Critical Bash bug opens Unix, Linux, OS X systems to attacks
The Bash “shellshock” flaw (CVE-2014-6271) was discovered last week by Unix/Linux specialist Stephane Chazelas, and its existence was made public on Wednesday. It …
FBI warns of malicious insider threats increase
The FBI and DHS have issued a warning to businesses about the increase in security incidents involving malicious insiders (current or former employees, contractors, or other …
Consumers increasingly blame companies for data breaches
Moving forward, every company involved in a major data breach—those actually attacked, such as retailers Home Depot, Target, Goodwill and Neiman Marcus, as well as banks, …
Five of the biggest data myths debunked
With so much hype about big data, it’s hard for IT leaders to know how to exploit its potential. Gartner dispels five myths to help IT leaders evolve their information …
UK employees targeted with fake policy violation emails
A new cyber-crime attack has been tricking SMB employees in the UK into downloading Trojans by accusing them of violating company policy. The spam wave started to accelerate …
Energy IT pros show surprising optimism
Tripwire announced the results of a survey of 104 attendees at the EnergySec Security Summit in Texas. Industry research shows most breaches go undiscovered for weeks, months …
Kali NetHunter turns Nexus devices into portable hacking tools
Offensive Security, the security training company behind Kali Linux, the popular Debian-based OS designed for digital forensics and penetration testing, and Kali community …
Microsoft launches bug bounty program for Online Services
Microsoft has launched another bug bounty program, and this one will focus on its Online Services. Bug hunters are urged to submit vulnerabilities affecting the following …
Mitigations for Spike DDoS toolkit-powered attacks
Akamai Technologies released, through the company’s Prolexic Security Engineering & Response Team (PLXsert), a new cybersecurity threat advisory that alerts …
Training for CISSP and other (ISC)2 certifications
(ISC)2’s CISSP Live OnLine CBK Training Seminar gives you the same award-winning course content as the classroom-based seminars and the benefit of an (ISC)2 Authorised …
Emerging international data privacy challenges
According to a new survey from the Cloud Security Alliance there is a growing and strong interest in harmonizing privacy laws towards a universal set of principles. …
Companies becoming lax in managing BYOD risk
Exposure to risk is as much of a threat today as it was in 2013; however, organizations have become less diligent in BYOD management and mitigation, according to TEKsystems. …
Featured news
Resources
Don't miss
- Security at AI speed: The new CISO reality
- Apple privacy labels often don’t match what Chinese smart home apps do
- In GitHub’s advisory pipeline, some advisories move faster than others
- Don’t panic over CISA’s KEV list, use it smarter
- Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)