The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
With enterprises now taking to the cloud in the APAC region, it's important to learn security lessons from western counterparts, says Cloud Security Alliance CEO Jim Reavis. He offers insights on dealing with risks and legacy IT.
RSA Conference Asia Pacific and Japan, which wrapped up last week, was a successful reflection of this region's hottest security topics. Here are some of my own observations, as well as feedback from the attendees.
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
Cisco announced plans to pay $635 million to purchase cloud security firm OpenDNS to better secure the "Internet of Everything." OpenDNS says the acquisition will leave its products and personnel intact.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
Breached dating website FriendFinder allegedly missed email warnings from security researchers that its site had been breached and customers' data was being sold on a "darknet" site. What can other businesses learn from that apparent mistake?
Visa has agreed to increase the reimbursement paid to banking institutions that must reissue cards in the wake of a merchant breach. Now the smaller card issuers, such as community banks, are getting paid the most.
The FBI is offering a big-stakes reward for an alleged criminal who ranks at the top of its "cyber most wanted" list. But one cybercrime expert asks: "Would you cross the Russian mafia or some organized crime gang for $3 million?"
(ISC)Â² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?
Psychologically speaking, nothing beats the power of a well-timed deadline. And love it or hate it, Google's 90-day "Project Zero" deadline for fixing flaws - before they get publicly disclosed - has rewritten bug-patching rules.