Microsoft has revoked a fraudulent SSL digital certificate issued in the name of its Finnish Windows Live service. But security experts warn that some software may "trust" the certificate for years, so it could be exploited in phishing campaigns.
Experts analyze a news report that the investigation into the hack attack against JPMorgan Chase could result in criminal charges being filed in the "coming months" because investigators believe at least some suspects can be extradited.
More hackers are holding data for ransom, demanding everything from bitcoins to the shutdown of nuclear reactors, under the threat of leaking sensitive information. But it's not clear how many such attacks generate revenue for attackers.
In the wake of the hack of U.S. insurer Anthem, security experts say Indian businesses are also at risk from such attacks, and may already have been breached. Here's how businesses everywhere must respond.
Ransomware attacks are getting more agile, varied and widespread, and are increasingly taking aim at businesses of all sizes in all sectors, rather than consumers. That's why employee education is so critical.
Google has warned Google Apps administrators that their private Whois contact information has been exposed. The leak affects more than 282,000 administrators, and places them at greater risk of ID theft and spam attacks, according to Cisco.
Although breaches affecting U.S. retailers are widely reported, Verizon's new PCI Compliance Report shows increases in the theft of payment card data and other personal information span numerous industries in all international markets.
Parliament's Intelligence and Security Committee has called for a reboot of the regulations that govern Britain's intelligence services, warning that the current approach "is unnecessarily complicated and - crucially - lacks transparency."
Venkatesh Subramaniam, CISO of Idea Cellular, describes how Indian security practitioners should communicate to business leaders about the evolving threat landscape in order to get the funding they need to secure enterprise infrastructure.
Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
Apple has unveiled its long-awaited Apple Watch, which the company will begin shipping in nine countries on April 24. Security experts highlight the use of Bluetooth and Wi-Fi as potential security concerns and discuss other security-related issues.
The U.S. Justice Department has charged three men - two are in custody - for hacks against email service providers - including Epsilon - that allegedly resulted in the theft of 1 billion email addresses, many later used in massive spam campaigns.
In an application-driven economy, security is not just about deploying controls for protection. It's about being a business enabler, says Steve Firestone, general manager of the security business at CA Technologies.