Confirming reports of limited attacks in South Asia and the Middle East, Microsoft released a security advisory on Tuesday warning of a new vulnerability targeting the TIFF image format.
Steve Ragan | 06 Nov | Read more
According to recent reports, HealthCare.gov skipped many security requirements before launching, and was granted a waiver by the Obama administration to launch despite a level of uncertainty and a high-level of security risk.
Steve Ragan | 05 Nov | Read more
McAfee says that SMBs are suffering from a false sense of security, basing their claims on a recent study conducted with Office Depot. Those who took part in the study showed a high degree of confidence that their data and devices were safe from attackers, despite industry research and evidence that proves otherwise.
Steve Ragan | 31 Oct | Read more
In the spirit of Halloween, CSO recently spoke to Adam Stewart, the Vice-President of Engineering at Autotask, to outline the most frightening aspects of working in IT.
Steve Ragan | 30 Oct | Read more
In an update on the data breach disclosed earlier this month, Adobe has said that source code for Photoshop was stolen. Making matters worse, a file containing 150 million usernames and hashed passwords has appeared online, and the company says that 38 million accounts were directly impacted by the incident.
Steve Ragan | 29 Oct | Read more
Virtualisation isn't a new trend, these days it's an essential element of infrastructure design and management. However, while common for the most part, organizations are still learning as they go when it comes to cloud-based initiatives.
Steve Ragan | 29 Oct | Read more
They say knowledge is power, and the final report from DEF CON 21's Social Engineer Capture the Flag contest shows that in the wrong hands, the amount of information organizations leave exposed online can empower attackers across the globe.
Steve Ragan | 28 Oct | Read more
Hours after Google's Safe Browsing initiative flagged the website for malware, PHP.net confirmed that two of their servers were compromised and used to attack visitors. However, the administrators are still not sure how the attackers accessed the servers.
Steve Ragan | 25 Oct | Read more
In the fourth, and final, awareness tip for National Cyber Security Awareness Month, Rapid7 discusses the cloud, and how to avoid common problems while using it.
Steve Ragan | 25 Oct | Read more
Criminals use a variety of tools and tactics when selecting victims and conducting attacks. But information is the key to any malicious campaign, and the more personal it is, the more value it holds. When one goes about their daily life online, how much information is too much, and what should be protected?
Steve Ragan | 24 Oct | Read more
The millennial generation, those of us who were born and raised alongside the Internet, should be wise enough to avoid account hijackings and other scams, but we're not. In fact, one out of four millennials have admitted to having at least once incident where an online account was hacked.
Steve Ragan | 23 Oct | Read more
On Monday, Google announced a beta service that will offer DDoS protection to human rights organizations and media, in and effort to slow the amount of censorship that such attacks cause.
Steve Ragan | 22 Oct | Read more
When it comes to security policies and practices, there are rules (both written and unwritten) that need to be adhered to. An organization simply cannot implement changes to security on the fly as it could lead to disaster. Yet, there are times when changes are necessary, or mandated due to an incident response plan. In that instance, what should business leaders be focusing on?
Steve Ragan | 17 Oct | Read more
Continuing a running series for National Cyber Security Awareness Month, Rapid7 has released another easily emailed awareness note. This time the topic is passwords, something that can either make or break a person's overall level of security.
Steve Ragan | 17 Oct | Read more
Earlier this month, during a Senate Judiciary Committee hearing, Senator Patrick Leahy pressed the NSA's director, General Keith Alexander, on whether or not the figures that are used to support data collection programs, notably the bulk collection of phone records, were accurate.
Steve Ragan | 16 Oct | Read more