"Millions" of devices from numerous router manufacturers appear to use a third-party software component called NetUSB, which can be exploited to bypass authentication checks and remotely take control of the devices, security researchers warn.
Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
Visa has agreed to increase the reimbursement paid to banking institutions that must reissue cards in the wake of a merchant breach. Now the smaller card issuers, such as community banks, are getting paid the most.
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
Caffeine junkies are up in arms over reports that criminals have been targeting their Starbucks account balances. But the real story is poor password-picking practices by consumers, and Starbucks' lack of multi-factor authentication.
Former RSA Chairman Art Coviello has re-emerged as a partner with venture capital firm Rally Ventures. What's it like to transition from creating new security solutions to discovering and nurturing them?
Wanted: Hackers for hire. Or in British government parlance: "Committed and responsible individuals who have the potential to carry out computer network operations to keep the U.K. safe." Ready to apply?
The FBI is offering a big-stakes reward for an alleged criminal who ranks at the top of its "cyber most wanted" list. But one cybercrime expert asks: "Would you cross the Russian mafia or some organized crime gang for $3 million?"
The chief privacy officer's role has changed considerably, particularly in response to today's cyberthreats. As a result, CPOs at banking institutions need to be collaborators, designers, gatekeepers, teachers and more.
Lenovo issues an emergency patch to fix flaws in the System Update software that it preinstalls on business-focused Windows PCs after security researchers discover vulnerabilities that could be used to remotely compromise machines.
With the upcoming release of Windows 10, Microsoft plans to inaugurate 24/7, cloud-based patching, among other new security features. Businesses can tap the anytime patches or define their own patch-release schedules.
Security firms report a sharp rise in the quantity of attacks that use macro code - designed to automate tasks - to trigger malware downloads, often for the purpose of stealing people's online banking credentials.