Palo Alto Networks' annual threat analysis of customer network traffic shows that botnet-controlled malware that makes its way into enterprise networks almost always uses the User Datagram Protocol (UDP) to communicate, blending in with legitimate UDP-based applications such as video.
The abrupt discontinuation of the disk and file encryption freeware TrueCrypt by its secretive software developers has left many security experts stunned, some of whom say there now are no viable alternatives left in non-commercial encryption software.
The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed bug was discovered, is among them.
Juniper Networks and Palo Alto Networks today agreed to settle their long-running firewall-related patent infringement lawsuits against each other, with Juniper saying Palo Alto Networks has agreed to pay US$175 million in cash and equity as part of the settlement.
While small- to midsized businesses (SMB) don't have the luxury of information security teams and resources that large enterprises can afford, they still face many of the same threats.
Going into 2014, a whirlwind of security start-ups are looking to have an impact on the enterprise world. Most of these new ventures are focused on securing data in the cloud and on mobile devices. Santa Clara, California-based Illumio, for example, founded earlier this year, is only hinting about what it will be doing in cloud security. But already it's the darling of Silicon Valley investors, pulling in over $42 million from backer Andreesen Horowitz, General Catalyst, Formation 8 and others.
It may be difficult to remember now, but not too long ago, cyberattacks rarely made headlines in mainstream news. That's not to say that these advanced persistent threats, sometimes state-sponsored or the product of organized crime, were uncommon. On the contrary, they were booming. It was just that few people liked to talk about them.
The firewall in decades past was mainly the port-based guardian of the Internet. Now vendors are vying to build so-called "next-generation firewalls" that are "application-aware" because they can monitor and control access based on application use.
When it comes to information security, there are a lot of "misperceptions" and "exaggerations" about both the threats facing businesses and the technologies that might be used to protect their important data assets, according to Gartner analyst, Jay Heiser.
They're security myths, oft-repeated and generally accepted notions about IT security that ... simply aren't true. As we did a year ago, we've asked security professionals to share their favorite "security myths" with us. Here are 13 of them.