igor - Fotolia
Facebook came under fire after a two-factor authentication bug sent non-security notifications to users' phones, sparking a debate about media coverage and 2FA adoption.
A security researcher found that a significant number of popular websites are still using untrusted certificates from Symantec, which will be invalidated this year.
A newly-discovered Blizzard security bug, which affected all of the company's popular PC games including Overwatch, should serve as a warning for the video game industry.
Lenovo's discovery of an authentication bypass, literally titled "HP backdoor," within its networking switches brings unsettling implications for the IT industry.
With CEO Brian Krzanich's keynote at the 2018 Consumer Electronics Show, Intel missed an opportunity for the Meltdown and Spectre vulnerabilities.
Protocol scrutiny is good for the upcoming TLS 1.3 update as the process continues to expose, and fix, problems.
Data breach fatigue should be put on hold after the Equifax data breach and Uber hack taught us painful lessons about enterprise security shortcomings.
The latest version of the OWASP Top Ten web application risks is much like previous versions, and that's not a bad thing at all.
A series of acquisitions have drastically reduced the number of stand-alone cloud access security brokers and reshaped the CASB market for years to come.
The Uber data breach episode is another black eye for the ride sharing company, but the cover up raises troubling implications for the infosec community.
Kaspersky Lab finally explained how it came to possess Equation Group malware, but does the company's latest statement answer enough questions about the ongoing drama?
"Three may keep a Secret, if two of them are dead." So wrote Benjamin Franklin, in Poor Richard's Almanack, in 1735. Franklin knew a thing or two about secrets, as well as about cryptography, given ...
The Kaspersky controversy continued this week as the antivirus company responded to several explosive news stories about its relationship with the Russian government.
The FBI's Don Freese spoke at the (ISC)2 Security Congress this week about the need to end the practice of blaming hacking victims. But will infosec professionals listen?
Walking up to DerbyCon 7.0 cybersecurity conference it immediately has a very different feel from the "major" infosec conferences. Attendees would never be caught loitering outside of the Black Hat ...