After a series of high-profile hackings, Twitter has finally introduced two-factor authentication.

A new variant of the Citadel financial malware is targeting users of the Payza online payment platform by launching local in-browser attacks to steal their credentials, according to researchers from security firm Trusteer.

Colleges and universities are being encouraged to scrutinize their systems to keep them from being hijacked in DDoS (distributed denial-of-service) attacks.

Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.

Domain registrar Name.com forced its customers to reset their account passwords on Wednesday following a security breach on the company's servers that might have resulted in customer information being compromised.

SecurEnvoy has upgraded its SMS-based system for two-factor authentication with the ability for users to receive one-time passwords via a landline telephone call and enter them using the telephone keys.

Amazon Web Services (AWS) is looking to expand its security offerings with hosted intrusion protection appliances and more extensive encryption features, as it looks to increase the level of protection users can get in its cloud.

Getting hacked on Twitter is fast becoming a rite of passage for big corporations, but Tuesday's attack on the Associated Press could be a tipping point and shows that social networks must do more to keep their users safe, security experts said.

Developers being overly trusting is one of them.

Securing a hybrid cloud is not the same thing as deploying hybrid security products.

Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet

An assessment of the information security department shows that it has a lot of growing up to do yet.

Both Google's and Apple's mobile platforms have security drawbacks and advantages. Is there a clear winner?