Some videoconferencing equipment could enable hackers to eavesdrop on privileged corporate conversations or a boring employee training seminar, according to a security official at Rapid7.

Microsoft is a myth maker when it comes to Google’s new privacy policy, the search giant is charging.

Social Security Commissioner Michael Astrue told a House panel this week that he had a relative and a friend declared “dead” on his agency’s death list, which publishes the names and social security numbers of deceased individuals, even though they were very much alive.

The National Institute of Standards and Technology (NIST) is awarding $10 million in funding for trusted online credential pilot projects.

The total number of patient records compromised in the US increased by 97% in 2011 compared with 2010, according to a report released this week by the Redspin consulting firm.

  Recently HTC acknowledged a vulnerability that can expose a user’s WiFi credentials, including the WiFi SSID and security passwords to a malicious app running on some of its Android phon...

First, please excuse me for letting my inner Archie Bunker vent a little. If you are anything like me, then you could care less about updating your Facebook page on an hourly basis. Sure, I have a pag...

I am honoured to have been invited back to present at the prestigious e-Crime Congress to be held in London, March this year. However it caused a flash-back to the last occasion I presented at Congres...

Anniversaries are often a time to reflect on the past but also to look to the future. A major anniversary in the field of computer security was reached on the 15th of January this year. That date mark...

Comment: Make PCI DSS Part of Your Security StrategyJeremy King, European director of the PCI Security Standards Council, describes how recent figures from the UK Cards Association showed PCI has been successful in decreasing the volume of card and bank account fraud

A Superior (infosec) Education As the information security industry becomes more coveted, Wendy M. Grossman takes a look at the university courses available to aspiring and competing infosec professionals on both sides of the Atlantic

Comment: APT Tops Security Risks to Corporate IP in 2012Verdasys’ Bill Ledingham shares his insights on advanced persistent threats (APT) and offers steps companies can take to increase their cybersecurity

Can Security and Privacy Co-exist?Should you have to give up privacy to get more security, or does one actually support the other? Danny Bradbury sounds out the experts

Comment: Information Assurance as a Flexible Security SolutionChris Mayers of Citrix UK outlines how the public sector can meet confidentiality, integrity and availability requirements in the face of ongoing regulatory and technological change

The Good, the Bad, and the Ugly Insider ThreatsWhether intentional or unintentional, insider threats take many forms. The (ISC)² US Government Advisory Board Executive Writers Bureau examines this dichotomy and how it is being affected by both regulatory considerations, and the rapidly changing technology landscape

Comment: Information management policies must address risk of human errorChristian Toon, head of Information Security at Iron Mountain Europe, considers the growing number of avoidable data breaches that involve paper documents and advises businesses how to minimize these risks by getting to grips with information handling, management, storage and secure destruction.

Infosecurity: Do You Eat Your Own Dog Food?How many traffic policemen never exceed the speed limit when off duty? How many vicars don’t swear? And how many IT security professionals practice what they preach? No, seriously, do you eat your own dog food? That’s the question Davey Winder has been asking of infosec professionals in an attempt to determine just how secure security experts really are away from the office

Comment: It’s Time for Smartphone SecurityAs the mobile market grows, so does mobile malware. Don DeBolt, director of threat research at internet security company Total Defense, discusses how IT practitioners and company employees can best stay safe by protecting themselves from mobile hacks, privacy concerns and more in a day and age when mobile malware is on the rise

Compliance Strategies – A.K.A. Alphabet SoupDoes your organization follow a recipe, or simply ‘eye-up’ the ingredients to your compliance tick boxes? Fred Donovan taste-tests what is often viewed as the unsavory side of the information security profession