Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled. BitSight's Stephen Boyer offers insight.
Prime Minister David Cameron has cited televised crime dramas to justify his push to expand Britain's surveillance laws and collect bulk Internet and mobile usage data. But does cop show fiction square with surveillance fact?
Hackers posing as women on Skype tricked Syrian opposition fighters into infecting their systems with malware, which furnished the hackers with "valuable insight into military operations," according to a new report from cybersecurity firm FireEye.
Data breaches are inevitable, hence it's up to executives to ensure their enterprise is secured, without trying to encrypt everything, warns Prakash Panjwani, president and chief executive officer of SafeNet.
In the wake of an "inebriated" government employee crashing a drone on the White House lawn, federal officials sound warnings over the potential weaponization of consumer drones. But is it anything more than a Hollywood-style movie plot?
The increase in sophisticated hacking attacks will lead other sectors to follow the lead of the financial services industry in implementing multifactor authentication, says Ken Hunt, CEO of VASCO Data Security International.
The Regin espionage and surveillance malware offers attackers advanced capabilities, but a new analysis of two recovered modules finds the components are basic and unveils potential clues to the identity of its creator.
Adobe confirms that a zero-day flaw exists in its Flash browser plug-in and promises to soon release Windows, Mac and Linux fixes for affected versions of Flash Player. The vulnerability is reportedly already being targeted by in-the-wild attacks.
The OpenSSL Heartbleed bug hasn't died, with recent scans still finding 250,000 Internet-connected systems that remain vulnerable. Security experts recommend enterprises expand their patching efforts to find devices with embedded firmware that contain the flaw.
Following summertime engineering team layoffs, Microsoft has botched two Windows fixes and failed to issue updates to address three Windows flaws that were spotted by Google, which the search giant revealed publicly 90 days after privately notifying Microsoft.