Antonin Scalia's replacement could help push the Supreme Court to reinterpret the Constitution's Fourth Amendment to make it harder for the government to surveil citizens online and seize their records stored on servers maintained by cloud service providers.
Hong Kong toymaker VTech has revised its end-user license agreement to make clear that it can't be held legally responsible for any data breaches. Many security experts have reacted with fury. But is VTech's move unusual?
Congressman Will Hurd has a simple request for U.S. government agencies: Have you been using vulnerable Juniper Networks devices? But Congress needs to consider tougher questions about its culpability in this backdoor debacle.
Security experts are warning that Chinese networking product manufacturer TP-Link has been shipping routers with a WiFi password that's based on their MAC address, thus making their passwords easy for would-be attackers to sniff.
Healthcare organizations need to carefully scrutinize the security of electronic health records and other applications they use because encryption and other features often have shortcomings, says Chris Wysopal, CISO at the security firm Veracode.
Millions of Android devices - as well as desktops and servers - are at risk from a newly disclosed flaw in the Linux kernel that a malware-wielding attacker could exploit to seize full control of the device.
If federal regulators pull the plug on the HITECH Act's "meaningful use" incentive program for electronic health records, they must devise bold new ways to help ensure that data stored in EHR systems is secure.
The discovery of a serious remote code execution flaw in Trend Micro's consumer security software - now patched - is a reminder that even security software has code-level flaws. But shouldn't security vendors be held to a higher standard than others?
To minimize the risk of business email compromise schemes and similar types of fraud, senior executives at businesses should avoid posting information about their activities on social media and other accessible forums, says security expert Chuck Easttom.
Four years after European criminals exploited EMV implementation vulnerabilities to steal an estimated $650,000, security experts say not all banks have adopted full fixes. But the payment card industry contends related mitigations are in place and working.
You made this mess, now you'll clean it up. That's the security message of the Federal Trade Commission's settlement with Oracle over its failure to update or eliminate older, insecure - and actively targeted - versions of Java.
Twitter has issued its first-ever alerts to some users that they may have been "targeted by state-sponsored actors." Some cryptographers, software developers and security experts say they have received the alerts.
Hundreds of millions of PCs are at risk of being remotely exploited, after a security researcher released proof-of-concept exploit code for separate, newly discovered flaws in software preinstalled on systems by Dell, Lenovo and Toshiba.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.