An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
The British government rewrote the country's computer abuse law in March to shield law enforcement and intelligence agencies from being prosecuted for hacking. The move, which just came to light, appears to have been driven by a legal claim.
Fraudsters have been hacking into and draining Starbucks accounts, customers report. Security experts say attackers appear to be guessing weak account passwords, then using funds to fill up gift cards destined for the black market.
A judge's decision to allow MasterCard's settlement with Target to stand isn't likely to be appealed and could discourage banking institutions, some experts say, from continuing to pursue a breach-related class-action lawsuit they filed against the retailer.
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Britain's Tory party has secured a majority in Parliament, which means the country will soon see a new legislative agenda. Here are some of the information security, privacy and surveillance initiatives to expect in the coming months.
A federal appellate court decision that the National Security Agency's bulk data collection program is illegal could have sweeping ramifications beyond derailing the initiative to amass the metadata of Americans' telephone calls.
A federal appeals court has ruled that the National Security Agency's collection of metadata of Americans' telephone calls is not authorized by the Patriot Act. What impact with the decision have on the Congressional debate about NSA practices?
Lenovo issues an emergency patch to fix flaws in the System Update software that it preinstalls on business-focused Windows PCs after security researchers discover vulnerabilities that could be used to remotely compromise machines.
It's unlikely that the same hackers that hit Sally Beauty in 2014 struck the company a second time this year, several threat intelligence experts say. Find out the latest theories about what may have led to the apparent second breach of the retailer.
With the upcoming release of Windows 10, Microsoft plans to inaugurate 24/7, cloud-based patching, among other new security features. Businesses can tap the anytime patches or define their own patch-release schedules.