Data Protection

Data Protection news, analysis, research, how-to, opinion, and video.

pos machine
data breach thinkstock

SuperValu grocery store

Second cyberattack hits SuperValu grocery stores' payment systems

The Minnesota-based supermarket chain says technology installed after the first attack greatly reduced the severity of the second

shellshocked3

Shellshock attackers targeting NAS devices

Researchers have discovered hackers trying to exploit the Shellshock Bash vulnerability to compromise network attached storage devices in universities in the U.S., Japan and Korea.

Threat Intelligence firm mistakes research for nation-state attack

A Bloomberg story, backed by data collected by threat intelligence firm, ThreatStream, mistakenly identified scans by a security researcher as a nation-state attack. According to the data, Chattanooga, TN is second only to Beijing in...

Crowdsourcing

FBI opens malware tool to public as part of radical crowdsourcing plan

Public Malware Investigator portal nears launch

5 horror movies that scare security pros

Image by DreamworksHere are five iconic movies whose plot lines might be adapted to strike fear into the heart of today's tech professionals. The horror movie genre has given us some great classics through the years, but for IT...

Hong Kong protest

Malware program targets Hong Kong protesters using Apple devices

The program is related to an Android one that seeks to spy on activists, Lacoon Mobile Security said

482251631

Attacks against Shellshock continue as updated patches hit the Web

Over the weekend, attackers used the recently disclosed Shellshock vulnerability in a number of schemes, while developers at some of the world's largest technology firms worked to release updated patches.

Apple store fifth avenue NYC

Apple's Shellshock patch is incomplete experts say

On Monday, Apple released three patches to address two vulnerabilities in GNU Bash, commonly referred to as Shellshock. Experts who have tested the various known attack surfaces say that Apple's patch doesn't fix everything.

piggy bank

Likes of Apple Pay may make smaller banks more vulnerable

Many banks with less than $50 billion face a problem that payment systems like Apple Pay will make even more attractive to exploit. By altering electronic-transfer files criminals can redirect funds to accounts they control and make...

Maricopa County Community College District

EPIC seeks enforcement action over Arizona data breaches

The Maricopa County Community College District lost more than 2.5 million records in two data breaches

White Apple logo on storefront

Apple publishes patch for Shellshock vulnerability

On Monday, Apple released three patches to address vulnerabilities in GNU Bash, commonly known as Shellshock, that if exploited could allow an attacker to execute commands on the targeted host.

shellshocked bash bug

Six key defenses against Shellshock attacks

The number of attempts by hackers to compromise computers through the Shellshock vulnerability is rising, but companies have options for defending against attackers.

Number 2 on my top 10 list for security executives: Reform

There are a number of reforms that can be used to act as a carrot instead of a stick. Reform need not be regulatory mandates that are operationalized as reports used for placating auditors. Examples of ways the federal government can...

pgpencryption primary

CloudFlare aims to simplify SSL encryption with free service

Having encryption is critical to advancing a more secure future of the Internet, according to CloudFlare

data breach thinkstock

Data breaches rise as cybercriminals continue to outwit IT

Security breaches rise again this year, costing an average of $415,000, as security pros fail to keep pace with cybercrime innovation.

nsa

Exclusive: Inside the NSA’s private cloud

National Security Agency is building its private cloud on commodity hardware, opens source software.

Two scenarios that would make OS X vulnerable to the Shellshock bug

Intego has seen some proof-of-concept exploits for OS X using Bash

derbycon logo

Salted Hash: Live from DerbyCon (Update 2)

Salted Hash is on the road this weekend, taking in the sights and sounds of DerbyCon 4.0. This is the second update form the show, with additional bits of information on Shellshock, the vulnerability that's become all the rage here in...

Load More