In an application-driven economy, are security leaders paying enough attention to application-level security? OWASP's Dhruv Soi speaks on how to ensure security in the application development lifecycle.
Numerous websites, mail servers and other services - including virtual private networks as well as "all modern browsers" - have a 20-year-old flaw that could be exploited by an attacker, computer scientists warn.
An army of 40,000 small office/home office routers have been exploited by automated malware. But who's responsible for devices being vulnerable: vendors for using well-known defaults; or distributors and IT managers for not locking them down?
Security leaders see the need for a formal information-sharing platform across India to enable organizations in all sectors to defend against attacks. What are the barriers, and how can they be overcome?
Experts from the Middle East and Asia say "smart cities" must be built over a secure ecosystem from the design stage, inclusive of people, policies, procedures and structure. Are CISOs ready for the challenge?
Fraudsters have been hacking into and draining Starbucks accounts, customers report. Security experts say attackers appear to be guessing weak account passwords, then using funds to fill up gift cards destined for the black market.
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
Britain's Tory party has secured a majority in Parliament, which means the country will soon see a new legislative agenda. Here are some of the information security, privacy and surveillance initiatives to expect in the coming months.
A federal appellate court decision that the National Security Agency's bulk data collection program is illegal could have sweeping ramifications beyond derailing the initiative to amass the metadata of Americans' telephone calls.
A federal appeals court has ruled that the National Security Agency's collection of metadata of Americans' telephone calls is not authorized by the Patriot Act. What impact with the decision have on the Congressional debate about NSA practices?
Lenovo issues an emergency patch to fix flaws in the System Update software that it preinstalls on business-focused Windows PCs after security researchers discover vulnerabilities that could be used to remotely compromise machines.
With the upcoming release of Windows 10, Microsoft plans to inaugurate 24/7, cloud-based patching, among other new security features. Businesses can tap the anytime patches or define their own patch-release schedules.
Oman is dealing with the challenge of increasing cyber incidents and a rise in cybercrime and so on. How does Oman's CERT address this surge? OCERT's head, Al Salehi, shares his 2015 cybersecurity agenda.