Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
The U.S. government could be a year away from allowing citizens to use the same authentication credentials to get services from multiple departments and agencies, says Jeremy Grant, who oversees the National Strategy for Trusted Identities in Cyberspace.
The White House cybersecurity coordinator says his comment about his lack of tech expertise being an asset, widely criticized in the blogosphere, was an awkward attempt to express his view that a wide range of skills are needed in the cybersecurity field.
JPMorgan Chase CEO Jamie Dimon said Oct. 10 that he expects Chase's annual computer security budget to double from $250 million to $500 million over the next five years in the wake of its massive data breach.
Alleged Russian hacker Roman Valerevich Seleznev, arrested earlier this year, is facing 11 additional charges tied to the theft of credit card information for later sale on underground "carding" websites.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Cybersecurity Coordinator Michael Daniel says much of the Obama administration's efforts will involve getting whatever IT security policy passed on whatever vehicle is available as long as the measure is acceptable to the White House.