Microsoft announced plans on Wednesday to on expand its bug bounty program to include Project Spartan, the company's new browser, and Azure, the company's cloud platform.
Using point-to-point encryption and monitoring privileged credentials are among the point-of-sale security tips offered during a session at RSA Conference 2015
More than a dozen cybersecurity organizations met earlier this week to discuss plans to establish a framework for resolving the "shortfall of qualified people in the cybersecurity profession."
Manny Rivelo was named president and CEO of F5 Networks, an application solutions provider, this week.
The FBI issued an alert to the Federal Aviation Association (FAA) earlier this week to warn about hackers who might try to access airplane network ports, according to Wired.
Cisco issued its first transparency report earlier this week and elaborated on its procedures if it were to receive government requests for user data.
As Anonymous activity drops, iSIGHT Partner's Joe Gallop boldly predicts the demise of the hacktivist collective but says other groups are stepping up to fill the void.
Search engine giant Google received Federal Deposit Insurance Company (FDIC) backing for its mobile payments app Google Wallet.
Apple "rootpipe" vulnerability was supposedly patched in the company's most recent release, but a security researcher says differently.
The issue was identified last week and researchers worked together with plugin developers to ensure patches were ready before the problem was disclosed.
Virginia Governor Terry McAuliffe announced on Monday that the Commonwealth is establishing the first state-level Information Sharing and Analysis Organization.
After already making HTTPS encryption the default on search, Gmail, YouTube and Drive, Google will now be implementing HTTPS on its ad products.
Check Point discovered a critical remote code execution vulnerability could have allowed attackers to compromise nearly eBay shops running on the company's Magneto platform.
Raytheon Company will acquire Websense later this year in a $1.9 billion deal with Vista Equity Partners.
IBM launched a cyber threat intelligence sharing platform on Thursday that the company is billing as a social media network for security analysts.
An Illinois IT manager was federally indicted for launching a cyber attack against his former employer.
Chinese regulators have suspended rules that heavily policed foreign technology, after backlash from its own banks.
A serious vulnerability has been found in Android's AirDroid application that could allow unauthorized remote access to the user's phone
Github released its first transparency report earlier this week and disclosed the 10 requests it received for user data.
Dropbox launched its bug bounty program on Wednesday through HackerOne.
After splitting from AccessData in 2014, the security start-up has decided to restructure to focus on customers and product development.
Organizations have 14 months to comply with PCI SSC Version 3.1, which addresses vulnerabilities in SSL and early TLS.
Motherboard and Privacy International revealed the contract between DEA and a government supplier.
Sensitive information was left out in the open after hours on nearly a third of the desks at five Department of Homeland Security (DHS) organizations, a KPMG audit found.
Metropolitan State University announced that approximately 160,000 current and former students, as well as 900 faculty members, were impacted in a "likely" breach.
The Government Accountability Office (GAO) warned the FAA that its on-flight Wi-Fi, among other things, could put aircrafts and passengers at-risk.
The retail giant is expected to reach a $20 million settlement with MasterCard as compensation for cost incurred in the the 2013 breach.
The initiative to triple U.S. Cyber Command security staff, to more than 6,000 military and civilian personnel, will not be completed until 2018.
The second member of a cyber crime syndicate cash out crew that attempted to steal $15 million from bank customers was sentenced to prison Tuesday.
Adobe released security updates for Flash Player on Tuesday, as well as updates for Adobe Flex and ColdFusion.
The PCI Security Standards Council (PCI SSC) has updated its security requirements to improve the security of data and other components in the making of payment cards.
After more than a year with company founder Jeremiah Grossman serving as interim CEO, WhiteHat has selected Craig Hinkley to fill the top spot.
The FTC imposed greater security and privacy requirements on two debt brokers after they posted personal information of 55,000 consumers online.
A day before the show's highly anticipated Season 5 premiere, four episodes of the TV series leaked online.
On the heels of similar incidents, Rossel, a Belgium media group, experienced an hours-long DDoS attack Sunday afternoon.
The highly regarded Tribeca Film Festival will offer a three-day DefCon program that includes panel discussions about portraying hacking in film.
Researchers at Trend Micro have detected malware that they say was used by pro-ISIS sympathizers to hack into a French TV station.
The alleged creator of Svpeng malware for Android devices was arrested in Russia, Forbes reported on Monday.
Symantec confirmed its plans to separate itself from its Veritas data-storage and recovery business by the end of 2015 on Monday.
Sprint Communications has agreed to pay $15.5 million to the federal government for charging law enforcement agencies for surveillance upgrades.
The Chinese government-sponsored threat group targeted organizations and individuals with political information on the regions, FireEye revealed.
Researchers described "Great Cannon" as China's latest internet censorship tool.
Jermaine Smith of the cybercrime syndicate Carder.su, was sentenced to more than 12 years in prison and ordered to pay $50.8 million in restitution.
In an attack very similar to one last year, a SendGrid customer was compromised through its mail service account.
The vulnerability in the operating systems' Darwin kernel allows attackers to execute DoS attacks and damage devices.
Following the release of a European report on Facebook's privacy practices, the company released a blog post retort on Wednesday.
Ten of White Lodging's properties have been affected by a POS data breach that lasted from July 2014 to February of this year.
Last year, the communications giant received 113,655 law enforcement requests for customer data.
Hillary Clinton has hired Google executive Stephanie Hannon to serve as (CTO) for Clinton's expected 2016 presidential campaign.
The Justice Department and Drug Enforcement Agency began logging nearly every phone call made from the U.S. to as many as 116 countries.
Santeri Kangas has joined Secunia as CTO after a 23-year run at F-Secure.
The Federal Trade Commission (FTC) settled with two companies on Tuesday after they falsely claimed to comply with the U.S.-EU Safe Harbor.
The Philadelphia Fire Department said Friday, that billing information from at least 750 ambulance patients was stolen,
Users were being redirected to the Nuclear Exploit Kit, which is exploiting vulnerabilities in Adobe Flash, Oracle Java and Microsoft Silverlight.
Between May 2010 and early October 2014, police used stingrays 46 times without a court order.
Security company Trustwave announced, on Tuesday, that it is set to be acquired by Singapore Telecommunications Limited (Singtel) for $810 million.
The March 31 release of Firefox 37 introduced the opportunistic encryption feature to the browser, by April 3 it had been disabled.
Data software company Informatica announced, on Tuesday, that it is set to be acquired by private equity firm Permira and Canada Pension Plan Investment Board (CPPIB).
The Federal Aviation Administration (FAA) said a virus infected its administrative computer system but didn't cause any damage to agency systems.
Trend Micro and the Organization of American States (OAS) polled 575 critical infrastructure security leaders in the Americas.
Email addresses of a "small subset" of users were in public view when search engines indexed unsubscribe links.
The town of Tewksbury paid a $500 Bitcoin ransom after the police department's network was infected with a newer variant of CryptoLocker ransomware.
Days after hacktivist collective Anonymous warned Israeli companies and websites that it would begin its annual cyber attack campaign against the country on Tuesday, one Israeli political party's website was defaced.
The Health Information Trust Alliance (HITRUST) will sponsor a study to analyze the effects of cyber attacks on healthcare organizations.
The law ushers in technical and data standards for verifying individuals' identities during digital or online transactions.
An Avast global survey measuring data preservation habits found that despite not backing up regularly users are concerned with the data in their devices.
Check Point Software Technologies announced its intentions to acquire mobile security company Lacoon.
An investigation is ongoing into how Westland Middle School students were able to access a list containing information on 1,400 lockers in the school.
Virtual machine maker VMware issued updates on Thursday to address a critical information disclosure issue in Oracle's Java runtime environment (JRE).
A copy-cat Pirate Bay site is targeting attacks against WordPress users and injecting them with malware.
Uber has lured Joe Sullivan away from Facebook to become its first-ever CSO.
Officials are investigating a pattern of fraudulent activity on credit and debit cards used to make purchases at Colonial Car Wash in Rotterdam.
Kamil Hismatullin identified a vulnerability in Google's Application Programming Interface (API) that could have allowed him to delete any and every video on YouTube.
Hulu won against a legal challenge that claimed the company violated users' privacy by sharing what they watched on the site with Facebook.
5 Networks opened the doors to its new security operations center (SOC) facility at its Seattle headquarters today.
The $33 million raised in HyTrust's most recent round of funding will target product development, international expansion and marketing and sales efforts.
Officials at Bradley University said an internal investigation revealed the school's computer security system had been breached and infected with data-stealing malware.
Similar to previous attacks, saboteurs spread the malware by leveraging Steam's chat feature.
After meeting with U.S. Treasury Secretary Jacob Lew, Chinese officials put a hold on restrictions that would require tech companies to provide code and comply with audits.
In five class action suits, Premera customers accuse the insurance provider of negligence.
New research from the EU suggests that Facebook is tracking internet users' web browsing habits, even if they've opted out of the feature or haven't registered with the social media site.
Black market Evolution disappeared this month, along with $12 million in Bitcoin, as part of what is believed to be an exit scam.
Australia's Department of Immigration and Border Protection inadvertently leaked personal information of world leaders who attended the 2014 G20 Summit in Brisbane.
Selling for as little as $1, Uber login credentials have been found on the black market though the company still denies it was hacked.
A Kaspersky researcher found that the cryptocurrency's ledger can be used to store malware control mechanisms or provide access to illicit content.
Russian authorities have ramped up efforts to locate criminals spreading ATM malware Tyupkin.
A recent Verizon study found that regular testing of security systems was a compliance weak point for merchants.
Slack announced that unauthorized access was gained to a database for roughly four days in February, and suspicious activity has been detected on a small number of accounts.
A British court has dismissed Google's appeal to prevent consumers from being able to sue the company over its alleged tracking of Safari users.
The New York Times obtained a copy of the internal Citigroup report, published by the bank's cyberintelligence unit.
The U.S. Department of State is offering up to $3 million for information leading to the arrest of two men who are allegedly tied to the Carder.su cybercrime syndicate.
As part of an ad-fraud scheme, attackers are using router malware to make it so advertisements and pornography are injected into every website that uses Google Analytics.
PhishMe, Inc., a Leesburg, Va.-based phishing threat management solution provider, closed a $13 million investment in Series B funding led by Paladin Capital Group and new investor Aldrich Capital Partners.
A flaw in InnGate routers could allow an a attacker to distribute malware to guests, monitor and record data sent over the network and possibly gain access to the hotel's reservation and keycard systems.
Sarah Dahlgren, the New York Fed's head of supervision, announced that the bank had created a team dedicated to cybersecurity.
Steven Sadler sold close to a million dollars' worth of cocaine, heroin and methamphetamine over the underground marketplace the Silk Road.
Four GE products and one MACTek product are impacted by the vulnerability, according to ICS-CERT.
Legislation requiring companies to meet security standards and notify customers of data breaches has moved forward in the U.S. House of Representatives.
The Swedesboro-Woolwich School District's network was taken hostage by ransomware.
The California Electronic Communications Privacy Act passed the California Senate Public Safety Committee on Tuesday.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure