Application Programming Interfaces have security vulnerabilities that pose significant business risk. CA's Vic Mankotia cautions security leaders about how they manage APIs to secure digital identities.
The Internal Revenue Service says cyber thieves may have accessed as many as 334,000 taxpayer accounts in a breach of its Get Transcript system, far more than the 114,000 accounts it originally estimated in May.
Get over it. The OPM breach and the pilfering of top U.S. government officials' private emails, presumably by the Chinese government, are acceptable forms of spying. All nations with the technical means do it.
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
In a security landscape where the frenetic pace of technology has changed paradigms in ways organizations are struggling to cope with, Blue Coat's Hugh Thompson advises adopting a 'Degrees of Freedom' approach.
In the wake of the APT30 report's revelations, FireEye's Ranndeep Chonker talks about the Indian government's approach to information security and its primary challenges in dealing with APT types of attacks.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
The APT gang known as Darkhotel quickly tapped a Hacking Team exploit for Flash, Kaspersky Lab reports. But the gang's ongoing trickery shows that organizations must do more than just patch against the latest threats.
The U.S. Department of Justice has announced charges against nine people suspected of running an international insider-trading and hacking scheme predicated on stealing confidential press releases before publication.
As a report surfaced that Chinese spies read the private emails of top Obama administration officials, the Pentagon revealed it had restored the unclassified email network used by the Joint Chiefs of Staff, brought down two weeks ago following a purported Russian breach.
Given that hacking is an everyday threat to most organizations, reliable security depends on understanding the exposure, weaknesses and threats that could lead to a breach in the defences, says PWC's Wouter Veugelen.
What does an organization do when it cannot afford to fund a full-time C-level security leader? Enter the virtual CISO, a growing service offering in India. Experts discuss the business value and benefits.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.