- AT&T hacker Weev released from prison after appeals court overturns conviction
- Symantec draws new security picture
- Confirmed: hackers can use Heartbleed to steal private SSL keys
- Heartbleed panic drives flood of enquiries to Symantec's Melbourne CA
- Rising security threat should motivate better employee support: Symantec
Did the National Security Agency trick RSA, the security division of EMC, into including a crypto algorithm that was really an NSA cyber-espionage backdoor into the RSA BSAFE toolkit in order to propagate it through tech industry products?
Controversial crypto technology known as Dual EC DRBG, thought to be a backdoor for the National Security Agency, ended up in some Cisco products as part of their code libraries. But Cisco says they cannot be used because it chose other crypto as an operational default which can't be changed.
The U.S. Congress must act quickly on legislation that would make electronic data collection efforts by the U.S. National Security Agency more public, a group of tech firms, civil liberties groups and other organizations said Monday.
The chief sponsor of the Cyber Intelligence Sharing and Protection Act (CISPA) in the U.S. Congress has ignited a Twitter storm by suggesting many opponents of the proposed cyberthreat sharing bill are 14-year-olds in basements.
The Cyber Intelligence Sharing and Protection Act (CISPA), a controversial cyberthreat information-sharing bill, will be debated on the floor of the U.S. House of Representatives this week, despite continued opposition from some privacy and digital rights advocates.
Leaders of the tech sector laud the Obama administration's rollout of voluntary cybersecurity guidelines, but broader private-sector adoption could remain a challenge.
Sign up now »
Think your endpoints are secure? Think again. Learn why Trend Micro can help.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.