Don't-Miss Business security Stories


Password thieves target blogs, content management sites

Hackers are increasingly turning to brute force attacks aimed at snaring credentials.

Why storing passwords in Chrome is a bad idea

Google’s Web browser offers no protection to secure and protect your saved passwords.


US agencies explore cybersecurity incentives for the private sector

The Departments of Homeland Security, the Treasury and Commerce have identified several potential incentives, including cybersecurity insurance, federal grants and legal protections for companies that invest additional money in cybersecurity efforts.

Red Hat Enterprise Linux gets cozy with MongoDB

Red Hat has coupled the 10gen MongoDB data store to its new identity management package for the Red Hat Enterprise Linux distribution.

U.S. cloud firms suffer from NSA PRISM program

Revelations of the NSA's massive electronic surveillance program give fuel to foreign firms and governments that warn of privacy risks of doing business with U.S. cloud service providers.

Don't be fooled by study's dramatically lower cyberthreat estimate, experts say

One analyst compared security spending to preparing for a natural disaster -- wait until it happens and it's 'too late'


Cisco snaps up security vendor Sourcefire for $2.7 billion

Cisco is set to expand its security software portfolio with the acquisition of Sourcefire in a deal worth $2.7 billion.

sim card

SIM card hack has severe implications for business

Individuals are at risk from new SIM card vulnerabilities, but businesses have it even worse.


App vulnerabilities under scrutiny at upcoming security conference

With the Blackhat conference kicking off this coming Saturday, application safety figures to be a major focus. In this video report, we look at a recently announced Android vulnerability.

National policy sought to alert consumers of data breaches

Technology trade group executives make the case for a single, nationwide standard for notifying customers in the event of a breach.

Foreign VPNs offer protection against US government spying

Subscribing to a virtual private network managed by a company in another country can make it more difficult for the NSA and other U.S. agencies to snoop on U.S. citizens.

Data breaches hit 2.5 million in California in 2012, report says

California releases its first report detailing data breaches in the state over the past year, under a new law requiring transparency about such incidents.

Lawmakers push for federal data breach notification law

Lawmakers plan to resurrect national data breach notification legislation that has failed to pass in past sessions of Congress, but some advocates don't agree on what should be included in a bill.


New vulnerability in Java 7 opens door to 10-year-old attack, researchers say

A new vulnerability in Java 7 could allow attackers to bypass the software's security sandbox and execute arbitrary code on the underlying system.

Most business networks riddled with vulnerable Java installations, report says

Despite the significant Java security improvements made by Oracle during the past six months, Java vulnerabilities continue to represent a major security risk for organizations because most of them have outdated versions of the software installed on their systems, according to a report by security firm Bit9.