Giving the fired Sanders aide the benefit of the doubt that he wasn't trying to steal Clinton campaign secrets to benefit the Vermont senator's quest for the White House, was Josh Uretsky justified in accessing the rival's data to conduct his own investigation?
You made this mess, now you'll clean it up. That's the security message of the Federal Trade Commission's settlement with Oracle over its failure to update or eliminate older, insecure - and actively targeted - versions of Java.
What's it like to be a CIO or CISO at an enterprise where everyone is a security expert? What are some of the unique challenges and advantages? Blue Coat Systems CIO Chris Birrell shares his experiences in this role.
President Obama has signed legislation to incentivize businesses to share cyber threat information with the federal government. On Dec. 18, both houses of Congress passed the measure as part of a $1.1 trillion spending package.
Cybersecurity is becoming an issue in the U.S. presidential campaign, finally. That's good news because it's critical in our day-to-day lives. But are the candidates doing the issue justice in the way they address it?
The FBI has arrested three men on charges that they participated in a hacking and identity theft scheme designed to fuel spam campaigns, including the insider-enabled theft of account details for 24.5 million Comcast customers.
To guard against health data breaches, healthcare organizations must demand more proof that their business associates are safeguarding patient data and mitigating related risks, says privacy and security expert Daniel Schroeder.
Police in Britain have arrested a 21-year-old man on suspicion of "hacking offenses" related to the breach of Hong Kong toymaker VTech. Separately, the CEO of hacked London telco TalkTalk testified about her organization's security before Parliament.
A security researcher warns he was able to find online "sensitive account details" for 13 million users of MacKeeper. The software was the focus of a recently settled class-action lawsuit - alleging deceptive advertising and false claims.
As the cyberthreats facing the healthcare sector grow ever more sophisticated, CIO John Halamka, M.D., says organizations must launch aggressive security initiatives, including investing in analytics to improve breach detection, plus two other critical steps.
GOP presidential hopeful Carly Fiorina proposes standing up a centralized cyber command that would be responsible for all aspects of government IT security response. But such a plan could face resistance in Congress if it gives the military authority over federal civilian cybersecurity.
Security experts are warning that Internet-connected devices - including toys - should be treated as insecure and untrusted until proven otherwise. Have our collective information security shortcomings ever been more seasonally appropriate - or scarier?
New details emerging about a breach involving a former Morgan Stanley employee illustrate how a case of inappropriate access to data can blossom into something much more serious. The case shines a spotlight on the urgent need to mitigate insider threats.
A former member of the NullCrew hacking group has pleaded guilty to participating in attacks against several organizations, including Bell Canada, Comcast and the U.K.'s Ministry of Defense, which the gang claimed to have exploited via SQL injection flaws.
Wyndham Worldwide Corp. has agreed to a settlement with the FTC over charges stemming from the hotel chain's three security breaches in 2008 and 2009 that exposed 619,000 payment cards and other personal information.