It's one thing to be a victim of a phishing campaign, but it's an entirely different ball game when you're at the receiving end of a targeted attack.
The advanced persistent threat malware exploits existing vulnerabilities in servers, enabling attackers to maintain access to victims' data while remaining below the radar.
Exposing and defeating cyber criminal campaigns out for financial gain or trade secrets is the challenge of the day, but there are strategies and tools available to help.
The latest evidence of cyber espionage weaponry could be a harbinger of nation-state assaults to come.
The term advanced persistent threat, or APT, has been flung around by vendors ad nauseam over the past several years. In a sense, given the sheer number of breaches, one can't blame them. But is what they're telling you, the buyer, truthful?
A recent survey indicates that successful targeted attacks end up costing companies more than $200,000.
Compromising anywhere from a few thousand to well over a million systems, botnets are used by cyber criminals to take over computers and execute illegal and damaging activities.
A new trojan is targeting the same Java vulnerability that the Flashback malware took advantage of last week.
Much of the breach conversation over the past year has been devoted to so-called hacktivists. But nation-state adversaries, bent on looting organizations of intellectual property, are another breed entirely.
The attack du jour, APTs, or advanced persistent threats, are real threats.
Companies targeted by APT will need to upgrade their defenses strategy to include multiple, integrated layers of extremely sensitive anomaly detection and mitigation.
Stealthy, targeted attacks are real -- as evidenced by operations such as Shady RAT and Stuxnet -- and there isn't a one-size-fits-all remedy to deal with them.
"Cyber Atlantic 2011" aimed to clarify how the two nations can best communicate about cyber incidents that occur on government systems or critical infrastructure.
Hackers over the summer targeted at least 29 companies in the chemical sector during an attack campaign aimed at stealing intellectual property.
Following an attack on a major Japanese defense contractor, the nation's government computers were targets in an ambush that sought to monitor and steal sensitive communications.
In today's sophisticated malware and intrusion tactics, organizations should already assume they have been compromised. The key is readiness, says Larry Whiteside, CISO, Visiting Nurse Service of N.Y.
Internet and email service remains offline at the Oak Ridge National Laboratory after spear phishing attacks led to the theft of sensitive data.
Experts are unclear about the level of risk facing RSA customers after the security firm on Thursday reveled that hackers successfully breached its systems.
Hackers have successfully infiltrated security firm RSA to steal information related to its two-factor authentication products, the company's president revealed in a letter Thursday to customers.
2011 promises to deliver a major influx of mobile application attacks, plus other sophisticated digital assaults, said Dave DeWalt, CEO of McAfee, during a keynote address Wednesday at SC Congress Canada in Toronto.
Jerry Dixon, the former head of US-CERT, will examine the truth behind one of 2010's biggest IT security buzzwords when he speaks at next month's SC World Congress.
Botnets have evolved into full-fledged criminal enterprises, and those organizations that take the threat lightly will be the ones paying in the end.
Many in the security community say Google would be wrong to base its decision to scale back internal Windows use over security concerns.
The world of hacking has evolved into two major varieties: industrialized attacks and advanced persistent threats (APT).
Intel told the federal government that it was the victim of a "sophisticated" cyberattack that occurred in January, around the time cybercriminals compromised systems at Google, Adobe and more than 30 other large companies.