Target Corp.'s revelation that personal information about up to 70 million customers was breached in a recent malware attack raises new questions about Target's security practices and risks to consumers.
Georgia Tech researchers are working on a way to profile devices along the supply chain to identify whether they've been compromised, says Paul Royal, associate director of the Georgia Tech Information Security Center.
Intel is changing the name of its McAfee line of security products to Intel Security. The name change follows the badmouthing of McAfee products by founder John McAfee, who sold his company to Intel in 2011.
Big data is a hot item on every banking institution's security agenda, says Gartner analyst Avivah Litan. Here she explains why mid-sized institutions are in the best position to implement new technology.
To help reduce reliance on passwords, the FIDO Alliance is developing standard technical specifications for advanced authentication. Michael Barrett and Daniel Almenara of FIDO describe the impact the effort could have in 2014.
Breach detection provider FireEye has acquired incident response and remediation services company Mandiant , forming a formidable company that can provide soup-to-nuts products and services to detect, mitigate and respond to breaches.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
On Christmas Eve, Target issued a warning about phishing scams linked to its breach recovery efforts. In response, the retailer says it is launching a dedicated resource page on its website for official communications.
Whether reports that the National Security Agency entered into a secret contract with security provider RSA are true or not - and RSA says they're not - the reputations of all American security vendors have been tarnished.
An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.