Cybersecurity

Study: Federal employees risk security to use personal mobile devices

Study: Federal employees risk security to use personal mobile devices

By

Sensitive government data may be at risk due to agencies failing to implement bring your own device policies.

Drupal 6.37 and 7.39 released, critical vulnerabilities addressed

Drupal 6.37 and 7.39 released, critical vulnerabilities addressed

By

Open source CMS platform Drupal has issued security patches to address several critical vulnerabilities affecting Drupal 6 and 7.

Uber reportedly to quadruple its security team by year's end

Uber reportedly to quadruple its security team by year's end

By

Uber is looking to bump its security team from 25 to more than 100 members by the end of the year.

Asprox botnet mostly disappeared in 2015

Asprox botnet mostly disappeared in 2015

By

Researchers say that campaigns leveraging the Asprox botnet have disappeared after reaching a peak last year.

Facebook awards Georgia Tech team $100K for security research

Facebook awards Georgia Tech team $100K for security research

By

Facebook awarded $100K to a team of Georgia Tech researchers for discovering a new class of vulnerabilities and for creating a detection technique.

Adobe updates Flash Player and AIR, fixes 35 bugs

Adobe updates Flash Player and AIR, fixes 35 bugs

By

Adobe's Flash Player and AIR updates fix 35 bugs, the majority of which could lead to code execution.

Black Hat 2015: Zero-Day found in old Intel Chips

By

A researcher discovered a zero-day vulnerability inside the x86 processor architecture that can allow attackers to install rootkits.

Microsoft doubles bug bounty payoff max, expands program

By

Microsoft will double the payout maximum under its bug bounty program and up the ante for authentication vulnerabilities found during a bonus period.

Researcher finds several vulnerabilities in PHP File Manager

Researcher finds several vulnerabilities in PHP File Manager

By

Researcher Sijmen Ruwhof uncovered several critical security vulnerabilities in PHP File Manager that leave user data unprotected.

Internet Explorer Mobile contains four unpatched vulnerabilities

Internet Explorer Mobile contains four unpatched vulnerabilities

By

HP's Zero Day Initiative (ZDI) disclosed four unpatched zero-day vulnerabilities in Internet Explorer Mobile that enable web-based attacks.

Senators introduce bill to expand DHS oversight of federal .gov domain

By

A bipartisan group of senators introduced legislation, that would increase the Department of Homeland Security's role in protecting federal the .gov domain.

NYSE survey: Understanding cybersecurity in the boardroom

The connection between cybersecurity and a company's bottom line is crystal clear to board members — and they're worried. In fact, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings.

FTC alleges LifeLock violated 2010 settlement by lying about security measures

By

LifeLock is being investigated by the FTC for the second time after allegedly making false claims about security measures.

Exclusive: Visa application portal closed following SC Magazine investigation

Exclusive: Visa application portal closed following SC Magazine investigation

By

VFS Global closes visa application portal following SC Magazine investigation. Editable Schengen visa application forms accessed FOUR DAYS after operating company VFS Global said a vulnerability had been fixed.

Seven teams to compete for nearly $4M in 2016 DARPA Cyber Grand Challenge Final

By

Seven out of 104 teams have made it into the 2016 DARPA Cyber Grand Challenge Final Competition to be held August 2016 in Las Vegas.

ISA presses for data to shape cyber security policy, encourages use of NIST framework

ISA presses for data to shape cyber security policy, encourages use of NIST framework

By

The Internet Security Alliance called for data driven analysis to determine incentives, prioritization and cost-effectiveness to encourage voluntary use of NIST Framework.

VA inks $50M contract to improve audit readiness

By

The Department of Veterans Affairs (VA) has awarded a $50 million contract to ASM Research to help improve security and audit readiness.

Cybersecurity Awareness Month launched

By

The event was launched on Friday with a gathering in Ypsilanti, Mich., featuring Secretary of Homeland Security Janet Napolitano and White House Cybersecurity Coordinator Howard Schmidt.

Industry remembers security heavyweight Schultz

By

Gene Schultz, who died on Sunday at the age of 65, is remembered as one of the most accomplished and respected professionals in the field of cybersecurity.

Defense Department releases cyber operation strategy

By

Cyberspace is the fifth domain for U.S. Department of Defense activities, the agency said in its first-ever strategy for cyberspace operations, released Thursday.

Reactions to White House proposals mixed

By

Reaction is mixed following cybersecurity legislative proposals the White House put before Congress on Thursday that would replace 47 state data privacy laws with one sweeping federal data breach notification law.

Competition seeks teenage cyber warriors

By

A national competition was launched on Monday to identify the next generation of cybersecurity experts.

Apple hires cybersecurity pro

By

David Rice, a noted expert in cybersecurity with stints in the U.S. Navy and National Security Agency and private practice, has been hired as Apple's director of global security, according to a report on All Things Digital. His expertise in cryptography and software vulnerabilities is expected to be put to use in Apple products, particularly its iPad and iPhone, as more enterprises seek assurance that their networks are secure. Rice, author of the software security book Geekonomics, will reportedly begin working at Apple in March. - GM

Dancho Danchev: Missing cybersecurity expert

Has Dancho Danchev been properly accounted for after missing since September 2010? One news report shares details.

Delaware, Seattle sites named best cybersecurity resources

By

The state of Delaware and city of Seattle have won an annual contest recognizing the best state and local government cybersecurity websites. Members of the Multi-State Information Sharing and Analysis Center judged website entrants on their security content, usability, accessibility and appearance. Delaware's site came out on top in the state government category for its up-to-date news, events and training resources, while Seattle's site took home top honors in the city category for its security bulletins, newsletters, tips and links. — AM

Former Pennsylvania CISO to share challenges, tips

Former Pennsylvania CISO to share challenges, tips

By

Bob Maley, former CISO of the state of Pennsylvania, will address data protection strategies at the upcoming SC World Congress.

DoD, DHS to align cybersecurity capabilities

By

The U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) announced plans Tuesday to streamline their cybersecurity capabilities to better protect the nation's networks.

Talent scout: Government recruitment of IT security professionals

Talent scout: Government recruitment of IT security professionals

By

The U.S. government is working to attract quality IT professionals, says NICE's Ernest McDuffie. Dan Kaplan reports.

Securing our eCity: Grassroots block-by-block cyber threat awareness

Grassroots block-by-block cyber threat awareness CIO or IT managers can teach the best practices in cybersecurity and reap the benefits of helping protect and secure your eCity.

Public-private awareness initiative developed

By

A survey gauging public awareness over the need for internet safety and security confirms the need for a new national messaging campaign, according to two nonprofits.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US