Cloudflare was unsparing in its criticism of Verizon over a BGP snafu that hampered 15 percent of its global traffic, as well as traffic of Amazon and Google. Verizon's error underscores that much heavy lifting remains to make critical internet infrastructure secure.
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
Bug bounty myths: All such programs must be public, run nonstop, pay cash to bug-spotters and allow anyone to join. But HackerOne's Laurie Mercer says such programs often run as private, invitation-only and time-limited endeavors, sometimes offering only swag or public recognition.
A group of 22 state attorneys general, mainly from Democratic-leaning states, are demanding Congress offer local officials more support - including grants and equipment standards - to improve election infrastructure security in the run-up to the 2020 presidential contest.
Legacy fraud detection systems often approve or decline orders based solely on a handful of details. Savvy merchants expect much more from their fraud management solutions than simply a risk score.
Today, merchants demand a solution that supports expansion into global markets, promotes a smooth shopping experience,...
Upgrading to a new OS can be a significant headache for IT teams, taking
up a lot of man-hours and IT budgets. Since there is no automatic in-place
upgrade to transition from Win7's 32-bit to Win10's 64-bit version, the
migration process can be extremely time-consuming - involving multiple
manual steps that can...
A security researcher has posted a demonstration showing how an attacker could exploit the BlueKeep vulnerability to take over a Windows device in a matter of seconds. Meanwhile, the NSA has joined Microsoft in urging users to patch devices before an attacker takes advantage of this vulnerability.
Microsoft has taken the unusual step of issuing a second warning about BlueKeep, a vulnerability that, if left unpatched, could allow an attacker to use a worm-like exploit to take over devices running older Windows operating systems. Security researchers warn that exploits are coming.
A security researcher warns that nearly 1 million devices running older versions of Microsoft Windows remain vulnerable to a recently discovered flaw in Microsoft's Remote Desktop Protocol service that could enable attackers to use a worm-like exploit to take over unpatched machines.
Multiple flaws - all serious, exploitable and some already being actively exploited - came to light last week. Big names - including Cisco, Facebook, Intel and Microsoft - build the software and hardware at risk. And fixes for some of the flaws are not yet available. Is this cybersecurity's new normal?
Microsoft has taken the extraordinary step of issuing patches for its old XP, Windows 2003, Windows 7 and Windows Server 2008 operating systems. The problem is an easy-to-exploit Remote Desktop Services vulnerability that could be turned into a worm.
Every organization has systems that can't be secured well enough - perhaps because they can't be patched in a timely manner, can't provide data for monitoring, or aren't compatible with standard security tools. When unsecurable systems support mission-critical processes or hold valuable data, cyberattackers are adept...
Here's free software built by the National Security Agency called Ghidra that reverse-engineers binary application files - all you have to do is install it on your system. So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019.
The problem: growing adoption of interconnected technologies is stretching capabilities of existing public key infrasructures (PKIs) and driving the need to stand-up new ones.
The challenge here is maintaining a strong root of trust across the enterprise PKI that fulfills the operational demands of more...
In an increasingly complex world of interconnected information systems and devices, more must be done to protect critical infrastructure, says Ron Ross of the National Institute of Standards and Technology.