Financial services firms plan to increase spending on cyber defences this year, as more become aware of the risks to the sector.
Oracle has issued a comprehensive list of its software that may or may not be affected by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.
Seagate-owned LaCie fessed up on Tuesday to a major security breach that put sensitive customer information at risk for nearly a year. The hard drive and peripheral storage maker isn't sure what information has been compromised; however, the company says the list may include customer names, email addresses, credit card numbers, and card expiration dates.
Just days before Microsoft retired Windows XP from public support, the company drastically reduced the price of custom support agreements that give large companies and government agencies another year of XP patches, experts reported today.
Privacy is at a premium. Whether it's the NSA, a hacker cabal, or corporate marketers, someone is looking over your shoulder every time you use your PC.
On Wednesday, the Ponemon Institute released the results of a new study conducted for DB Networks. In it, 65 percent of the respondents said that they've experienced one or more SQL Injection attacks in the last 12 months. In addition, each incident took an average of 140 days to discover, and 68 days to fix the issue.
A think tank opinion piece that claims the threat from the Heartbleed bug is overblown has sparked a debate among researchers over the seriousness of the OpenSSL flaw.
It took just four days for German researchers to trick the Samsung Galaxy S5's fingerprint scanner into accepting a mold of a fingerprint instead of a real finger.
Telecom operator Telefónica has launched the first mobile ad-exchange platform to use the operator's customer demographics and real-time location data to serve targeted mobile ads, the company said on Wednesday.
International conflicts such as the current tensions over Ukraine could stand in the way of global cooperation on cybersecurity, according to the founder of Kaspersky Lab.
In the race to protect themselves from the Heartbleed vulnerability, enterprises could be opening themselves up to new attacks if they aren't careful.
The Heartbleed Bug disclosed by the OpenSSL group on April 7 has sent many vendors scurrying to patch their products and that includes security firms Symantec, Intel Security's McAfee division, and Kaspersky Lab.
US bank JP Morgan has increased its budget for cyber security in reaction to an "unprecedented" threat faced in the past two years.
During a week in which everyone seemed to be searching for answers amid revelations of the Heartbleed bug, several universities and their partners announced new efforts to explore IT security advances.
The first round of results are in, and so far TrueCrypt, the popular open-source encryption program, has a relatively clean bill of health. Security firm iSec Partners recently carried out the first phase of the TrueCrypt audit on behalf of the Open Crypto Audit Project (OCAP).
VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.
The source code of TrueCrypt, a popular disk encryption tool, is not the most polished work of programming, but it has no critical flaws or intentional backdoors, security testers concluded in a report released Monday.
Microsoft may have ended support for Windows XP, but free antivirus software vendor Avast projects that for millions of users, that won't mean squat.
The number of domains registered to carry out phishing attacks broke all records in the second half of 2013 and yet a huge proportion of this type of fraud can now be explained by a single country, China.
The Heartbleed flaw has claimed its first big-name victim with the hugely popular British Mumsnet site admitting that cyber-thieves have exploited the bug to compromise an unknown number of if its 1.5 million user accounts.
Sign up now »
Get powerful mobile security capabilities, and protect the data the various mobile devices inside your organization.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.