Security experts urge organizations to disable support for SSL on clients and servers because of flaws in the cryptographic protocol that could be used to impersonate website users and decrypt HTTPS traffic.
Knowing how to manipulate a hacker's cultural values could help thwart - or at least slow down - cyber-attacks, says Garet Moravec, a cybersecurity expert who'll speak at ISMG's Global APT Defense Summit on Oct. 22.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.
The Department of Health and Human Services has appointed Lucia Savage, an attorney at insurer United Healthcare, as the new chief privacy officer of the Office of the National Coordinator for Health IT.
Exploiting a vulnerability in Microsoft Office, a group of hackers believed to be Russians breached computers operated by the Ukrainian government during September's NATO summit, according to iSight Partners.
The Food and Drug Administration's Suzanne Schwartz, M.D., is on a mission to debunk the myth that medical device manufacturers need FDA approval for software updates or patches to address potential vulnerabilities.
In this post-Target era of "It's not a matter of if, but when," how prepared is your organization for a data breach? Michael Buratowski of General Dynamics Fidelis Cybersecurity Solutions offers tips for breach planning and response.
The White House cybersecurity coordinator says his comment about his lack of tech expertise being an asset, widely criticized in the blogosphere, was an awkward attempt to express his view that a wide range of skills are needed in the cybersecurity field.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Cybersecurity Coordinator Michael Daniel says much of the Obama administration's efforts will involve getting whatever IT security policy passed on whatever vehicle is available as long as the measure is acceptable to the White House.
Information security vendor Symantec announced Oct. 9 that it will spin off its information management business into a separate publicly traded company. Find out the details.
Citigroup, E*Trade, Regions Financial, Fidelity Investments, HSBC, Bank of the West and ADP are now believed to have been probed by the same hackers that targeted Chase, according to news reports. But so far, none of those firms believes data was compromised.
As the IT security workforce reaches a record high in the United States, what does that workforce look like? It remains overwhelmingly white and male. Here's an explanation of the latest employment statistics.
Nearly two weeks since news of Shellshock broke, attacks that are taking advantage of the Bash vulnerabilities are grabbing headlines. But Michael Smith of Akamai warns that the battle against hackers capitalizing on Shellshock could go on for years.
Twitter is suing the federal government, seeking to pave the way to publish its transparency report that documents the government's requests for user information.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.