WordPress says users of versions 3.9.2 and earlier of its website content management software need to patch a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Troy Leach of the PCI Security Standards Council says log monitoring is an effective data breach detection tool that, unfortunately, not enough merchants put to use. He explains how upcoming PCI guidance could help with implementation.
Sen. Ron Johnson, R-Wis., the presumptive chairman of the Senate committee with government IT security oversight, hasn't immersed himself heavily in cybersecurity issues during his 4-year Senate tenure.
As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services.
Malware known as "Mayhem" that targets Unix and Linux systems has been updated to exploit Shellshock flaws, security experts warn. But with few Unix-flavor systems running anti-virus software, how can it be stopped?
Yet another California healthcare breach-related lawsuit - this one involving Alere Home Monitoring - has been dismissed because of the lack of proof that anyone actually viewed data stored on an unencrypted computer device that was stolen.
Google says just 2 percent of the recent dump of nearly 5 million credentials to Russian cybercrime forums contained valid Gmail username and password combinations. But anyone who reused the same passwords on other sites remains at risk from hackers.
Goodwill Industries International says in an update about a breach affecting about 330 of its stores that approximately 868,000 payment cards were exposed. It also identifies the malware used to compromise a third-party vendor's systems.
The FBI and Apple are investigating the release of hundreds of celebrities' nude photographs and videos, which security researchers suspect is tied to compromises of iCloud, Dropbox or other cloud service accounts.
Patients and healthcare providers need to recognize that Web-enabled mobile health devices that fall under the umbrella of the "Internet of Things" potentially can put personal information at risk, says Intel Security executive Greg Brown.