Venkatesh Subramaniam, CISO of Idea Cellular, describes how Indian security practitioners should communicate to business leaders about the evolving threat landscape in order to get the funding they need to secure enterprise infrastructure.
Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
Apple has unveiled its long-awaited Apple Watch, which the company will begin shipping in nine countries on April 24. Security experts highlight the use of Bluetooth and Wi-Fi as potential security concerns and discuss other security-related issues.
The U.S. Justice Department has charged three men - two are in custody - for hacks against email service providers - including Epsilon - that allegedly resulted in the theft of 1 billion email addresses, many later used in massive spam campaigns.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.
Mandarin Oriental Hotel Group and Natural Grocers are two of the latest merchants to confirm breaches of their point-of-sale systems. Security experts analyze the impact these breaches are likely to have on issuers and cardholders.
As part of its biggest reorganization in its nearly seven-decade history, the Central Intelligence Agency is creating a Directorate of Digital Innovation that will use cyber technology to amass and analyze intelligence.
All Windows operating systems are at risk from the SSL/TLS vulnerability known as Freak, Microsoft warns. The company has outlined temporary workarounds - except for Windows Server 2003. Experts say no in-the-wild attacks have yet been seen.
British police over the course of this week launched 25 cybercrime-targeting raids and made 57 arrests, including suspects who have been tied to a U.S. Defense Department network intrusion, Lizard Squad attacks, as well as a massive Yahoo breach.
Attacks are larger, adversaries more diverse, and damage is broader. These are characteristics of today's DDoS attacks, and organizations need a new approach to protection, says Verisign's Ramakant Pandrangi.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Banking institutions' technical and procedural shortcomings pose increasing risks to the nation's critical infrastructure, two banking regulators note. Learn why they say more transaction monitoring and information sharing are needed.
Canadian Internet service provider Rogers Communications has confirmed that information about the company and its customers was leaked after attackers successfully targeted one of its employees via a social engineering attack.
New exploits linked to Apple Pay aren't compromising the mobile device's security, but instead are taking advantage of lax authentication practices used by banking institutions to verify cards that are loaded to the iPhone for Apple Pay purchases.