Google screening missed hundreds of malicious Android apps, researchers say
Scamming ad-men send fake ad clicks to smut sites Malicious apps that have breached Google's defences and made it onto the Play store have netted 1.2 million victims, often hijacking phones to place...
View ArticleFive things you need to know about the EU-US Privacy Shield agreement
The Privacy Shield agreement is intended to guarantee the personal information of European Union citizens the same privacy protection when processed in the United States as it would receive at home....
View ArticleMost IT Security Board-Level Reporting Behind the Times
Company board of directors aren't always getting the information they need—and part of the reason is reporting is still being done via spreadsheets—but it's not all bad news, according to a new report...
View ArticleConfirmed: IBM slurps up Bruce Schneier with Resilient purchase
Big Blue augments incident response for security systems RSA 2016 After nearly a week of rumors IBM has confirmed it has bought incident response firm Resilient Systems and so gained the services of...
View ArticleFacebook posts mocking judge earn brothers two years in jail
Daniel Sleddon and brother Samuel.Lancashire Police Enlarge Two British brothers convicted of selling marijuana are being sent to prison for two years after they mocked the judge on Facebook...
View ArticleLargely undetected Mac malware suggests disgraced HackingTeam has returned
EnlargePatrick Wardle Researchers have uncovered what appears to be newly developed Mac malware from HackingTeam, a discovery that's prompting speculation that the disgraced malware-as-a-service...
View ArticlePoor recruitment processes are causing the great security talent drought
Mind you, applicants aren’t helping sometimes either RSA 2016 It's a refrain at this and past RSA conferences, that companies can't hire enough top-notch talent, but it's addressable if companies hire...
View ArticleNode.js 5.7 released ahead of impending OpenSSL updates
The Node.js Foundation is gearing up this week for fixes to OpenSSL that could mean updates to Node.js itself. Releases to OpenSSL due on Tuesday will fix defects deemed to be of "high" severity, Rod...
View ArticleIBM to buy Resilient Systems, bringing security guru Bruce Schneier on board
IBM will acquire Resilient Systems, it announced Monday, and along with the company, it will gain a big name in the security world: Bruce Schneier. Resilient makes an incident-response platform that...
View ArticleCRN Exclusive: HPE-Fortinet Bundle To Marry Firewall, Log Management...
Hewlett Packard Enterprise and Fortinet have joined forces on a security offering aimed at giving customers better visibility into and control over security threats. The bundle, which will be unveiled...
View ArticleGmail for Work gets improved digital loss protection features
Google has expanded the digital loss protection features in Gmail for Work, to help ensure that employees don't share confidential information outside the company they work for. The service can now use...
View ArticleCheck Point Software Technologies Revamps Entire Platform Under Single...
EMBARGO - Confirming time still but for tomorrow AM Check Point Software Technologies is reimagining the way customers and partners interact with its solutions, unveiling Tuesday the launch of a new,...
View ArticleHackerOne boss on why the future’s bright for bug bounties
Soft launch of subscriber service on Tuesday RSA 2016 Three months ago HackerOne, the group that pays a bounty to security researchers for bugs, appointed Mårten Mickos as its new CEO, and the...
View ArticleDROWN Vulnerability Hits SSL/TLS, but It's No Heartbleed
DROWN, a new vulnerability that could potentially expose millions of sites to risk, was disclosed and patched. Plus, it's less widespread than Heartbleed. DROWN, which stands for "Decrypting RSA with...
View ArticleNew TLS decryption attack affects one in three servers due to legacy SSLv2...
Security researchers have discovered a new weakness that could allow attackers to spy on encrypted communications between users and one in three HTTPS servers. The problem exits because many HTTPS...
View ArticleMicrosoft Cures Breach Blindness for Enterprises
A new offering, called Windows Defender Advanced Threat Protection, alerts administrators if attackers gain a foothold on a network. Suffered a network breach? Microsoft's latest cloud-based data...
View ArticleNSA Director Makes Plea to Tech Industry to Partner on Security
At RSA, the head of the U.S.Cyber Command and director of the NSA explains the mission of the organizations he commands and what he's doing to improve security in America. SAN FRANCISCO—U.S. Navy...
View ArticleOpenSSL update fixes Drown vulnerability
An international team of researchers has uncovered an attack that can compromise encrypted network traffic in a matter of hours. The Drown (Decrypting RSA with Obsolete and Weakened Encryption) attack...
View ArticleFBI is asking courts to legalize crypto backdoors because Congress won’t
FBI Director James Comey in the hot seat Tuesday before the House Judiciary Committee.C-SPAN3 Apple's encryption battle Apple prevails in forced iPhone unlock case in New York court Most software...
View ArticleFBI Chief: San Bernardino iPhone Case Could Set A Legal Precedent For Encryption
FBI Director James Comey acknowledged Tuesday that forcing Apple to unlock the San Bernardino shooter's iPhone could set a precedent for dealing with encryption in the future. Representatives from...
View Article