Attackers could abuse flaws in Android's Stagefright media library to seize control of almost 950 million devices, just by sending a text, a security researcher warns. But will most devices ever see related fixes?
An NSA map that shows nearly 700 cyber-assaults on computers at American military installations, government agencies, businesses and educational institutions raises the question of whether the e-spy agency should have shared some of that information.
Post-OPM breach legislation aimed to toughen cybersecurity at federal government civilian agencies by requiring the implementation of state-of-the-art tools has passed the Senate Homeland Security and Governmental Affairs Committee.
New draft guidance from the National Institute of Standards and Technology instructs healthcare providers on critical steps for securing patient data on mobile devices. Nate Lesser, who helped prepare the report, offers an analysis.
Privacy advocate Deborah Peel, M.D., is worried that several ongoing healthcare sector initiatives could potentially erode patient privacy and individuals' control over their health records. Find out about her latest concerns.
Will the Office of Personnel Management's breaches, which exposed the personal information of more than 22 million individuals, make it more or less likely that Congress will enact cybersecurity legislation, including a cyberthreat information sharing bill?
Security expert Alan Woodward is warning that enterprises should ditch RC4 after researchers demonstrated practical attacks that demolish the crypto that's widely used in enterprise WiFi devices and for TLS.
Put your personal feelings aside; what's dangerous about the AshleyMadison.com breach is that ideologists will now go beyond taking down an IT system and actually destroy a business. This evolution, says cybersecurity expert Carl Herberger, requires a new way to assess and mitigate risk.
The U.S. Department of Justice has charged three men in a fraud scheme reportedly tied to hacks of JPMorgan Chase. Separately, two men are charged with running an unlicensed online bitcoin exchange used by Russian criminals.
Raimund Genes' keynote at RSA Conference Asia Pacific & Japan is an appeal to the information security community to start putting security in perspective, emphasizing new approaches that address the changing threat landscape.
The FTC says LifeLock has violated a 2010 settlement by continuing to make deceptive claims about its identity theft protection services. After the FTC made the announcement on July 21, Lifelock's stock value plummeted.
The string of hacker attacks in the healthcare sector, including the UCLA Health breach, calls attention to the urgent need for organizations to step up their security programs, John Halamka, CIO at Beth Israel Deaconess Medical Center, and other security experts say.