Two key Senators are circulating a draft of cybersecurity legislation designed to promote the sharing of cyberthreat information by offering liability protection. The bipartisan measure is in the early stages of review.
Faced with a vulnerability that exposes Microsoft's Internet Explorer Web browser to a zero-day exploit involved in recent targeted attacks, CISOs need to take prompt action, security specialists say. Learn the steps they recommend.
Following news of a serious zero-day exploit impacting several versions of Internet Explorer, the Department of Homeland Security is urging the use of other Web browsers until the issue has been remediated.
Following a data breach, sensitive information, including credit card data, is often sold through the underground economy. Security experts discuss why it's so difficult to shut down online criminal forums.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
As news of the Heartbleed bug continues to spread, government agencies in the U.S. and Canada are issuing statements on the vulnerability. Find out the latest on this threat and what thought-leaders are saying.
Analysts say it's easy to believe the Neiman Marcus data breach may be tied to attacks on Heartland Payments Systems Inc. and other entities. But tracking the crimes is one thing; prosecuting is quite another.
Security experts agree that the newly-discovered Heartbleed bug is a serious threat, but what are the specific risks, and how can they be mitigated? Thought-leaders offer insights and practical advice.
Security forums and experts are buzzing about the newly discovered Heartbleed bug, which allows anyone on the Internet to read the memory of systems protected by vulnerable versions of OpenSSL software.