The Regin espionage and surveillance malware offers attackers advanced capabilities, but a new analysis of two recovered modules finds the components are basic and unveils potential clues to the identity of its creator.
Adobe confirms that a zero-day flaw exists in its Flash browser plug-in and promises to soon release Windows, Mac and Linux fixes for affected versions of Flash Player. The vulnerability is reportedly already being targeted by in-the-wild attacks.
The OpenSSL Heartbleed bug hasn't died, with recent scans still finding 250,000 Internet-connected systems that remain vulnerable. Security experts recommend enterprises expand their patching efforts to find devices with embedded firmware that contain the flaw.
Is Amazon India on the verge of extending its online payments gateway to offline sellers and kiranas? And if so, what are the potential business implications and security risks for Indian organizations?
Following summertime engineering team layoffs, Microsoft has botched two Windows fixes and failed to issue updates to address three Windows flaws that were spotted by Google, which the search giant revealed publicly 90 days after privately notifying Microsoft.
President Obama urged Congress in his State of the Union address to pass legislation to better meet the evolving cyberthreat, but spent very little of the speech explaining its dangers or detailing his cybersecurity legislative agenda.
As the "Make in India" movement makes headlines, what is the state of home-grown information security products in India? Uniken's Sanjay Deshpande discusses how the nation can jump-start security innovation.
Last year, a number of application vulnerabilities led to compromises of many organizations' systems, serving as an important reminder that application security is vital to any breach prevention effort. Here, experts offer four app security tips.
ENISA - the EU agency responsible for bolstering European cybersecurity practices - is calling on Internet infrastructure providers to adopt best practices for combatting routing threats, DNS spoofing and poisoning attacks, as well as DDoS disruptions.
U.S. President Barack Obama's visit to India this month may prove to be the fulcrum for a new era of Indo-U.S. cyber cooperation and collaboration, says Bruce McConnell, senior vice president at the EastWest Institute.
The FBI's attribution of the attack against Sony Pictures Entertainment to North Korea was based, in part, on NSA intelligence gleaned from the agency having infected a significant number of North Korean PCs with malware, a news report says.
President Obama says he sees the need for law enforcement to gain access to terrorists' encrypted data, but stops short of calling for a law to require manufacturers to provide a so-called "backdoor" to break encryption on mobile devices.
An increasing number of cyber-attacks are not being launched by governments - or their intelligence services - but rather by opportunistic mercenaries offering "espionage-as-a-service," according to a new report.
The U.S. and U.K. plan to hold "cyber war games" to help them prepare for defending against online attacks. Meanwhile, hackers have targeted 19,000 French websites with DDoS attacks and defacements since the Paris massacre.
Weeks after confirming its review of a data breach that occurred during a routine regulatory exam, a financial regulatory agency now says it will pay $50,000 to help cover the affected institution's breach-related expenses.