:40 pm UTC

121
Huge number of sites imperiled by critical image-processing vulnerability [Updated]

Attack code exploiting critical ImageMagick vulnerability expected within hours.

by Dan Goodin - May 4, 2016 7:54 pm UTC

78
BUH-BYE!

Microsoft to retire support for SHA1 certificates in the next 4 months

The lock icon will be gone by summer; sites using SHA1 to be blocked come January.

by Dan Goodin - May 4, 2016 4:13 pm UTC

18

← Older Stories