A team of cryptographers has found that the random-number generator Dual_EC - known to have been backdoored by the NSA - was added to Juniper's ScreenOS firmware around 2008 and is still present, although the networking giant has promised to soon replace it.
Reports on the Ukrainian energy supplier hack have left many crucial questions unanswered: Who was involved, did malware directly trigger a blackout and are other suppliers at risk from similar attacks? Cybersecurity experts offer potential answers.
Banking and government institutions, and other organizations that employ Juniper Networks gear, are being actively targeted after the company warned that it discovered that someone added a backdoor to the firmware in 2012. Who's responsible?
Hyatt warns that it's the latest hotel chain to fall victim to POS malware. It's offered scant breach-related details, but lots of bromides about taking payment card security seriously and urging customers to keep paying by card.
In the wake of Juniper Networks finding "unauthorized code" in its firewall firmware that could be used to remotely access devices and encrypted communications, Cisco is reviewing its own code for signs of tampering. Will other vendors follow suit?
The FBI is reportedly investigating newly discovered "unauthorized code" in the firmware that runs the NetScreen firewalls built by Juniper Networks, which attackers could have been using to remotely access devices and decrypt traffic without leaving a trace.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
Bob Carr, CEO of Heartland Payment Systems, contends that not enough progress has been made in improving payments security in the seven years since the processor experienced a massive breach. Find out why he argues that retailers and processors still have much more to do.
ATM fraud losses are increasing globally, and we can expect to see this trend continue as the U.S. ramps up its migration to EMV at the point of sale. Unattended terminals are easy to compromise, and they will always be among fraudsters' favorite targets.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Virtualization and related developments bring significant changes to the architecture of today's data centers. At RSA Conference Asia Pacific & Japan, Cisco's Munawar Hossain defines these changes and outlines the new challenges.
As more enterprises adopt software-defined networking, hackers are finding the emerging technology to be a new route to penetrate organizations. Anthony Lim of (ISC)Â² recommends ways to secure SDNs against attacks.
Cisco announced plans to pay $635 million to purchase cloud security firm OpenDNS to better secure the "Internet of Everything." OpenDNS says the acquisition will leave its products and personnel intact.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.