Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Lenovo, the world's largest PC manufacturer, promises to stop preinstalling any software on its Windows laptops that doesn't need to be there. The move comes following security alerts relating to the Superfish adware the company had been preinstalling.
Authorities have disrupted a botnet that was serving up the Ramnit banking malware, which has infected 3 million PCs worldwide. But information security experts warn that the disruption will likely be temporary.
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.
A British/American intelligence team hacked Gemalto - the world's largest SIM manufacturer - and stole encryption keys that can be used to intercept and eavesdrop on cellular communication, according to a news report citing leaked documents.
Lenovo - the world's largest PC manufacturer - says it will cease pre-installing Superfish adware on its devices and help customers delete the software and its risky digital certificate. But will all affected users get the message?
The Hong Kong regional headquarters of (ISC)Â² is collaborating with universities across Asia through its Global Academic Program to deliver essential skills to help grow the information security workforce.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Is your organization running its anti-malware defenses properly? Don't be so sure. A new study finds that essential features built into anti-virus software are not always being used. From an information security standpoint, that's a serious problem.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
A team of hackers has been operating since at least 2001, wielding malware that even today is among the most advanced attack code to have ever been discovered, according to a new study. Security experts are debating whether the NSA could be involved.
The Anunak/Carbanak gang continues to rob financial services firms and retailers, in part with ATM malware. A new report says the cybercrime gang has stolen up to $1 billion from banks in Russia, the U.S. and beyond.
Europe's vaunted data protection regulations - now 20 years old - are in desperate need of an update. In 2012, EU officials proposed extensive changes to the privacy rules, but they remain stuck in limbo. Here's why.