The Verizon DBIR 2014 shows that organizations should build a security strategy around industry-specific threats and incident patterns.
The 2014 Verizon data breach report shows a big rise in Web application attacks, with CMS frameworks and user credentials the most likely targets.
In the wake of the Heartbleed OpenSSL vulnerability, the massive deluge of revoked certificates could cause palpitations across the Internet.
Sophisticated malware was behind the Michaels breach that resulted in three million compromised payment cards, according to the crafts retailer.
When it comes to app risk management, who is ultimately responsible: business leaders or security professionals? A new report weighs in.
Though millions of Android devices could contain the Heartbleed OpenSSL vulnerability, experts say the risk to Android users may not be that great.
Heartbleed repairs threaten to cripple the internet (ComputerWeekly.com)
The internet could slow to a crawl as companies scramble to fix the Heartbleed bug, security experts warn
Proving the Heartbleed OpenSSL vulnerability can be exploited in the wild, two organizations say attackers have used it to glean sensitive data.
14 Apr 2014 Businesses are beginning to adopt context-based security (ComputerWeekly.com)
It is more than 10 years since context-aware security was proposed. We look at how the technology has evolved.
Heartbleed denial reveals loophole for NSA spying (ComputerWeekly.com)
The NSA has denied it exploited the Heartbleed security flaw, but US officials have revealed a loophole that would allow such actions
FireEye and Palo Alto Networks take issue with the new NSS Labs report on breach-detection systems, calling the review process into question.
Analysis: The 'Heartbleed' OpenSSL vulnerability is one of the worst bugs a SANS expert has seen, and that's before the fallout is fully understood.
Cross-platform networks cause UC vulnerabilities (SearchUnifiedCommunications.com)
Cross-platform communication is particularly susceptible to data attacks. What can IT do to mitigate security vulnerabilities in UC environments?
TCG releases TPM 2 specification for improved security (ComputerWeekly.com)
The Trusted Computing Group has published an updated specification for the Trusted Platform Module
09 Apr 2014 EFF calls for rapid mitigation of Heartbleed internet bug (ComputerWeekly.com)
All websites should use perfect forward secrecy to protect against Heartbleed internet security flaw, says EFF
Top Security Story
Essential Guide: Windows XP security after end of updates for XP SearchSecurity.com | 08 Apr 2014
Learn about security implications of the April 2014 Windows XP end-of-life date and the end of XP security updates, plus planning an XP migration.