Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
"Align technology with businesses" is an old phrase. But information security is now part of this change, making strides to align with growth as a business enabler. Enter: the converged technology operations center.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Weaponized roller coasters? Kidnappers hacking babycams? Forget over-the-top "CSI: Cyber" hacking plots. The hackers behind the Rogers ISP breach, in their quest for bitcoins, claim they wielded nothing more serious than a telephone call.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Lenovo, the world's largest PC manufacturer, promises to stop preinstalling any software on its Windows laptops that doesn't need to be there. The move comes following security alerts relating to the Superfish adware the company had been preinstalling.
Security leaders expect the new Union budget to give a needed boost to cybersecurity education, as well as increased investment in critical infrastructure, biometrics and surveillance to fight cybercrime.
Authorities have disrupted a botnet that was serving up the Ramnit banking malware, which has infected 3 million PCs worldwide. But information security experts warn that the disruption will likely be temporary.