Some security experts say the United States' cybersecurity and overall defense posture are likely temporarily weaker because President Trump fired the leaders of the Cybersecurity and Infrastructure Security Agency and the Defense Department. But many remain confident defenses will be strong in the long run.
The Chinese hacking group "Cicada" is exploiting the critical Zerologon vulnerability in Windows Server as part of a cyberespionage campaign that's mainly targeting Japanese companies' locations around the world, according to the security firm Symantec.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Waves of support from the InfoSec community continue to pour in for former CISA Director Christopher Krebs, who was fired Tuesday by President Donald Trump. Meanwhile, an acting CISA director reportedly has been named, and Deputy Director Matt Travis has resigned.
Researchers are warning that many domain name system server implementations are vulnerable to a spoofing attack that allows attackers to redirect, intercept and manipulate traffic. Thankfully, fixes are already arriving for this so-called SAD DNS flaw.
With COVID-19 as a backdrop and 5G on the horizon, what will be 2021's top issues in identifying, protecting and defending against attacks across a dramatically expanded threat landscape? This latest CEO/CISO panel addresses the challenges of the new year.
President Donald Trump has fired Christopher Krebs, director of the U.S. Cybersecurity Infrastructure and Security Agency. Experts say that thanks in no small part to CISA, this year's election "was the most secure in American history," free from any major cybersecurity incidents.
Twitter has hired network security expert Peiter Zatko to serve in the newly created position of head of security following a series of high-profile cyber incidents. Zatko, known as "Mudge," gained fame as a member of the ethical hacking group "Cult of the Dead Cow" and worked for the government and Google.
NOYB, a privacy group run by Austrian Max Schrems, has filed complaints against Apple with Spanish and German data protection regulators alleging the company's Identifier for Advertisers breaks EU privacy laws by allowing Apple and all apps on the iPhone to track a user without consent.
Blockchain technology has been floated as a solution to enable remote, electronic voting. But MIT researchers say today's paper-based systems, while imperfect, are still the most reliable way to prove to voters that their selections have been accurately cast and tallied.
IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.
Distributed denial-of-service attacks have not garnered much attention this year. But analysts say such attacks could surge, and they have the potential to be just as damaging as ransomware and other types of cyberthreats.
Ticketmaster UK has been fined $1.7 million by Britain's privacy watchdog for its "serious failure" to comply with the EU's General Data Protection Regulation. Its failure to properly secure chatbot software led to attackers stealing at least 9.4 million payment card details.
A House of Representatives staff report concludes that existing technology and infrastructure could be used to allow lawmakers to securely cast their votes remotely during the COVID-19 pandemic. But some Republicans question whether remote voting is, indeed, feasible.