Networking giant Fortinet warns that more products than it initially suspected have a hardcoded password that attackers could abuse to remotely gain backdoor access to vulnerable devices. But why did the flaws take so long to be found?
Singapore plans to introduce a cybersecurity bill to protect its critical infrastructure from cyber threats and make investments in skills-building. Information security experts weigh in with their candid reactions to this emerging legislation.
The Ukrainian energy sector is being targeted by fresh phishing attacks, the country's computer emergency response team warns. But it's not clear who's behind those campaigns, or a recent malware infection at Kiev's main airport.
Prime Minister Modi rolled out his "Start-Up India Action Plan" to encourage start-up entrepreneurs. Security leaders discuss its scope in boosting Indian cybersecurity start-ups and if there will be enough demand for their products
Cyber insurance covers more than the cost of breaches of data privacy; it can play a role in protecting against the cost of a cyberattack that disrupts business operations, explains insurance specialist Tim Burke in this video interview.
A lawsuit filed against security firm Trustwave is raising questions about "PCI Professional Forensic Investigators" and how they are monitored by the PCI Security Standards Council. But experts say the onus is on companies, not the council, to ensure their security practices are adequate.
DataBreachToday announces its inaugural list of top influencers, reflecting the individuals and organizations who have the biggest impact - good or bad - on the data breach landscape and growing breach epidemic.
Millions of Android devices - as well as desktops and servers - are at risk from a newly disclosed flaw in the Linux kernel that a malware-wielding attacker could exploit to seize full control of the device.
Aloysius Cheang of the Cloud Security Alliance says Asia is neither matured nor competent to understand the nuances of cloud security. CISOs must learn to harmonize data privacy regulations to a set of data protection principles that meet requirements.
Casino operator Affinity Gaming has sued incident response firm Trustwave, alleging that the firm failed to fully eradicate and "contain" the 2013 data breach and payment card malware outbreak that it was hired to remediate.
Cryptocurrency exchange Cryptsy has revealed that it suffered a 2014 hack attack that now leaves it insolvent. The exchange is appealing to its attacker to return the stolen bitcoins, worth $5 million today - no questions asked.
The FBI is investigating the point-of-sale malware breach at hotel chain Hyatt, which says related infections stretched for four months and affected 250 hotels worldwide. But Hyatt has yet to reveal how many customers or payment cards were compromised - or how attackers got in.
Microsoft has patched a new, critical remote code execution vulnerability affecting all versions of Internet Explorer, but it's now only supporting and patching IE 11 and Edge. Potentially, several hundred million users of old IE versions are now at risk.
The Maharashtra government has appointed senior IPS officer and IT expert Brijesh Singh as Special IG-Cybercrime. Experts analyze expectations for the new head and discuss what should be his agenda for tackling cybercrime.
Networking vendor Fortinet refutes a researcher's assertions that there is an SSH "backdoor" in the FortiOS firmware that runs its devices. Many experts say that while the patched flaw looks unintentional, it might still serve as a backdoor.