A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
In the history of data breaches, Cloudflare's recent breach was strikingly unique, in that a software bug caused a random regurgitation of data from server memory. But a postmortem from CEO Matthew Prince should put most people's concerns to rest.
Hackers gained unauthorized access to information on the website of India's Ministry of Home Affairs on February 12, prompting authorities to temporarily block it. But is the government well-equipped to prevent other such attacks?
At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
Just like epidemiologists studying disease outbreaks, cybersecurity professionals can benefit from identifying and mitigating certain behaviors, says Dr. Elizabeth Lawler, an epidemiologist who is CEO of Conjur, a data security firm.
When Army intelligence specialist Chelsea Manning leaked classified documents to WikiLeaks in 2010, the federal government's security clearance process served as the main defense against malicious insiders. CERT's Randy Trzeciak explains how insider threat defenses have changed since then.
Facebook is aiming to make account recovery and password resets more secure with a new, updated approach that eliminates outdated weaknesses such as emailed reset links, SMS messages and security questions.
Hackers have apparently hijacked potentially thousands of vulnerable MongoDB databases and demanded ransoms for the return of critical data, with some victims paying up, according to security researchers.
The lack of a smoking gun - absolute certainty - has some security experts not entirely convinced that the Russians or their backers hacked Democratic Party computers in an attempt to sway the U.S. presidential election.
Coming soon to an internet service provider near you: routers infected by IoT device botnet-building malware such as Mirai. The latest victim is ISP TalkTalk, which is updating routers to block DDoS attackers who have been seizing control of the devices.
Representatives of government and various business sectors discussed actionable steps to create a cyber-secure environment at Information Security Media Group's recent GovInfoSec Summit Asia 2016 in New Delhi.
Acknowledging the urgent IT security challenges the nation faces, a cybersecurity commission named by President Barack Obama encourages the incoming administration to adopt some of its recommendations in the first 100 days of Donald Trump's presidency.