Fahmida Y. Rashid

The intrusion prevention system is a mainstay of any organization's perimeter-focused security infrastructure, but its days may be numbered as a standalone technology. Yet, its purpose lives on.

With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy businessperson.

WordPress is a common vector of attack because many fail to install the blogging platform's latest patches.

A Windows vulnerability that Microsoft patched back in April continues to be used in targeted attacks against political, industrial and defense organizations.

The spam outbreak that last month flooded the inboxes of Dropbox customers has been traced back to a hacked employee account.

Two security experts found a way to automate a JavaScript attack that could infect beyond the browser.

A researcher investigated Java exploits, and drew on one well-know example, to explain how one of the most common classes of attack spreads.

One of the world's largest spam botnets, responsible for as much as a third of all unwanted mail sent as recently as last week, is finally offline, according to security firm FireEye.

Better coordination, actionable information, and risk awareness are needed to protect the country's critical infrastructure, especially the power grid, according a congressional watchdog report.

The latest version of Mozilla's popular Firefox browser has expanded its security features.