Security news, trends, analysis and practical advice

nsa sign
airport backup intro

hourglass time sands

The one-minute security manager

Many organizations today do not feel that they can afford to have a dedicated information security manager or analyst. If not just ignored, this responsibility often falls to an existing staff member with other responsibilities. ...

evans cyber 480578561

Which industries best safeguard your personal information? Security perceptions vs. reality

When it comes to your personal information, which industries do you trust most, or least, with your data? How do some of the recent, highly publicized breaches affect your opinion in terms of which industries are most vulnerable, and...

Agencies need to pay more attention to supply chain security

Government agencies seeking the lowest bidders typically overlook cybersecurity when awarding contracts, and data breaches are the result.

Extreme Hacks to Be Paranoid About

10 terrifying extreme hacks

Truly innovative or thought-provoking hacks are few and far between, but these extreme hacks have earned the grudging respect of security experts.

sec vulnerability lock bolt

US personnel agency takes system offline after security flaw detected

Problems for the U.S. Office of Personnel Management aren't letting up. The government agency said Monday it had suspended a system used for background checks after a security flaw was discovered in the Web-based app.

vultures waiting 620x465

IoT is the password killer we've been waiting for

IoT, with its tiny screens and headless devices, will drive an authentication revolution. It's a short leap from the kind of two-factor authentication used on the Apple Watch to proximity-based authentication that does away with any...


6 reasons why there will be another OPM-style hack

Congress might fume about the security failures, but the truth is that it’s part of the problem.

file folders

OPM: The worst hack of all time

The federal government personnel security breach is bigger and worse than you can imagine.


Cybercriminals adopt just-patched zero-day Flash exploit

It only took four days for a recently patched vulnerability in Flash Player to show up in large-scale attacks.

pirate skull crossbones

Malwarebytes offers pirates amnesty, free license keys for premium MBAM product

If you used a keygen or crack to activate a license for Malwarebytes Anti-Malware premium product protection, then hurry up and jump on Malwarebytes Amnesty program to get a legit key for MBAM premium as it's only being offered for a...

lock security breakthrough

Review: New approaches to endpoint security

In our recent roundup of anti-virus programs, we discovered several new techniques being employed by anti-virus companies to make PCs safer against advanced threats.

delicious food

Is facial recognition a threat on Facebook and Google?

Photo recognition is so good on Facebook and Google that they don't even need to see your face to ID you. Now what?


New e-commerce model: Where everybody knows your name — and everything else about you

Some former Amazon managers are fine-tuning an app that, in effect, becomes shoppers' personal CRM profiles. Today, shoppers interact with specific retail sites and, maybe, develop a profile with that retailer. But every time that...

computer security stock image

Samsung to stop Windows Update shenanigans

Samsung will stop disabling Windows Update on its PCs and tablets, bowing to complaints that it had interfered with the way users intended the patch service to work.


Software developers aren't implementing encryption correctly

Despite a big push to use encryption to fight security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures.

attachments paperclip

Macros big again with cybercriminals

Up to a year ago, most phishing emails were all about tricking users into clicking on malicious links that led to malware downloads. Starting last fall, however, the use of attachments increased eight-fold, and that increase has...

Hacking stealing password data

Magento e-commerce platform targeted with sneaky code

The attack code, inserted into Magento, neatly lifts payment card details, according to Sucuri

network security diagram 42 25789247

Cisco warns of default SSH keys shipped in three products

Cisco Systems released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.

Load More