rsa conf 2015
hackers

isis fighter

ISIS online strategies and recruiting techniques

Ira Winkler and Araceli Treu Gomes investigate ISIS’ online activities and recruiting techniques.

water control system

Attacks against industrial control systems double

Attacks against industrial control systems doubled last year, according to a new report from Dell. In particular, attacks specifically targeting SCADA industrial control systems rose 100 percent in 2014 compared to the previous year....

red white blue whistles

Whistleblowers at risk when using US government websites

More than two dozen U.S. government websites should be urgently upgraded to use encryption, as whistleblowers are potentially at risk, according to the American Civil Liberties Union.

envelope cash

Cyber extortion: A growth industry

Cyber criminals have figured out a way to turn small money into big money: Encrypt the files of their victims, demand an affordable ransom of a few hundred dollars for the key, and watch the money pour in.

sony pictures sign

Wikileaks publishes hacked Sony emails, documents

Wikileaks has published a searchable database of thousands of emails and documents from Sony Pictures Entertainment that were leaked in late 2014 after the studio was attacked by hackers.

video

The Irari Report: ISIS online recruiting techniques

Ira Winkler and Araceli Treu Gomes speak with Jeff Bardin from Treadstone71 about ISIS’ online activities and recruiting techniques.

point of sale terminal

New malware program Punkey targets point-of-sale systems

All signs point to an increase in the number of memory scraping malware programs infecting PoS terminals to steal payment card data

primary security

Security pros name their must-have tools

Trusted IT security gear fights bots, protects data, and monitors systems for suspicious behaviors.

alligator camoflauge

Banking malware using a variety of tricks to evade detection

A new report from the Arbor Security Engineering and Response Team sheds light on how the sophisticated banking malware known as Neverquest or Vawtrak is able to evade detection, by using encryption, anonymous routers, and even...

100 dollar bills

Dropbox to pay security researchers for bugs

Dropbox said Wednesday it will pay rewards to independent researchers who find software flaws in its applications, joining a growing list companies who see merit in crowdsourcing parts of their security testing.

green paper plane

AirDroid app fixes severe authentication vulnerability

AirDroid, a popular management tool for Android devices, has fixed a severe authentication software flaw in its Web interface that could give a hacker complete control over a mobile phone.

security cruiser

Why 'designed for security' is a dubious designation

Recent events suggest that pushing enhanced privacy- and security wares brings risks with few rewards

judges scorecard

How to get CVSS right

CVSS is a good system in which to develop your vulnerability management program. But Ben Rothke argues that unless you customize it, you will always be basing your program off of other people's vulnerabilities.

vulnerability

HackerOne research examines market dynamics of zero day vulnerabilities

Katie Moussouris teamed up with MIT and Harvard researchers to explore the financial incentives and market dynamics that drive vulnerability disclosure.

machine learning robot touch screen

Report: Internet of Evil Things is your next nightmare

While the number of actively Evil Things is still small, the vast majority of enterprises are home to Things that have the potential to turn evil at any moment, according to a new report from Boston-based security firm Pwnie Express.

patch bandage band-aid first-aid ouch cure remedy

Microsoft Patch Tuesday: The patches just keep coming

Microsoft's latest round of patches covers Internet Explorer, Windows, Office and other Microsoft products

hacked hacker breach security

Web app attacks, PoS intrusions and cyberespionage leading causes of data breaches

Phishing attacks continue to be effective, but mobile threats are not a big concern, according to a Verizon report

vulnerability

Windows vulnerability can compromise credentials

An old flaw in Windows can still be exploited, according to Cylance

Load More