From the attack on privacy and Cryptolocker to Eric Snowden and the NSA, it's been a challenging year
The latest round of monthly patches from Microsoft illustrates the need for organizations to move from older versions of Microsoft software if they haven't done so already.
A third-party advertising framework integrated in hundreds of Android apps contains a vulnerability that could allow hackers to steal sensitive information from users' phones, according to security researchers from antivirus firm Bitdefender.
No matter how valiant the efforts of chief security officers, or how much businesses say they focus on securing their systems, or the amount of money spent on IT defenses -- many of the same IT security challenges persist.
Horizon Blue Cross Blue Shield of New Jersey (BCBSNJ) said on Friday that nearly 840,000 member that their information my be at risk, after two employee laptops were stolen in November.
An industry consortium featuring some of the biggest names in technology – including Google, Microsoft, Facebook and Reddit – is urging the Obama Administration to support a major overhaul of laws governing electronic surveillance.
Hackers of likely Chinese origin infiltrated computers belonging to the foreign affairs ministries of five unnamed European countries ahead of the G20 Summit in September, according to security researchers at FireEye.
Symantec has downsized their Managed Security Services portfolio, ending support for the managed firewall and managed endpoint offerings. S
Google has revoked trust for a digital certificate for several of its domains that was apparently mistakenly signed by a French Government intermediate certificate authority (CA) as part of a security program for France’s Ministry of Treasury.
Trustwave's SpiderLabs researchers have found a piece of malware that collects data entered into Web-based forms, pretending to be a module for Microsoft's Internet Information Services (IIS) web-hosting software.
Sometimes, it feels like the only way to have a private conversation these days is to plan for a clandestine meeting out in the desert.
Eight of the largest U.S. Internet companies are formally urging the White House and Congress to rein in surveillance by the National Security Agency, a move at least one privacy advocate says will add pressure on Congress to further restrict NSA activity.
A Russian-speaking group is advertising "bulletproof" hosting for cybercriminals from data centers in Syria and Lebanon, an apparent effort to place new services in locales where Western law enforcement has little influence.
As Bitcoin's popularity grows, so does talk about its standing as legal tender, but there are lingering issues that need to be sorted out before people start using Bitcoin to buy everyday things, experts said on Monday.
The ubiquitous warnings about online shopping risks are well founded. As numerous experts are reminding consumers and businesses, the high season for shopping is also the high season for cybercrime.
Microsoft, Mozilla and Opera Software today joined Google in revoking rogue digital certificates that had been issued by a subordinate certificate authority (CA) of France's cybersecurity agency.
These days, a signature-based approach to anti-virus and anti-malware measures simply isn't good enough. Most companies that develop anti-virus solutions realize that. But this hasn't always been the case, and at some point, somebody had to develop the foundation upon which so many security approaches are based today.
Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.
American and British spy agencies apparently believe there are real-life terrorists lurking among the elves, gnomes and the trolls of online gaming worlds.
An intermediate certificate authority (CA) registered to the French Ministry of Finance issued rogue certificates for several Google domains without authorization.
Sign up now »
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.