You made this mess, now you'll clean it up. That's the security message of the Federal Trade Commission's settlement with Oracle over its failure to update or eliminate older, insecure - and actively targeted - versions of Java.
Twitter has issued its first-ever alerts to some users that they may have been "targeted by state-sponsored actors." Some cryptographers, software developers and security experts say they have received the alerts.
Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
Dell is moving to patch a customer-support application preinstalled on many laptops and PCs after security researchers found that it installs a root certificate that could be abused by attackers to intercept private data.
As the unfolding investigation into the Paris attacks shows, just sharing threat-related data - without adding the crucial context that turns it into actionable intelligence - won't help organizations block attacks.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
Distributed-denial-of-service attacks on banks are more powerful than ever, but we hear less about them than we did three years ago. How have attackers changed their tactics, and why should we be even more concerned about their strikes?
The National Institute of Standards and Technology has issued a Guide to Application Whitelisting that provides step-by-step instructions on deploying automated application whitelisting to help prevent malware from accessing IT systems.
Two recent breaches that exposed information about mental health patients point to the need for providers to take extra precautions to protect the most sensitive health information.
Bob Carr, CEO of Heartland Payment Systems, contends that not enough progress has been made in improving payments security in the seven years since the processor experienced a massive breach. Find out why he argues that retailers and processors still have much more to do.
The size of the information security analyst workforce in the United States rose by nearly 20 percent in the past year, according to an Information Security Media Group analysis of U.S. Bureau of Labor Statistics data.
ATM fraud losses are increasing globally, and we can expect to see this trend continue as the U.S. ramps up its migration to EMV at the point of sale. Unattended terminals are easy to compromise, and they will always be among fraudsters' favorite targets.
Convenience store operators say they aren't going to be fully EMV compliant anytime soon - and it's not their fault. Learn what else they had to say about their security challenges at this week's NACS Show 2015 in Las Vegas.
Apple is moving to contain an outbreak of malicious apps being distributed via its official App Store that were infected with XcodeGhost malware. Hundreds of apps and millions of users were reportedly infected.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.