Cybersecurity

Researcher finds several vulnerabilities in PHP File Manager

Researcher finds several vulnerabilities in PHP File Manager

By

Researcher Sijmen Ruwhof uncovered several critical security vulnerabilities in PHP File Manager that leave user data unprotected.

Internet Explorer Mobile contains four unpatched vulnerabilities

Internet Explorer Mobile contains four unpatched vulnerabilities

By

HP's Zero Day Initiative (ZDI) disclosed four unpatched zero-day vulnerabilities in Internet Explorer Mobile that enable web-based attacks.

Senators introduce bill to expand DHS oversight of federal .gov domain

By

A bipartisan group of senators introduced legislation, that would increase the Department of Homeland Security's role in protecting federal the .gov domain.

NYSE survey: Understanding cybersecurity in the boardroom

The connection between cybersecurity and a company's bottom line is crystal clear to board members — and they're worried. In fact, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings.

FTC alleges LifeLock violated 2010 settlement by lying about security measures

By

LifeLock is being investigated by the FTC for the second time after allegedly making false claims about security measures.

Exclusive: Visa application portal closed following SC Magazine investigation

Exclusive: Visa application portal closed following SC Magazine investigation

By

VFS Global closes visa application portal following SC Magazine investigation. Editable Schengen visa application forms accessed FOUR DAYS after operating company VFS Global said a vulnerability had been fixed.

Seven teams to compete for nearly $4M in 2016 DARPA Cyber Grand Challenge Final

By

Seven out of 104 teams have made it into the 2016 DARPA Cyber Grand Challenge Final Competition to be held August 2016 in Las Vegas.

ISA presses for data to shape cyber security policy, encourages use of NIST framework

ISA presses for data to shape cyber security policy, encourages use of NIST framework

By

The Internet Security Alliance called for data driven analysis to determine incentives, prioritization and cost-effectiveness to encourage voluntary use of NIST Framework.

VA inks $50M contract to improve audit readiness

By

The Department of Veterans Affairs (VA) has awarded a $50 million contract to ASM Research to help improve security and audit readiness.

Cybersecurity Awareness Month launched

By

The event was launched on Friday with a gathering in Ypsilanti, Mich., featuring Secretary of Homeland Security Janet Napolitano and White House Cybersecurity Coordinator Howard Schmidt.

Industry remembers security heavyweight Schultz

By

Gene Schultz, who died on Sunday at the age of 65, is remembered as one of the most accomplished and respected professionals in the field of cybersecurity.

Defense Department releases cyber operation strategy

By

Cyberspace is the fifth domain for U.S. Department of Defense activities, the agency said in its first-ever strategy for cyberspace operations, released Thursday.

Reactions to White House proposals mixed

By

Reaction is mixed following cybersecurity legislative proposals the White House put before Congress on Thursday that would replace 47 state data privacy laws with one sweeping federal data breach notification law.

Competition seeks teenage cyber warriors

By

A national competition was launched on Monday to identify the next generation of cybersecurity experts.

Apple hires cybersecurity pro

By

David Rice, a noted expert in cybersecurity with stints in the U.S. Navy and National Security Agency and private practice, has been hired as Apple's director of global security, according to a report on All Things Digital. His expertise in cryptography and software vulnerabilities is expected to be put to use in Apple products, particularly its iPad and iPhone, as more enterprises seek assurance that their networks are secure. Rice, author of the software security book Geekonomics, will reportedly begin working at Apple in March. - GM

Dancho Danchev: Missing cybersecurity expert

Has Dancho Danchev been properly accounted for after missing since September 2010? One news report shares details.

Delaware, Seattle sites named best cybersecurity resources

By

The state of Delaware and city of Seattle have won an annual contest recognizing the best state and local government cybersecurity websites. Members of the Multi-State Information Sharing and Analysis Center judged website entrants on their security content, usability, accessibility and appearance. Delaware's site came out on top in the state government category for its up-to-date news, events and training resources, while Seattle's site took home top honors in the city category for its security bulletins, newsletters, tips and links. — AM

Former Pennsylvania CISO to share challenges, tips

Former Pennsylvania CISO to share challenges, tips

By

Bob Maley, former CISO of the state of Pennsylvania, will address data protection strategies at the upcoming SC World Congress.

DoD, DHS to align cybersecurity capabilities

By

The U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) announced plans Tuesday to streamline their cybersecurity capabilities to better protect the nation's networks.

Talent scout: Government recruitment of IT security professionals

Talent scout: Government recruitment of IT security professionals

By

The U.S. government is working to attract quality IT professionals, says NICE's Ernest McDuffie. Dan Kaplan reports.

Securing our eCity: Grassroots block-by-block cyber threat awareness

Grassroots block-by-block cyber threat awareness CIO or IT managers can teach the best practices in cybersecurity and reap the benefits of helping protect and secure your eCity.

Public-private awareness initiative developed

By

A survey gauging public awareness over the need for internet safety and security confirms the need for a new national messaging campaign, according to two nonprofits.

Cybercrime costs businesses $3.8 million per year

By

Web attacks, malware and insider threats can cost organizations millions of dollars in losses each year, according to a new Ponemon Institute study.

United States lacking adequate cyber workforce

By

The United States is lacking an adequate number of individuals within the federal government and private sector with the technical skills necessary to secure cyberspace, concludes a new public policy report.

Experts encourage investment in attribution technologies

By

A number of experts testified before U.S. House members Thursday that research and development is needed to improve ways to determine the identity and location of cyberattackers. Such technologies could could limit the impact of a major attack, witnesses said at a meeting of the U.S. House Subcommittee on Technology. During the hearing, members and witnesses said that increasing coordination between government and industry to develop new attack attribution technologies would help prevent redundant efforts and take advantage of all available resources. — AM

Cyber progress report: More work is needed

By

Cybersecurity stakeholders converged at the White House this week to discuss ideas and progress being made since President Obama issued a digital protection plan last year.

White House office grants DHS cybersecurity oversight

By

The U.S. Department of Homeland Security (DHS) now is responsible for ensuring agencies comply with federal information security requirements, according to a recent memo issued by the federal Office of Management and Budget (OMB).

Government to help defend private sector networks

By

The U.S. Department of Defense (DoD) has launched a pilot program to detect and respond to cyberattacks against public and private entities, such as energy companies and nuclear power plants, that operate the nation's critical infrastructure.

Third-party apps failing to use Windows security features

By

Many third-party Windows applications are failing to utilize two important security features that could prevent certain code execution attacks, according to a report released Thursday by Secunia.

Opinions mixed about White House's online identity plan

By

Critics of the White House's proposed national internet identity authentication plan, intended to improve online privacy and security, say the strategy may do just the opposite. Proponents, meanwhile, believe it represents a major step toward establishing online trust.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US