Massive data breaches have become the new reality, and they confirm that one of the biggest challenges companies face when it comes to security: a company’s biggest shortcomings are often not apparent until data breaches or other emergencies occur. As a result, adequately preparing for the worst and getting employees at every level of the company to give security…

Chief Information Security Officers are feeling less confident than ever about cyber-risk and data security this year, according to a survey conducted by Ponemon Institute in late 2017. As today’s climate of high-profile data breaches continues, 67% of respondents believe their companies are more likely to fall victim to a cyberattack or data breach in 2018….

U.S. President Donald Trump on Tuesday signed a bill that prohibits the use of Kaspersky Lab products and services in federal agencies. The National Defense Authorization Act for FY2018 (H.R. 2810) focuses on Department of Defense and Department of Energy programs, authorizes recruitment and retention bonuses for the Armed Forces, and makes changes to national…

A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites. Last month, F5 Networks informed customers that some of its BIG-IP products include a vulnerability that can be exploited by a remote attacker for recovering encrypted data…

A researcher has discovered that a touchpad driver present on hundreds of HP laptops includes functionality that can be abused for logging keystrokes. The vendor has released patches for a vast majority of affected devices. Michael Myng was looking for ways to control the keyboard backlight functionality on HP laptops when he noticed that the…

The December 2017 Android security patches that Google released this week resolve 47 vulnerabilities, including 10 rated Critical severity. The patches affect a variety of platform components and were split in two packages, or security patch levels, as Google calls them. The first addresses 19 vulnerabilities while the second resolves 28 issues.

Bug bounty programs and a vulnerability disclosure policy have helped the U.S. Department of Defense patch thousands of security holes in its systems. Nearly one year after it announced its vulnerability disclosure policy, the Pentagon received 2,837 valid bug reports from roughly 650 white hat hackers located in 50 countries around the world, according to…

Every year there are reports and surveys which make the case that security inhibits innovation, productivity and generally holds businesses back. I am not going to argue with that sentiment. Security requires that things are done in a certain manner, which can act as a constraint on wanting to do things a different way. What…