The FBI is reportedly investigating newly discovered "unauthorized code" in the firmware that runs the NetScreen firewalls built by Juniper Networks, which attackers could have been using to remotely access devices and decrypt traffic without leaving a trace.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
ATM fraud losses are increasing globally, and we can expect to see this trend continue as the U.S. ramps up its migration to EMV at the point of sale. Unattended terminals are easy to compromise, and they will always be among fraudsters' favorite targets.
Nothing says "you really screwed up" like receiving the Pwnie Award for "Most Epic Fail" at the annual Black Hat conference. Hence it's no surprise that in the wake of its mega breach, the win goes to the U.S. Office of Personnel Management.
Virtualization and related developments bring significant changes to the architecture of today's data centers. At RSA Conference Asia Pacific & Japan, Cisco's Munawar Hossain defines these changes and outlines the new challenges.
As more enterprises adopt software-defined networking, hackers are finding the emerging technology to be a new route to penetrate organizations. Anthony Lim of (ISC)Â² recommends ways to secure SDNs against attacks.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
To help organizations discover what they don't know is happening on their networks, Darktrace uses machine learning to create advanced baselines of normal behavior, then sounding alarms when it sees deviations.
To better secure enterprise networks, as well as detect and respond more rapidly to data breaches, businesses need to know the who, what, where, when and why of all endpoints that connect to network resoruces, says ForeScout's Sandeep Kumar.
Are you heading to RSA Conference 2015 in San Francisco? If so, be sure to connect with Information Security Media Group. We'll be out in full force on the Expo floor, as well as running a number of must-attend sessions and events.
Leaders and top practitioners from numerous federal government agencies will transplant themselves to San Francisco this coming week to share their knowledge on a wide range of topics at RSA Conference 2015.
Troy Leach of the PCI Security Standards Council says data security standards are not failing; they just aren't being applied continuously. And conformance with the Payment Card Industry Data Security Standard is just one piece of the puzzle.