Network Security 

Security Flaw Found in Hotel Wi-Fi Systems

The vulnerability could enable a remote attacker to read or modify any file on an ANTlabs InnGate device, according to Cylance researchers.

3 Bad Security Habits that Make CISOs Crazy

Every CISO can relate to these bad security habits found in most organizations. But what can CISOs do to change them?

15,435 Vulnerabilities Found in 3,870 Applications in 2014

That's an 18 percent increase over the previous year in vulnerabilities found, according to Secunia.

Hadoop Security Still Evolving

While organizations' use of Hadoop has become more sophisticated, associated security practices have not kept pace.

Google Hit Again by Unauthorized SSL/TLS Certificates

The SSL/TLS certificate authority system's frailty is again exposed, as an unauthorized certificate is issued for Google.

Will 2015 Be Adobe Flash's Swan Song?

Following more critical zero-day exploits, Adobe's Flash platform's place in the enterprise appears as unsecure as the software itself.

Massive Security Flaw Found in Hilton HHonors Website

The vulnerability allowed attackers to access any HHonors account simply by knowing or guessing the account number.

90 Percent of IT Pros Worry About Public Cloud Security

One third of IT professionals surveyed said they've experienced more security breaches with the public cloud than with on-premise applications.

Premera Blue Cross Hacked

The hackers may have accessed the personal, financial and medical information of as many as 11 million people.

North Korea Blamed for Nuclear Power Plant Data Breach

The North Korean government called the accusation 'a false judgement by an idiot.'

Making the Case for Security Investment

Annual security risk assessments and meaningful metrics are among the tools infosec pros can use when asking senior decision-makers to increase budgets.

Data Breach at Dental Practice Exposes 151,000 Patients' Personal Info

Names, Social Security numbers, birthdates, phone numbers and home addresses were accessed.

IBM: Over a Billion Records Leaked in 2014

A surprising 40 percent of attacks in IBM's X-Force report were listed as 'unknown.'

10 Tips to Mitigate Data Breaches

We include a list of vendors that offer solutions that can help improve your response to security threats and data breaches.

Survey Finds IT Security Pros Under Increasing Pressure

And 64 percent of enterprise respondents said they expect that pressure to grow in the coming year.

PCI Compliance Still a Challenge: Verizon

Verizon's 2015 PCI compliance report shows increasing point-in-time compliance even as breaches rise.

Nurses Leverage Privileged Access to Commit Identity Theft

From Texas to North Carolina, several cases have demonstrated the challenge of protecting patient and employee information.

Anthem Refused Security Audit Before and After Data Breach

The company repeatedly refused to allow the OIG to conduct vulnerability scans of its systems.

Startup Spotlight: Gurucul's Risk Analytics

Data breaches occur when identity is compromised or misused, which is why Gurucul focuses on identifying anomalous behavior that can point to identity issues.

Enterprises Seek Third-Party Compliance with Security Requirements

79 percent of respondents to a recent survey said ensuring that partners comply with their security requirements is a top priority in the coming year.

Natural Grocers Hacked

An undisclosed number of customers' payment card data may have been accessed.

Third-Party Vendors a Weak Link in Security Chain

Security shortcomings of third-party vendors are a cybercriminal's dream. So security pros should revisit how they manage vendor relationships.

Mandarin Oriental Hotels Hacked

Hotels in Boston, Las Vegas, Miami, New York and Washington, D.C., are likely affected.

Security Flaws Found in U.S. Air Traffic Control System

Among the issues uncovered by the GAO is 'significant interconnectivity' between the National Airspace System (NAS) and non-NAS systems.

Web Application Firewalls: Next Big Thing in Security

Web application firewalls, an especially critical component of enterprise security, are even more effective when combined with other emerging security technologies.