DARPA's "active authentication" would be a welcome alternative to passwords and other cumbersome credentials.

A second draft of guidelines for creating a crypto key management system addresses one of the greatest challenges in securing sensitive information.

E-mail campaign tries to fool service members receiving disability payments into giving up their personal information, including tax returns.

More than a quarter of U.S. health care providers in a recent survey experienced a breach of patient data in the past year, continuing an upward trend.

An Iranian dissident working for Israel used a memory stick to implant the Stuxnet worm at Iran's Natanz nuclear processing facility, according to a published report.

Sophos has identified a Trojan horse masquerading as a Android version of the game on some unofficial apps stores.

It has taken months, but fixes for the most prolific malware to hit the Apple OS have arrived, and the infection rate for Flashback is dropping.

Changes proposed by the National Institute of Standards and Technology would clarify the transition to a new set of approved tools and correct some errors in the current version.

Throughout government, security officers will have different interpretations of what security controls are acceptable, says GSA's Dave McClure.