Skip the navigation

Security Topic Center

Get the latest news and in-depth analysis about IT security, including information about viruses and other malware, security patches, data protection and more

Security News

Attackers can easily create dangerous file-encrypting malware, new threat suggests

A new program that encrypts files to extort money from users highlights that attackers don't need advanced programming skills to create dangerous and effective ransomware threats, especially when strong encryption technology is freely available.
Read more...

Microsoft ordered to turn over customer data stored in the cloud

Microsoft has been ordered to comply with a U.S. government demand for a customer's emails stored on a company server in Dublin, Ireland.

Microsoft's EMET 5.0 puts a security leash on plugins

The latest release of a Microsoft security tool that's designed to stop exploits lets administrators control when third-party plugins are launched, a long favored route for attackers.

Some are twisting the facts in requests to be forgotten, Google says

Some of those seeking to scrub their histories from the Web under Europe's "right to be forgotten" rule are being economical with the truth when making their requests, Google said Thursday.

Thumb drives can be reprogrammed to infect computers

Most USB devices have a fundamental security weakness that can be exploited to infect computers with malware in a way that cannot easily be prevented or detected, security researchers found.

Attackers exploit remote access tools to compromise retail systems

Malicious hackers are using remote access tools to break into retail point-of-sale systems and plant malware on them, the Department of Homeland Security warned.

The CIA improperly accessed Senate computers

An internal CIA investigation has determined its employees improperly accessed computers used by the Senate Intelligence Committee while it was working on a report about the agency's post-9/11 detention and interrogation program, according to a report by McClatchy.

CISOs still struggle for respect from peers

Chief information security officers (CISOs) continue to have a hard time gaining the respect of other C-suite executives despite the heightened focus overall on information security.

IBM buys access control and identity management firm CrossIdeas

IBM has added to its security software portfolio with the purchase of Italian access control and identity management firm CrossIdeas for an undisclosed sum, the companies said Thursday.

In a hyper-social world, some seek a little privacy

After years of cajoling their users into sharing every thought, emotion and selfie, online firms are seeing that providing more private online spaces might also be profitable.

Security In Depth

Security Manager's Journal: A ransomware flop, thanks to security awareness

Only one person clicks on a bad link, and she had all her files properly backed up. Maybe employees aren't a security manager's nightmare after all.

Mobile management: Making sense of your options

There are known, proven approaches to reduce those risks without disabling the benefit of consumerization

How to Protect Personal, Corporate Information When You Travel

Before flying from Rome to Philadelphia earlier this summer, I stopped in the hotel lobby to print my boarding pass. The hotel had one computer dedicated solely to this task. It was the only public computer available to guests. I could access only airline websites and input my name and confirmation number for the ticket. That was it.

Mobile security: A mother lode of new tools

A gold rush of next-gen authentication technologies yields biometric systems, ID bracelets, new standards and more. Insider (registration required)

11 signs you've been hacked -- and how to fight back

Redirected Net searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned

BYOD morphs from lockdown to true mobility

Four companies that have been at BYOD for a while talk about how their programs have changed with the times. One key takeaway: Don't expect to save bundles of money. Insider (registration required)

No money, no problem: Building a security awareness program on a shoestring budget

Implementing a security awareness program seems rather straightforward, until you actually start to implement one - factoring in things like resources and the people (users) to be trained. At that point, it can seem complicated, costly, and unnecessary. However, the process doesn't have to be a logistical and expensive nightmare, and it's certainly worth it in the long run.

Developing a smart approach to SMAC security

Few security executives at global enterprises--or even at smaller organizations--have not had to deal with issues related to social media, mobile technology, big data/analytics, or cloud computing.

Kenneth van Wyk: We can't just blame users

Yes, users sometimes do stupid things. Some always will. But developers need to do more to save users from themselves.

Boost your security training with gamification -- really!

Getting employees to take security seriously can be a game that everyone wins.

Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!