Skip the navigation

Security Topic Center

Get the latest news and in-depth analysis about IT security, including information about viruses and other malware, security patches, data protection and more

Security News

BlackBerry plans to focus on security for the enterprise

Now that BlackBerry has fallen significantly behind Apple and Google in the race to offer features and third-party apps for its smartphones, the company is concentrating on providing devices that, it claims, have the strongest available security -- the killer feature for the enterprise.
Read more...

Senator pushes new version of bill to limit NSA phone records collection

U.S. Senator Patrick Leahy has introduced a new version of a bill to rein in the National Security Agency's bulk collection of U.S. phone records in an effort to strengthen legislation that passed the House of Representatives this year.

Privacy groups call for Facebook to halt off site user tracking plans

U.S. and EU privacy and consumer groups called on privacy regulators to stop Facebook's plans to gather the Internet browsing patterns of its users while they visit other sites.

Using Instagram on public Wi-Fi risks account hijack

A configuration problem in Facebook's popular Instagram application for Apple devices could allow a hacker to hijack a person's account if they're both on the same public Wi-Fi network.

Attackers install DDoS bots on Amazon cloud, exploit Elasticsearch weakness

Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers.

Until the Tails privacy tool is patched, here's how to stay safe

Vulnerabilities in the Tails operating system could reveal your IP address, but you can avoid trouble by taking a couple of precautions.

Russian gov't is willing to pay for a way to ID Tor users

The Russian Ministry of Interior is willing to pay 3.9 million roubles, or around $111,000, for a method to identify users on the Tor network.

Bugcrowd guide aims to smooth the way for reporting software flaws

Handling a software flaw can be messy, both for a security researcher who found it and for the company it affects. But a new set of guidelines aims to make that interaction less mysterious and confrontational.

Security must evolve to be 'all about the data'

There is a fierce debate about whether GMOs -- genetically modified organisms -- with built-in resistance to pests, fungus, drought and other agricultural threats, are a good thing when it comes to our food supply.

Thousands of sites compromised by WordPress plug-in flaw

A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.

Security In Depth

How to Protect Personal, Corporate Information When You Travel

Before flying from Rome to Philadelphia earlier this summer, I stopped in the hotel lobby to print my boarding pass. The hotel had one computer dedicated solely to this task. It was the only public computer available to guests. I could access only airline websites and input my name and confirmation number for the ticket. That was it.

Mobile security: A mother lode of new tools

A gold rush of next-gen authentication technologies yields biometric systems, ID bracelets, new standards and more. Insider (registration required)

11 signs you've been hacked -- and how to fight back

Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned

BYOD morphs from lockdown to true mobility

Four companies that have been at BYOD for a while talk about how their programs have changed with the times. One key takeaway: Don't expect to save bundles of money. Insider (registration required)

No money, no problem: Building a security awareness program on a shoestring budget

Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.

Developing a smart approach to SMAC security

Few security executives at global enterprises--or even at smaller organizations--have not had to deal with issues related to social media, mobile technology, big data/analytics, or cloud computing.

Kenneth van Wyk: We can't just blame users

Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.

Boost your security training with gamification -- really!

Getting employees to take security seriously can be a game that everyone wins.

Wearables: Are we handing more tools to Big Brother?

Most of us would love a break on our health insurance. We would generally appreciate the convenience of seeing ads for things we're actually interested in buying, instead of irrelevant "clutter." A lot of us would like someone, or something, else keeping track of how effective our workouts are.

Revamping your insider threat program

Companies including MITRE are looking at privileged access and how to better lock it down -- without stopping employees from doing their jobs.

Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!