Cisco today announced Managed Threat Defense, a set of security services for the enterprise that Cisco is providing through two new operations centers to remotely support intrusion-detection, incident response and forensics, among other services.
Ellen Messmer | 22 Apr | Read more
Verizon today issued its annual data-breach investigations report, a study of what happened in 1,367 known cases across dozens of industries in 95 countries last year, and the most common form of attack was breaking in through Web applications.
Ellen Messmer | 22 Apr | Read more
The Stuxnet malware known to have stealthily targeted Iranian nuclear facilities a few years ago was a wake-up call about how vulnerable critical industrial systems can be to cyberattack. Now, an Israeli start-up, with help from General Electric, is testing security technology that would detect Stuxnet-like attacks on critical infrastructure systems used for power production.
Ellen Messmer | 18 Apr | Read more
Socially-engineered malware tries to trick users into downloading and executing malicious code through tactics that include everything from fake antivirus to fake utilities to fake upgrades to the operating system and trojanized applications.
Ellen Messmer | 17 Apr | Read more
The Heartbleed Bug disclosed by the OpenSSL group on April 7 has sent many vendors scurrying to patch their products and that includes security firms Symantec, Intel Security's McAfee division, and Kaspersky Lab.
Ellen Messmer | 16 Apr | Read more
The Heartbleed Bug, a flaw in OpenSSL that would let attackers eavesdrop on Web, e-mail and some VPN communications, is a vulnerability that can be found not just in servers using it but also in network gear from Cisco and Juniper Networks. Both vendors say there's still a lot they are investigating about how Heartbleed impacts their products, and to expect updated advisories on a rolling basis.
Ellen Messmer | 11 Apr | Read more
The Heartbleed Bug, basically a flaw in OpenSSL that would let savvy attackers eavesdrop on Web, e-mail and some VPN communications that use OpenSSL, has sent companies scurrying to patch servers and change digital encryption certificates and users to change their passwords. But who's to blame for this flaw in the open-source protocol that some say also could impact routers and even mobile devices as well?
Ellen Messmer | 11 Apr | Read more
The Identity Theft Resource Center, which tracks data breaches, has counted 204 of them from January 1 to March 27.
Ellen Messmer | 09 Apr | Read more
IBM has come up with a technology for reducing the risk of data being exposed in mobile push notifications to mobile devices by coming up with a way to encrypt that information so service providers and others can't actually see any data related to the user's mobile device.
Ellen Messmer | 09 Apr | Read more
Banks and financial institutions regulated by the federal government must now monitor for distributed denial-of-service (DDoS) attacks against their networks and have a plan in place to try and mitigate against such attacks, a federal regulatory body said this week.
Ellen Messmer | 05 Apr | Read more
Security professionals are playing defense against cybercrime, and often feel outgunned by tech-savvy hackers and insiders out to steal sensitive data from within the business. They see a shortage of qualified security personnel to call on, but also believe that threat-detection tools are getting better.
Ellen Messmer | 04 Apr | Read more
In an evaluative lab test, FireEye and Ahnlab each scored "below average" on their breach-detection systems (BDS) in a comparative group product test which was conducted by NSS Labs.
Ellen Messmer | 03 Apr | Read more
Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary's annual Global Threat Intelligence Report out today, saying it sees botnet attacks as the biggest single threat.
Ellen Messmer | 27 Mar | Read more
Knock, knock! Secret Service here. "Is this your customer payment card data?"
Ellen Messmer | 26 Mar | Read more
Who doesn't like free stuff? There's a long tradition of free or open-source security tools, and one of the best sites to learn more about them is Security Tools, a running list of what it claims are the 125 best free security tools around.
Ellen Messmer | 25 Mar | Read more