It's been a month since the Heartbleed Bug set off a stampede to patch software in everything from network gear to security software as it quickly became evident that vulnerable versions of the OpenSSL encryption code had been very widely deployed.
Companies were getting hit on average with "unknown malware" around 53 times a day in 2013, according to Check Point's annual analysis of threat data collected from about a thousand enterprise customers. Check Point defines 'unknown malware" as malicious code that exploits a known vulnerability or weakness, but can't be detected at the time of its discovery by up-to-date anti-virus or intrusion-prevention systems.
Threat protection company FireEye Tuesday announced it's acquiring nPulse Technologies, a privately-held maker of high-speed packet-capture, network analysis and forensics gear, for $70 million in a cash-stock deal expected to close during the second quarter.
There's been much discussion in the security industry that preventing malware-based infiltrations into the enterprise is nigh on impossible, and the new security mantra should be "rapid detection is the new prevention." On that, IBM begs to differ.
Symantec has announced its Advanced Threat Protection (ATP) effort for new products and managed security services to support enterprise customers in fending off targeted zero-day attacks in particular.
It cost U.S. companies hit by data breaches last year an average of $5.4 million to cope with the after-effects – up 9% from the year before, according to the ninth annual Ponemon Institute study published Monday.
Microsoft is making an about face and issuing a security fix for an Internet Explorer problem facing Window XP as well as all other Microsoft operating systems.
Target has named veteran IT executive Bob DeRodes as its CIO and is tasking him with taking the $73 billion retailer in a new technology direction following the mammoth data breach that it disclosed late last year. The breach resulted in information being stolen from 70 million payment card users and prompted the resignation of CIO Beth Jacob.
Though you may know and follow basic security measures on your own when installing and managing your network and websites, you'll never be able to keep up with and catch all the vulnerabilities by yourself.
Microsoft is trying to gauge the seriousness of a zero-day flaw in all Internet Explorer browsers from versions 6 through 11 and whether it warrants issuing an out-of-band fix before May's Patch Tuesday.
Cisco today announced Managed Threat Defense, a set of security services for the enterprise that Cisco is providing through two new operations centers to remotely support intrusion-detection, incident response and forensics, among other services.
Verizon today issued its annual data-breach investigations report, a study of what happened in 1,367 known cases across dozens of industries in 95 countries last year, and the most common form of attack was breaking in through Web applications.
The Stuxnet malware known to have stealthily targeted Iranian nuclear facilities a few years ago was a wake-up call about how vulnerable critical industrial systems can be to cyberattack. Now, an Israeli start-up, with help from General Electric, is testing security technology that would detect Stuxnet-like attacks on critical infrastructure systems used for power production.
Socially-engineered malware tries to trick users into downloading and executing malicious code through tactics that include everything from fake antivirus to fake utilities to fake upgrades to the operating system and trojanized applications.
With nearly every major threat to information security, it is not long before security experts ask the question, "Can the threat play a role in distributed denial of service (DDoS) attacks?" When it comes to Heartbleed, some people are screaming that the sky is falling, but it is more complicated than that.