Although the IBM z Systems platform is known for scalability and security, you still have to monitor who did what, when, why, where and how to ensure that information stays protected.
The Secure Socket Layer (SSL) protocol is under attack. In the last year, new vulnerabilities have been uncovered that allows malicious attackers to undermine security that organizations put in place to protect themselves and their end users sensitive information.
A vulnerable Google Maps plug-in for Joomla allowed attackers to spoof the source of DDoS attacks.
Government agencies have the opportunity to lower cost and improve both internal and Citizen-facing services by moving from static web-based information portals to leveraging the web as a service delivery platform.
Enterprises are racing to shore up on-premises and cloud defenses to avoid being the next security headline. Spending on security technologies is at an all-time high, but how confident are you in vendor decisions and the security architecture you are implementing?
As adversaries continue to innovate—designing attacks specifically tailored for your enterprise—being able to respond, contain and recover in a timely manner has never been harder.
Symantec warns of a phishing campaign that fools victims with fake emails from LinkedIn Support.
They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers.
The rigidity of web application security controls has left the enterprise vulnerable to data breach.
The alliance defined specifications for devices, servers and client software that will help usher in the "post password" era.
A security expert estimates that around 10,000 legitimate websites were impacted by the campaign.
Threat of the month: Bash bug/Shellshock
Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.
The Corporate Challenge site was one of many avenues tested by persistent attackers, reports reveal.
Alberta Health Services is apologizing following a data breach at Alberta Children's Hospital.
Students at the University of British Columbia have been warned that their personal information may have been exposed thanks to a software bug.
A recent study, conducted by the Ponemon Institute, and commissioned by Raytheon, has revealed some interesting facts related to the adoption and barriers to mobile device usage in the workplace.
It will continue to be a year where companies need to focus on how their employees interact online.
With a July 9 deadline looming for machines infected with the DNSChanger trojan to still be able to access the internet, Google is lending a helping hand to inform users of compromise.
Thoma Bravo snared its fifth IT security company since 2009 in a high-priced deal to buy Blue Coat Systems, a company that recently found itself immersed in controversy.
Cyber Monday, the digital equivalent of the brick-and-mortar world's Black Friday, is one of the busiest online shopping days of the year, and typically marks the beginning of a month-long period of increased online threats.
A couple from New York state is seeking class-action status for a lawsuit against Citigroup, alleging that the third-largest U.S. bank has "taken no steps" to protect victims in the wake of a massive data breach, according to reports. Citi admitted in June that 360,083 accounts - about 1.5 percent of its card customer base - were compromised in the attack, in which hackers infiltrated the online banking platform, Citi Account Online, and viewed customer account numbers and contact information.The plaintiffs, Kristina and Steven Orman of Northport, N.Y., filed the suit on Friday in response to fraudsters allegedly charging their credit cards and stealing money from their bank accounts.
Facebook on Monday began warning users if they are about to visit a malicious URL. As part of a partnership with security firm Websense, each time a user clicks on a link within Facebook, the address will be checked against a database of known malicious sites. If the link matches a known bad site, users will be presented with a page that offers the choice of continuing on, returning to the previous screen or learning why the link was classified as suspicious. Cybercriminals have flocked to sites like Facebook in recent years. A new Ponemon Institute survey of more than 4,000 IT and IT security professionals found that 52 percent have faced an increase in malware as a result of social media.
Well-known researcher Moxie Marlinspike proposed a solution to revamp the current trust-relationship model on the web, essentially turning the power over to the users.
Reactions are running rampant after Comodo revealed it was tricked into issuing rogue digital certificates.
Web hosting providers must, at the very least, quickly respond to reports of customer sites that are infected, according to a new set of best practices from an anti-badware nonprofit.
Conventional wisdom that Mac OS X computers and mobile devices won't be targeted or infected by cybercrooks is about to be disproven.
Mozilla on Thursday issued an updated Firefox web browser to fix 13 vulnerabilities.
Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decadeNovember 15, 2010
As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.
Google on Thursday acknowledged the two-year anniversary of its Chrome browser with a new stable channel version that addresses more than a dozen security vulnerabilities. The flaws may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct spoofing attacks, according to an advisory posted by the US-CERT on Friday. Google, which provides monetary rewards for the disclosure of security bugs, paid out $4,337 in bounties for the vulnerabilities. The Chrome 6.0.472.53 stable channel update is available for Windows, Mac and Linux users. — AM
Sign up to our newsletters
SC Magazine Articles
- State breakdowns: Anthem breach by the numbers
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Report: Majority of health-related websites leak data to third parties
- Researchers investigate link between Axiom spy group, Anthem breach
- Natural Grocers investigating unauthorized access to POS systems
- State breakdowns: Anthem breach by the numbers
- Carbanak APT campaign made off with $1B from banks globally
- NIST requests final comments on ICS security guide
- Disconnect yawns between CISOs, exec leadership, study says
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- Angler EK hijacks domain registrant credentials to create malicious pages
- New SSL/TLS vulnerability, FREAK, puts secure communications at risk
- Tsukuba trojan aimed at Japanese banking customers
- GAO releases report on FAA security lapses, experts remain unconcerned
- Infections caused by prevalent financial trojans dropped 53 percent last year