Skip the navigation

Security Topic Center

Get the latest news and in-depth analysis about IT security, including information about viruses and other malware, security patches, data protection and more

Security News

International police operation disrupts Shylock banking Trojan

Police from eight countries together with several private security companies disrupted the online infrastructure used by cybercriminals to control computers infected with a malware program called Shylock.
Read more...

U.S. lawmaker seeks FTC probe of Facebook 'big data' experiment

A U.S. senator has asked the Federal Trade Commission to scrutinize the use of big data by Facebook and other Internet companies, following a controversy over a Facebook experiment on some of its users.

Microsoft settles with No-IP after seizing its domains in botnet hunt

Microsoft has reached a settlement with domain provider No-IP to disable some of its domains, after taking control of part of its network to shut down a botnet.

New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on

The Department of Homeland Security mistakenly released details on an experiment in which a 27-ton generator was destroyed via a cyberattack.

Could you quit Facebook for 99 days?

What would you do with your time if you gave up Facebook for 99 days?

Botnet aims brute-force attacks at point-of-sale systems

Thousands of compromised computers are actively trying to break into point-of-sale (POS) systems using brute-force techniques to guess remote administration credentials.

Russian Windows leaker denies link to ex-Microsoft worker who stole trade secrets

Notorious Russian leaker Wzor denied any link between the publication of internal Microsoft info and a former employee who stole trade secrets.

Snowden applies for extended asylum in Russia

U.S. National Security Agency whistleblower Edward Snowden has applied for extended asylum in Russia, according to news reports.

Senate Intelligence Committee okays cybersecurity bill

The U.S. Senate Intelligence Committee approved Tuesday a cybersecurity bill that would pave the way for sharing of information between government and the private sector on security threats.

Facebook kills Lecpetex botnet, which hit 250K computers

Security In Depth

Security Manager's Journal: Trapped: Building access controls go kablooey

Doors just stop working when one old PC in a storage closet dies.

Facebook is a school yard bully that's going down

Facebook has grown and evolved in recent years. In addition to connecting people online, it bombards users with unnecessary ads and useless sponsored stories. And it runs experiments on its users. Columnist Alex Burinskiy is not amused.

Evan Schuman: What if you can't trust your inbox?

Goldman Sachs is taking Google to court to force the cloud vendor to delete an email accidentally sent to a Gmail user. The consequences of a ruling for Goldman would be devastating.

Inside the Changing Role of the CISO

With a number of high-profile security breaches making headlines of late, organizations are increasingly realizing they must beef up their security teams or risk catastrophe. Matt Comyns, global co-head of the Cybersecurity practice at Russell Reynolds Associates, an executive leadership and search firm, sat down with CIO.com to discuss the changing role of the Chief Information Security Officer (CISO), the global cybersecurity landscape and why finding and retaining elite security talent is critical.

How to achieve better third-party security: Let us count the ways

No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties -- outside vendors, contractors, affiliates, partners and others.

How to protect yourself against privileged user abuse

The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE). This type of malicious behavior by "privileged users" who have been given broad access to the company's computer assets has captured the attention of CIOs across the country.

Ron Miller: A curmudgeonly view of Yo

Yo is a flash in the pan of an app that lets you say 'Yo' to your followers. That's it. Is it curmudgeonly to wonder how that could draw $1.2 million in funding?

Early user of VMware NSX net virtualization tool extols fine grain controls

Canadian airline company WestJet is one of the earliest customers of VMware's NSX network virtualization tools, which initially reached for the tech to address a security issue. Network World Editor in Chief John Dix recently sat down with WestJet technologist Richard Sillito to learn what the company is learning about network virtualization and its broader NSX plans.

Securing the virtual world

Catbird Networks Director of Product Management, Malcolm Reike, talks about how virtualization changes the security game with Network World Editor in Chief John Dix.

A security awareness success story

The problem with Security Awareness programs is that it is hard to prove their successes. As with all security countermeasures, success is usually that nothing happens. Ideally, success also means that there is a report of the attempted attack, however that is rarely the case. With technical countermeasures however, logs are usually maintained that allow people to point to all of the prevented attacks.

Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!