Christophe Birkeland, CTO of malware analysis for Blue Coat Systems, was part of the team that discovered the Russia-targeting Inception campaign, and says the hunt for new APT attacks remains ongoing.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
Wary of intrusions, data compromise and theft, organizations increasingly are deploying privileged access management solutions. Idan Shoham of Hitachi ID Systems offers the essential do's and don'ts.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
Phishing campaigns are becoming harder to mitigate because of an uptick in spoofed websites tied to top-level domains, such as .bank, says Dave Jevans of the Anti-Phishing Working Group.
Too few security systems interoperate, which makes it difficult for organizations to block or detect data breaches. But Cisco has an interoperability plan to improve the state of cybersecurity defenses, Chief Security Architect Martin Roesch says.
By 2018, Javelin predicts that new account fraud and account takeover will eclipse present worries about POS attacks and retail breaches. Why breached PII should be our biggest worry.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
If you look at recent breaches, you see a common thread: If privileged identities were better managed, breach impacts would greatly lessen. Bill Mann of Centrify discusses the essentials of privileged ID management.
Organizations are getting increasingly prioritizing incident response capabilities by putting investigation firms on retainer, or creating their own internal teams, says Patrick Morley, president and CEO of Bit9 + Carbon Black.
Gartner's Claudio Neiva says there is only so much an intrusion detection and prevention system can do, so organizations need to take additional steps to safeguard critical data and systems.
For Symantec, the investigation into the Duqu 2 began May 29, when Kaspersky Lab shared samples of the espionage malware - which is based on Flame and Stuxnet - and asked the security researchers to help verify its findings.
A three-month breach of card transactions at New York's Eataly restaurant/grocery store, and reports about two new malware strains, highlight why more attention needs to be paid to POS system security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.