Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
When security succeeds, it is often unnoticed. That success might also make security investments hard to sustain, given its low profile in organizations. Gartner's Tom Scholtz discusses articulating security's business value.
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
The British government rewrote the country's computer abuse law in March to shield law enforcement and intelligence agencies from being prosecuted for hacking. The move, which just came to light, appears to have been driven by a legal claim.
Caffeine junkies are up in arms over reports that criminals have been targeting their Starbucks account balances. But the real story is poor password-picking practices by consumers, and Starbucks' lack of multi-factor authentication.
Former RSA Chairman Art Coviello has re-emerged as a partner with venture capital firm Rally Ventures. What's it like to transition from creating new security solutions to discovering and nurturing them?
Wanted: Hackers for hire. Or in British government parlance: "Committed and responsible individuals who have the potential to carry out computer network operations to keep the U.K. safe." Ready to apply?
The FBI is offering a big-stakes reward for an alleged criminal who ranks at the top of its "cyber most wanted" list. But one cybercrime expert asks: "Would you cross the Russian mafia or some organized crime gang for $3 million?"
Much of today's crime is "cyber-enabled," warns cybercrime expert Raj Samani, and successfully blocking such attacks increasingly demands not just better technology and public-private collaboration, but also an understanding of psychology.
Britain's Tory party has secured a majority in Parliament, which means the country will soon see a new legislative agenda. Here are some of the information security, privacy and surveillance initiatives to expect in the coming months.
The IT security industry must do a much better job of persuading young people with the requisite math and science skills to join the cybersecurity workforce rather than choose another profession, says David Shearer of (ISC)Â².
A federal appellate court decision that the National Security Agency's bulk data collection program is illegal could have sweeping ramifications beyond derailing the initiative to amass the metadata of Americans' telephone calls.
A federal appeals court has ruled that the National Security Agency's collection of metadata of Americans' telephone calls is not authorized by the Patriot Act. What impact with the decision have on the Congressional debate about NSA practices?