Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
Organizations rely on a variety of outside firms to deliver security services. But how can they get the most value? Catherine Buhler, CISO of BlueScope Steel, shares how she challenges managed security services providers.
Two researchers who launched a crowdsourced effort to subscribe to the Shadow Brokers' monthly leak of stolen Equation Group exploits - on behalf of the entire information security community - have dropped their effort, citing legal concerns.
The figure sounds alarming, 60 percent of small companies went belly up within six months of a breach. And that stat was repeated several times by lawmakers as a House panel debated - and approved - a bill aimed at helping small businesses battle hackers. But is that number true?
U.S. prosecutors are expected to soon issue indictments charging four individuals with launching hack attacks against Yahoo, Bloomberg reports. But it's unclear to which of the two massive Yahoo breaches the charges might relate.
Vice President Mike Pence used a personal AOL email account while governor of Indiana to conduct official business, and his account was hacked. Live by the private email account, die by the private email account?
For any of the tens of thousands of organization that may be smarting from this week's Amazon Web Services and Simple Storage Solution (S3) outage, take the following advice to heart: "You must kill your darlings."
Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
Entities across all industry sectors appreciate the need for ensuring secure relationships with their third-party service providers. Jasson Casey of SecurityScorecard discusses new solutions for achieving those secure relationships.
Dutch police reveal they arrested an e-commerce website developer on charges of installing backdoors that allowed him to siphon 20,000 email addresses and passwords, which he then allegedly used to commit fraud using some old-school tactics.
Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
Will the advent of faster payments in the U.S. open new doors for fraud? Business continuity and security are priorities for the Federal Reserve, says Marianne Crowe of the Boston Fed. But independent consultant Richard Party begs the question: Is the U.S. really ready?
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.