Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
Gartner's Claudio Neiva says there is only so much an intrusion detection and prevention system can do, so organizations need to take additional steps to safeguard critical data and systems.
For Symantec, the investigation into the Duqu 2 began May 29, when Kaspersky Lab shared samples of the espionage malware - which is based on Flame and Stuxnet - and asked the security researchers to help verify its findings.
Fighting fraud requires a well-rounded, defense-in-depth strategy that makes good use of appropriate threat intelligence, says Chris Richter of Level 3 Communications.
The Syrian Electronic Army claims credit for defacing the U.S. Army's public-facing website with propaganda. Following the June 8 hack, the Army took the website offline, pending related fixes.
Two years after the leaks that showed the U.S. National Security Agency spied on America's European allies, the U.S. and Europe still need to rebuild trust so they can collaborate on defending against cyber-attacks, says Carsten Casper of Gartner.
Many questions remain unanswered about the data breach at the U.S. Office of Personnel Management that may have exposed personal information for 4 million current and former government workers. Here's a closer look at seven of them.
When it comes to advanced threat protection, security leaders increasingly turn to new machine learning solutions. Stephen Newman of Damballa discusses key skills and strategies necessary for success.
"Show me your dashboard." That's a request security expert Gavin Millard regularly makes to CISOs to demonstrate how today's too-complex dashboards highlight the challenge of gathering and distilling essential security metrics.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Rather than taking specific steps to thwart potential cyber-attacks from nation-states, organizations should focus instead on implementing a comprehensive strategy to protect their sensitive data from all threats, says Lance James of Deloitte &Touche.
While cyberthreat information sharing within the banking sector has improved, the retail sector has failed to keep up. But ISACA's Robert Stroud said pending federal legislation could help change that.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.