Senator Ron Wyden (D-Ore.) on Tuesday asked the chief information officer at the U.S. Department of Defense (DoD) to take immediate action to ensure that the organization’s websites use HTTPS. The senator noted that some of the DoD’s websites, such as the ones belonging to the NSA, the Army, and the Air Force, do use…

The Target breach in 2013 may not be the biggest retail breach in history, but for many retailers, it was their watershed moment. Point-of-sale (PoS) terminals were compromised for more than two weeks. 40 million card details and 70 million records of personal information swiped—part of which was “backlist,” historical transaction information dating back to more or less a…

At first glance, it may seem strange to be asking you where you are in your GDPR journey when enforcement for the regulation begins on May 25 — which is now less than 60 days away. After all, GDPR was approved way back in April 2016, and here at IBM we’ve been talking and blogging…

The speed and scale of cloud computing has provided companies around the globe with more flexibility, lower overhead costs and quicker time to value for a wide variety of applications. While the business value of cloud adoption is undebatable, this rapid transition can leave security teams in the dark and sensitive information exposed.

Several popular text editors can be leveraged for privilege escalation and their developers do not plan on taking any action to prevent abuse, according to SafeBreach, a company that specializes in simulating attacks and breaches. Some text editors allow users to run third-party code and extend the application’s functionality through extensions. While this provides some…

The adoption of chip-and-PIN card technology by an increasing number of merchants in the United States has led to a significant drop in cases of counterfeit card fraud, according to Visa. The financial industry has been pushing for the adoption of EMV (Europay, MasterCard, Visa) card technology in the United States since 2011, and efforts…

Artificial intelligence could be deployed by dictators, criminals and terrorists to manipulate elections and use drones in terrorist attacks, more than two dozen experts said Wednesday as they sounded the alarm over misuse of the technology. In a 100-page analysis, they outlined a rapid growth in cybercrime and the use of “bots” to interfere with…

Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities, according to Gartner. Spectre and Meltdown are the code names given to different strains of a new class of attacks that target an underlying exploitable design implementation inside the majority of computer…

Cisco informed customers on Wednesday that it has become aware of malicious attacks attempting to exploit a recently patched vulnerability affecting the company’s Adaptive Security Appliance (ASA) software. No other information has been provided by the networking giant, but it’s worth noting that aproof-of-concept (PoC) exploit designed to cause a denial-of-service (DoS) condition on devices running…