Adobe confirms that a zero-day flaw exists in its Flash browser plug-in and promises to soon release Windows, Mac and Linux fixes for affected versions of Flash Player. The vulnerability is reportedly already being targeted by in-the-wild attacks.
The OpenSSL Heartbleed bug hasn't died, with recent scans still finding 250,000 Internet-connected systems that remain vulnerable. Security experts recommend enterprises expand their patching efforts to find devices with embedded firmware that contain the flaw.
Following summertime engineering team layoffs, Microsoft has botched two Windows fixes and failed to issue updates to address three Windows flaws that were spotted by Google, which the search giant revealed publicly 90 days after privately notifying Microsoft.
Last year, a number of application vulnerabilities led to compromises of many organizations' systems, serving as an important reminder that application security is vital to any breach prevention effort. Here, experts offer four app security tips.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
British Prime Minister David Cameron reportedly plans to lobby U.S. President Barack Obama to criticize technology companies that offer encrypted communications that cannot be cracked by law enforcement or intelligence agencies.
Following the Paris terror attacks, the French government plans to strengthen its surveillance laws, while the British prime minister has promised to allow intelligence agencies to penetrate any encrypted communications.
North Korean leader Kim Jong-un was set to star in a satirical video game, in which he battled the forces of imperialist oppression with the help of unicorns and narwals - until hackers apparently disrupted game development.
Nobody wants to be a cyber-attacker's first victim. But there are benefits to being second or third, says Akamai's Mike Smith. Then you get to enjoy the true benefits of the oft-discussed information sharing.
French authorities continue to investigate the Jan. 7 attack in Paris that claimed the lives of a dozen, including journalists and police officers. Information security experts say that cyber-forensic skills are crucial for finding the perpetrators.
Microsoft says it's prepping a patch for a Windows vulnerability that was recently disclosed by Google. The search giant's 90-day deadline for vendors to patch bugs has drawn both condemnation and praise from the information security community.
At least 12 million home and small-office routers from 50 manufacturers have a flaw that an attacker could remotely exploit to seize control of the device, steal data and redirect users to attack sites, warns security vendor Check Point.
After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
Once a file enters the network, we often lack the tools to monitor the file's behavior. In essence, using the point-in-time model, the security professional cannot retry the file for guilt or innocence.
The response by Sony Pictures Entertainment executives to the hack attack against their company provides a number of great examples for how to not to handle a data breach. Here are 7 key mistakes they made.