Arkansas developer Taylor Huddleston has been sentenced to serve more than two years in prison for developing, marketing and selling two tools designed to be used maliciously - the NanoCore remote access Trojan and Net Seal license software.
Certificate authorities continue to be tricked into issuing bogus TLS certificates. A study by Recorded Future found that at least three underground vendors can supply fraudulent TLS certificates, which pose serious risks to data security and privacy.
Is your organization prepared for GDPR? The GDPR goes into effect this year on May 25th, 2018! It still remains to be seen exactly how it will be enforced and what specific measures organizations must take to comply. What is clear, however, is that personal data must be protected or severe penalties may be imposed....
Now that it's been confirmed that an insider at Punjab National Bank paved the way for $1.8 billion in fraudulent transactions, RBI, the nation's central bank, is reiterating the need to strengthen security measures tied to SWIFT interbank transactions, and security experts are offering risk mitigation advice.
Google has begun activating a new feature in Chrome that will block 12 types of intrusive advertisements. But some security experts say the online advertising industry needs to solve the malware and privacy problems that have caused users to turn to ad-blocking and anti-tracking tools.
Intel faces 32 lawsuits filed over the trio of flaws in its CPUs known as Meltdown and Spectre, seeking damages for the security vulnerabilities as well as alleged insider trading. The flaws have also been cited in lawsuits against chipmakers AMD and ARM, as well as against Apple.
Microsoft has been working to reduce the ability of attackers who use the PowerShell scripting language to "live off the land" in enterprise networks, in part via machine learning. But IT administrators should also have these three essential malicious PowerShell script defenses in place.
Is U.S. computer crime justice draconian? That's one obvious question following England's Court of Appeal ruling that suspected hacker Lauri Love would not be extradited to the United States, in part, because they said the U.S. justice system could not be trusted to treat Love humanely.
A U.S. grand jury has taken the extraordinary step of indicting 13 Russian nationals and three Russian companies for allegedly interfering with the U.S. political system, including the 2016 presidential election, in what the Justice Department portrays as "information warfare against the United States."
After a year of brainstorming on blockchain technology, Microsoft says it will add support in its Authenticator app for a decentralized identity system that's designed to put users in control of their personal information.
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? Scott Whyte of ClearDATA discusses healthcare's complex convergence of innovation and compliance.
Attackers recently snuck cryptomining code onto thousands of websites by inserting it into a third-party accessibility plug-in called Browsealoud. Web specifications designed to guard against these types of rogue actions by third-party code libraries already exist. Why aren't more sites using them?