A broad study of equipment firmware found poor security practices are rife, with weaknesses presenting new opportunities for hackers to exploit the emerging 'Internet of Things'. Seemingly confirming their fears, a hacking contest found 15 new router vulnerabilities while others warned that the emergence of the 'Heartbleed' OpenSSL bug this year highlighted more severe underlying issues in hardware design.
Working as a chief trust officer has given Bob West a new perspective on the conversations security companies are having with customers – and his experience so far has convinced him that a growing number of companies are going to find value in appointing board-level executives to act as data-security liaisons between customers and the executive.
Advocates of heavily instrumented 'smart city' infrastructure are acutely aware of the legacy left by insecure SCADA control systems and are instrumenting modern industrial-control networks with a higher degree of security, according to smart-cities architect Silver Spring Networks.
A type of malware called Reveton, which falsely warns users they've broken the law and demands payment of a fine, has been upgraded with powerful password stealing functions, according to Avast.
Nuclear Regulatory Commission employees were tricked into disclosing passwords and downloading malware in three phishing attacks that occurred over a three-year period.
According to a blog post from TrustedSec, an information security consultancy in Ohio, the breach at Community Health Systems (CHS) is the result of attackers targeting a flaw OpenSSL, CVE-2014-0160, better known as Heartbleed.
An analysis by security researchers of 48,000 extensions for Google's Chrome browser uncovered many that are used for fraud and data theft, actions that are mostly undetectable to regular users.
The project behind Tor, the online anonymity network, has a long, expensive and tricky road ahead before its browser bundle offers users the best defence against attacks from police and spy agencies.
University and vendor researchers are congregating in San Diego this week at USENIX Security '14 to share the latest findings in security and privacy, and here are 5 that jumped out to me as being particularly interesting.
The data breach at Community Health Systems that exposed the personal information on more than 4.5 million people is a symptom of the chronic lack of attention to patient data security and privacy within the healthcare industry.
Nearly all of Facebook's outbound notification emails are now encrypted while traveling the Internet, a collaborative feat that comes from the technology industry's push to thwart the NSA's spying programs.
Most technology pros charged with maintaining compliance at tightly regulated healthcare, retail and financial organisations admit they are failing.
Tax-preparation firm H&R Block has used a digital signature-based solution to streamline the process of bringing on additional tax specialists to help it through its busiest season – the third calendar quarter of the year, when the company will process more than 750,000 tax returns.
Data breaches have compromised nearly seven million UK credit and debit cards over the last three years, with breached businesses each paying out almost a million in forensic and remediation costs, payments processor Worldpay has calculated.
Companies should consider intensifying employee training to combat the increasing craftiness of phishers who are working harder to obtain personal details on targets in order to trap them in scams.
Many SME employees retain alarming levels of access to critical business applications after they've stopped working for a company, a survey for cloud services firm Intermedia has claimed.
Symantec will consolidate its cluttered Norton line of security software, folding nine products into one online service that can be used across desktop computers and mobile devices.
The theft of personal data on 4.5 million patients of Community Health Systems by hackers in China highlights the increasing degree to which hospitals are becoming lucrative targets for information theft.
A senior U.S. senator is asking airlines about their data privacy practices, saying he's concerned about what information the companies are collecting and sharing with third parties.
About 4.5 million people in 28 states face the risk of identity theft due to a massive data breach at Community Health Systems (CHS) a Franklin, Tenn., based health network.
Sign up now »
Reduce complexity and increase trust for public cloud service providers and their customers.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.