The Department of Homeland security sees malware provenance - which identifies the attributes of malicious codes - as a way to complement its signature-based Einstein intrusion detection and prevention systems to find malware that infects IT systems.
To the list of vulnerable, Internet-connected devices - from routers and home alarms to baby monitors and toys - now add the world's most popular electric car: the Nissan LEAF. Nissan says a full fix is forthcoming.
As a result of high-profile breaches, emerging malware threats and increased regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity. And the CISO's evolving role will be a hot topic at RSA Conference 2016.
As the debate intensifies over Apple's refusal to help the FBI crack the iPhone password of one of the San Bernardino shooters, Rep. Will Hurd says Congress should not rush to enact legislation that would require technology companies to weaken encryption. Hurd chairs a subcommittee with cybersecurity oversight.
To boost security and eliminate the need for passwords, MasterCard plans to later this year roll out a facial biometrics app for authentication of online purchases. But some experts warn that biometrics technology is not fool-proof and should only be deployed as part of a layered authentication approach.
Think it's tough now for the government to compel Apple to retrieve encrypted data from a locked iPhone? According to news reports, Apple is busy creating new devices and services that will be even harder to hack.
The Healthcare Information and Management Systems Society 2016 Conference, slated for Feb. 29 to March 4 in Las Vegas, will offer dozens of privacy and security educational opportunities worth checking out.
The re-emergence of the mobile banking Trojan known as Acecard, which is now threatening a broader range of targets worldwide, highlights the growing risks associated with Android devices and the need for banks and mobile app developers to do more to protect users' accounts.
It used to be that security was the one big barrier to organizations embracing the cloud. But Troy Kitch of Oracle says that not only is that barrier coming down, but now leaders are seeing cloud as a security enabler.
The PCI Security Standards Council will soon release an update to its PCI Data Security Standard, requiring the use of multifactor authentication for administrators who have access to card data networks. In an interview, the council's Troy Leach explains the new requirements and compliance expectations.
Who's right: Apple or the FBI? Our readers continue to debate a magistrate judge ordering Apple to help unlock an iPhone tied to a San Bernardino shooter, raising such issues as strong crypto, backdoors as well as legal and moral responsibilities.
The war of words continues to heat up between the Justice Department and Apple over the FBI's request that the technology provider help it unlock an iPhone seized during the San Bernardino shootings investigation.
Leading banking Trojans are expanding their targets, taking aim at industries outside banking to compromise financial accounts and other information, new research shows. And the botnets are proving difficult for law enforcement officials to take down.
Security experts warn enterprises to patch the serious "glibc" domain name system flaw now, with one likening it to a "skeleton key" that could be used against all systems and Internet of Things devices that run Linux.
Automobiles have crash ratings. Do they need ratings for cybersecurity, too? In this interview, security expert Jacob Olcott of BitSight Technologies previews a session he'll moderate at the RSA Conference 2016 that will address this question.