The willingness to invest in new security start-ups is continuing at such a breakneck pace that start-ups still in stealth mode are getting snapped up by more established players before they even publicly introduce their security products and services.
There used to be a whopping 110 million attack messages per day spoofing the Twitter domain name as cyber-criminals blasted out fake Twitter e-mail at intended victims to try and fool them into opening dangerous malware-infested links and other scams. But by adopting a messaging authentication protocol called Domain-based Message Authentication, Reporting and Conformance (DMARC), Twitter has seen that number drop to a few thousand.
Anti-virus software is still often considered a "checkbox" item for enterprise deployments, especially on Microsoft Windows, but over the decades, anti-virus software changed to do far more than just signature-based virus blocking. Today, the question is whether the type of anti-malware product that evolved from virus checking can transform again to be a part of a "breach detection system," or BDS
Juniper Networks' legal battle against Palo Alto Networks claiming infringement of application-firewall patents ended in a mistrial being declared in a Delaware court, but Juniper says it intends to haul Palo Alto back into court again.
Malware often does strange things, but this one -- which looked like Skype installed on a corporate domain controller -- was most "peculiar," says Jim Butterworth, a security expert at ManTech International, whose security subsidiary HBGary recently found the custom-designed remote-access Trojan on a customer's network.
A government watchdog group tasked with overseeing whether actions the President's executive office takes to combat terrorism don't throw civil liberties overboard in the process is taking aim at the National Security Agency's "PRISM" data-collection surveillance program.
When it comes to mobile devices, it's well known that malware writers like to target Android. But a threat report published by security firm F-Secure puts in perspective why Android malware attacks often flop and why Android itself is no pushover.
A year ago, Mandiant, since acquired by FireEye, issued a long report called "APT1" that accused China's People's Liberation Army of launching cyber-espionage attacks against 141 companies in 20 industries through a group known as "PLA Unit 61398" operating mainly from Shanghai.
Cisco has kicked off a contest with $US300,000 in prize money that challenges security experts around the world to put together ways to secure what's now called the Internet of Things, the wide range of non-traditional computing devices used on the electric grid, in healthcare and many other industries.
The director of the Federal Bureau of Investigation (FBI) said this week his agency plans to introduce a malware-analysis system later this year that will let businesses and the public, report newly identified malware attacks, upload malware samples and receive reports on them.
At the RSA Conference today, security start-up Skycure plans to disclose a vulnerability in Apple iOS devices that can impact mobile-device management (MDM) systems running on them.
How bad can cyberattacks get? How about burning the internal components of a machine, whether PC or Mac, to a crisp so there's no thought of it being recoverable? That's what security vendor CrowdStrike showed could be done to an Apple Mac OS X today at the RSA Conference.
Two recently-discovered flaws in Apple iOS and Mac OS X have security experts openly asking whether the software vulnerabilities represent backdoors inserted for purposes of cyber-espionage. There's no clear answer so far, but it just shows that anxiety about state-sponsored surveillance is running high.
After acquiring mobile application management company Bitzer Mobile late last year, Oracle today announced that it has taken Bitzer's basic "container" technology for Apple ioS and Google Android and linked it to identity management.
Did the National Security Agency trick RSA, the security division of EMC, into including a crypto algorithm that was really an NSA cyber-espionage backdoor into the RSA BSAFE toolkit in order to propagate it through tech industry products?