The Internet's seething Web of content resembles endless bubbles popping to the surface for only a day, then vanishing, a security study from Blue Coat Systems released today indicates. That means there are a huge number of new, unknown and transient sites daily, posing challenges to determine whether they are benign, or should be blocked as dangerous.
Stories by Ellen Messmer
Setting corporate cyber-security policy and taking actions around it must be a top concern for the board of directors at any company, not just the information-technology division, the Department of Homeland Security (DHS) indicated as a high-level official there backed a private-sector effort to raise awareness at the board level.
The "Bring Your Own Identity" (BYOID) trend in which websites let users authenticate using identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo or other means raises some questions in the minds of IT and business managers. And a survey conducted by Ponemon Institute shows a vast difference in how the IT and business sides think about this so-called BYOID method of authentication.
The Amazon AWS cloud service is fine for enterprise workloads and applying security controls such as encryption and firewalls is possible, though more security vendors need to step up to support Amazon's EC2 service, according to the Gartner analysis presented today.
Gartner has kicked off its annual Gartner Security and Risk Management Summit 2014 in National Harbor, Maryland, by pointing to the top threat challenges heading into next year -- and added that in the future, the term IT security will give way to "digital security" to encompass newer challenges, such as the Internet of Things.
Just because Gates has given up his role as Microsoft's Chairman doesn't mean he's slowing down…
While small- to midsized businesses (SMB) don't have the luxury of information security teams and resources that large enterprises can afford, they still face many of the same threats.
Just because BYOD has become standard operating procedure in most workplaces doesn't mean the practice has stopped causing challenges for IT.
It's been a month since the Heartbleed Bug set off a stampede to patch software in everything from network gear to security software as it quickly became evident that vulnerable versions of the OpenSSL encryption code had been very widely deployed.
It cost U.S. companies hit by data breaches last year an average of $5.4 million to cope with the after-effects – up 9% from the year before, according to the ninth annual Ponemon Institute study published Monday.
The Identity Theft Resource Center, which tracks data breaches, has counted 204 of them from January 1 to March 27.
Here are 20 of the most notorious known break-ins over the past decade.
When it comes to mobile devices, it's well known that malware writers like to target Android. But a threat report published by security firm F-Secure puts in perspective why Android malware attacks often flop and why Android itself is no pushover.
A year ago, Mandiant, since acquired by FireEye, issued a long report called "APT1" that accused China's People's Liberation Army of launching cyber-espionage attacks against 141 companies in 20 industries through a group known as "PLA Unit 61398" operating mainly from Shanghai.
Did the National Security Agency trick RSA, the security division of EMC, into including a crypto algorithm that was really an NSA cyber-espionage backdoor into the RSA BSAFE toolkit in order to propagate it through tech industry products?