Hackers have been targeting the likes of AOL and Yahoo, in part, because a certain generation of users - including many senior U.S. officials - continue to use the services to send and store state secrets. Let's make sure future generations don't make similar mistakes.
Thousands of high-profile Twitter accounts have been spewing swastikas and spam following the hack of a popular third-party Twitter service called Counter. Sites tied to Amnesty International, the BBC and even tennis star Boris Becker were affected.
FireEye's Mandiant investigative unit is seeing a revival in tried-and-true hacking techniques, ranging from social engineering to the snatching of OAuth tokens. Why are these old techniques still working?
Every year, information security professionals flock to San Francisco for the annual RSA Conference. From the debut of "Trumpcryption" to cybersecurity's "greatest hits" set to hip-hop violin, here are some of the 2017 event's highlights.
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
An overlooked security setting on Twitter may have allowed a hacker to guess the password-reset email addresses tied to accounts used by President Donald Trump, first lady Melania Trump, Vice President Mike Pence plus a top adviser. What's the risk?
Many members of Britain's Parliament regularly use technology - and tech firms - as a scapegoat for intractable social issues or failed government policies. Does the country's new mass surveillance law now enshrine technology scapegoating into law?
The Internet Archive, a pioneering 20-petabyte digital repository, is raising funds to replicate its data in Canada. The group's founder fears that the election of Donald Trump as the next U.S. president portends an uncertain privacy rights future.
Did security vendor Cylance lean too heavily on decade-old research into weaknesses in a still-used electronic voting machine in order to get pre-election day headlines? A company spokesperson says no.
IoT devices running the authentication protocol OpenSSH are being compromised and used as proxies in attacks that aim to take over accounts at popular web services, according to new research from Akamai.
The internet of things is being compromised by malware-wielding attackers exploiting default credentials baked into devices. What will it take for manufacturers to ship devices that are secure by default?
Fancy Bear strikes again: the suspected Russian hacking group released confidential medical records for four U.S. Olympic athletes, falsely contending the documents prove illegal drug use by the Olympians.
A new research project called Amnesia tackles the password management problem by not storing full data in any one place where it can be hacked. But does this proposed solution truly offer better password security?
The breach of an offshore account owned by Union Bank of India is raising new questions about the security of interbank payments, which often rely on antiquated backend verification processes that fraudsters seem to be compromising with relative ease.
An investigative report from Reuters paints a disturbing picture of the Federal Reserve Bank of New York using antiquated security practices to safeguard interbank SWIFT payments. Here's how security experts say interbank transaction security must be improved.