A very advanced and targeted cyber-espionage campaign has been active for five years, and employs stealthy malware that can penetrate air-gapped networks and exfiltrate data using multiple techniques, security researchers warn.
Too many organizations have too many disjointed security controls, says Vijay Bharti, Vice President and Head of the Security Unit at Happiest Minds. What do they need? In this interview, Bharti talks about the pressing need for an integrated cybersecurity approach that includes analytics, machine learning and a...
CISOs must be empowered to define the security architecture for smart cities. How? By securing endpoints of known and unknown device categories in the network, says David Dufour, head of security architecture for smart cities at Webroot.
Security firms are warning that they've seen a spike in infections tied to a virulent strain of trojanized Android adware called Shedun - a.k.a. HummingBad - that can root smartphones, survive factory resets and earn cybercriminals big money.
A bitter battle flares up in the fiercely competitive endpoint protection products market, and uncovering the real impact over Hillary Clinton's email server. These items highlight this edition of the ISMG Security Report.
Endpoint protection vendors compete fiercely for customers, and allegations of impropriety are common among rivals. The latest battle pits Sophos against Cylance. Whose version of the story is the truth?
While malware may be used for an initial attack, hackers quickly begin using tools to move around networks that often don't raise suspicion. Here's what to look out for to detect a "low and slow" attack.
Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
In an in-depth interview, Michael Sentonas of breach response specialist CrowdStrike discusses how a focus on malware detection may still be leaving organizations exposed and describes the firm's new efforts in the Asia-Pacific region.
Adobe Flash security alert redux: All enterprises should immediately update - or delete - all instances of Flash Player, following reports that a zero-day flaw in the Web browser plug-in is being targeted by the new "ScarCruft" APT group.
Preparing for data breaches - to detect them quickly, respond appropriately and ascertain exactly what happened - can help make the difference between a security incident having major or minor repercussions, says CrowdStrike CEO George Kurtz.
Apple is building "differential privacy" into iOS 10 to try and block attempts to identify or track individual users based on their behavior, keyword searches or other activities. But will the functionality perform as advertised?
First the hackers came for our credit cards. Now they're taking control of our TVs. Witness the latest version of FLocker - for "frantic locker" - which is designed to lock Android devices, including smart TVs.