Digital Identity is the foundation for granting user access in today's connected enterprise. Dated authentication approaches fall short on both security effectiveness and user experience.
A break in the clouds: Best practices for solving cloud infrastructure challenges to traditional securityJune 02, 2015
Everything is different in the cloud. Including security.
WhiteHat Security's "2015 Website Security Statistics Report" looks at vulnerabilities in websites and the amount of time it took to patch them.
A hacker with security firm Sakurity identified a way to generate unlimited funds on Starbucks gift cards, and proved that it worked.
Researchers wrote in a paper that UC Browser's English and Chinese versions leak personal and personally-identifiable data.
Computer scientists have identified weaknesses in the way popular cryptographic algorithm Diffie-Hellman key exchange is deployed.
A team of security pros have come up with a fix for the "logjam" bug, but implementing it could have serious consequences for thousands of websites.
Potentially millions of devices around the globe are vulnerable due to a remotely exploitable kernel stack buffer overflow in NetUSB.
An Android stock browser vulnerability was discovered that could allow cyber criminals to "spoof" the address bars and potentially carry out phishing schemes.
Claims that researcher Chris Roberts actually, briefly, commandeered a plane in flight after hacking its entertainment systems may be up for debate; contentions that the aircraft may be vulnerable are not.
The security alert, issued Friday, addresses a serious buffer overflow vulnerability in QEMU's virtual Floppy Disk Controller (FDC).
The vulnerabilities are in a variety of Cisco TelePresence products and users are being advised to update.
ICS-CERT is now aware of more vulnerabilities impacting Hospira infusion pumps.
United Airlines has become the first airline to offer a bug bounty program - and researchers will receive air miles, not dollars, for their discoveries.
Incapsula found that each compromised router was, on average, infected with four variants of MrBlack malware, which is used for DDoS attacks.
A vulnerability in virtual floppy drive code used by numerous computer virtualization platforms has been identified by a researcher with CrowdStrike.
Microsoft issued 13 bulletins today in possibly one of its last official Patch Tuesday releases.
The company patched dozens of critical vulnerabilities for users on Windows, Macintosh and Linux platforms.
The technology company patched vulnerabilities in older Safari versions on Wednesday.
Sucuri disclosed an XSS vulnerability impacting millions of WordPress websites on the same day Fortinet disclosed a bug affecting a Joomla extension.
After allegedly notifying CyberLock of security flaws in some of its products, IOActive issued an advisory warning of the issues.
Onapsis found that most SAP systems remain vulnerable to attacks that could compromise a company's business data and processes.
An independent researcher identified the improper authorization vulnerability and insufficient verification of data authenticity flaw.
High-Tech Bridge Security Research Lab identified the vulnerability in the eShop plugin, which affects version 6.3.11 and likely lower.
A researcher with Duo Security identified the vulnerability, which exists in MySQL client libraries, as well as forks such as MariaDB and Percona.
The aviation authority instructed operators to take "interim action" to prevent loss of AC electrical power, until a software fix is available.
Vendors bundling software with open source libraries caught the IT community unprepared, says Secunia's Kasper Lindgaard.
A security alert issued Friday warns of an unfixed bug in D-Link and Trendnet routers.
High-Tech Bridge identified multiple vulnerabilities in TheCartPress eCommerce shopping cart plugin for WordPress websites.
Attackers compromised the Twitter feeds of Tesla and company co-founder Elon Musk where they posted false claims.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Website observed serving 83 executable files, more than 50 percent malware
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- TeslaCrypt used to extort over $76K in recent months
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes