A cybersecurity report from Hewlett-Packard highlights the prevalence and persistence of coding errors, vulnerabilities and exploits that should have been corrected long ago.
Shawn Henry, former head of FBI's cyber crime team, says private-sector networks lack adequate defenses and require the same level of intelligence available to government networks.
The new approach to FISMA makes the three-year snapshot a thing of the past, but monitoring for security is just getting started.
Researchers funded by the Air Force are exploring using "quantum memories" to secure long-range communications. Where have we seen that before?
A hacker who posted racy photos gloating about his hack of police officers' home addresses didn't realize the pictures were GPS-tagged and time-stamped.
Analytics tools are available to detect attack patterns, but agencies need to take a few steps before gaining the confidence to act on the intelligence they provide.
Hone, a tool being developed at the Pacific Northwest National Lab, links network traffic with an application, making it easier to find the source of an IT compromise.
Vito Corleone had an elegant solution to identifying the source of clandestine attacks.
The recently discovered SabPub and LuckyCat exploit Word vulnerabilities and are a sign Mac users need to get wise about patching, security experts say.
With the coming post-PC architecture, sensor, device and cloud components will form a new multi-machine OS with built-in solutions for security and ID management.
Internet advocacy groups oppose the information-sharing bill, which does have the support of some heavy industry hitters.
More than a quarter of U.S. health care providers in a recent survey experienced a breach of patient data in the past year, continuing an upward trend.
E-mail campaign tries to fool service members receiving disability payments into giving up their personal information, including tax returns.
A second draft of guidelines for creating a crypto key management system addresses one of the greatest challenges in securing sensitive information.
DARPA's "active authentication" would be a welcome alternative to passwords and other cumbersome credentials.