- Today's Approach to Security is Broken
- Google introduces Chrome 'factory reset' pop-ups to tackle extensions hijacks
- Fake-police ransomware reaches Australia
- Review: Linux Security Distributions
- Microsoft confirms HTTP Strict Transport Security for IE 12
Security researchers have found that many satellite communication systems have vulnerabilities and design flaws that can let remote attackers intercept, manipulate, block and in some cases take full control of critical communications.
Cybercriminals have started using a sophisticated Android Trojan app designed for e-banking fraud to target Facebook users, possibly in an attempt to bypass the two-factor authentication protection on the social network.
Canadian police have arrested a 19-year-old man for allegedly using the Heartbleed bug to steal data about taxpayers.
On Wednesday, the Ponemon Institute released the results of a new study conducted for DB Networks. In it, 65 percent of the respondents said that they've experienced one or more SQL Injection attacks in the last 12 months. In addition, each incident took an average of 140 days to discover, and 68 days to fix the issue.
It took just four days for German researchers to trick the Samsung Galaxy S5's fingerprint scanner into accepting a mold of a fingerprint instead of a real finger.
Don doesn't need to keep other people off his PC. He asked me how he could skip the logon screen and boot directly into Windows without a password.
Apple's App Store, Google's Play store and other app stores are packed with apps that can compromise your security and privacy without you ever knowing anything bad happened. What's a mobile app user to do?
Developers being overly trusting is one of them.
Securing a hybrid cloud is not the same thing as deploying hybrid security products.
Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet
An assessment of the information security department shows that it has a lot of growing up to do yet.
Sign up now »
Reduce complexity and increase trust for public cloud service providers and their customers.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.