The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence agency espionage operation found that its internal networks housing encryption keys weren't breached. But security experts question those findings.
Hackers have been stealing the secret trading algorithms that are the lifeblood of many hedge funds and high-frequency trading firms, according to two security companies. What can be done to mitigate the risks?
The hacking group Lizard Squad has claimed credit for hijacking the website of Lenovo.com and redirecting visitors to an attacker-controlled site. It also indicates that it's now sitting on a cache of stolen Lenovo e-mail messages.
Authorities have disrupted a botnet that was serving up the Ramnit banking malware, which has infected 3 million PCs worldwide. But information security experts warn that the disruption will likely be temporary.
Lenovo says it is working to remotely delete Superfish adware that it preinstalled on many laptops for consumers. But US-CERT warns that many products use the Komodia root certificate that is triggering security warnings.
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.
Some security experts contend that users of numerous types of Lenovo PCs and laptops are at risk of having their encrypted traffic get intercepted because of installed-by-default Superfish adware, which handles digital certificates insecurely.
The Hong Kong regional headquarters of (ISC)Â² is collaborating with universities across Asia through its Global Academic Program to deliver essential skills to help grow the information security workforce.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.
Extradited Russian national Vladimir Drinkman, who's been charged with masterminding the largest-ever hack attack in U.S. history, this week pleaded not guilty in U.S. federal court to 11 charges relating to the theft of 160 million payment cards.