Security vendors are known to sprinkle hyperbole among their claims. But the strategy has backfired for DirectDefense, which mistakenly cast endpoint protection vendor Carbon Black as a contributor to the "world's largest pay-for-play data exfiltration botnet."
In the wake of the reported FBI probe into Moscow-based Kaspersky Lab, here's a question: Could a government compel a domestic cybersecurity firm to ignore state-sponsored malware, or even add backdoors to its software or hardware products, without getting caught?
A watchdog agency's annual security review of the Department of Veterans Affairs, the nation's largest healthcare provider, makes 33 recommendations for how the VA can address a variety of continuing vulnerabilities, but only three of them are new. What are the latest concerns?
Many security leaders argue over whether their incident response posture needs to be proactive or reactive. But Rsam CISO Bryan Timmerman says it isn't either or - that organizations need both. Here's why.
Sixty-five percent of security leaders consider their organizations' security postures to be above average or superior. But only 29 percent are very confident in their security controls. Neustar's Tom Pageler analyzes results of Strategic Cybersecurity Investments Study.
Target has reached a record settlement agreement with 47 states' attorneys general over its 2013 data breach. The breach resulted in hackers compromising 41 million customers' payment card details and contact details for more than 60 million customers being exposed.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
An increase in unemployment isn't always a bad sign. It could reflect that more people are entering the workforce and looking for work, but have yet to land jobs. Could that be happening with IT security practitioners?
The U.S. regulation that forbid ISPs from selling information about web activity without a customer's permission is gone. But it's still possible to maintain privacy on the Web even if prying eyes are watching.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
With the rapid changes in the threat landscape and the risks introduced by DevOps, the cloud and other new elements, organizations need to have a continuous vulnerability assessment program as a security baseline, says Richard Bussiere of Tenable Network Security.
The Department of Health and Human Services is making progress in improving its information security practices, but it still has gaps that put sensitive data at risk for compromise, according to a new watchdog agency report. Experts say those same gaps are pervasive at many healthcare organizations.