Intrusion Prevention News, Articles and Updates
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
To fight today's sophisticated adversaries and protect the nation's digital infrastructure, the cybersecurity industry must unite technologies, develop new ones and cultivate experts.
Department of Homeland Security (DHS) Secretary Janet Napolitano this week campaigned before federal lawmakers in support of her agency's portion of President Obama's $3.7-trillion proposed budget.
The Department of Homeland Security (DHS) division tasked with coordinating the cyber defense of federal agencies is falling short in several areas, according to an inspector general report released Wednesday.
Firewalls are again becoming talk of the town. There are an enormous amount of opinions including claims of a recent firewall revolution that have been proposed to completely change the firewall landscape. I will be the first to admit that the features and capabilities offered in today's firewall products are not the same as was offered in their original incarnation. But then again, traffic patterns and applications are not the same as they were when firewalls first hit the market.
There is overwhelming evidence in reports such as the SANS Top Cyber Security Risks and the Verizon Data Breach Investigation Report that web applications are the Achilles' heel of most networks and criminals know it. In order to protect web applications, the network security paradigm has to shift from "Keep People Out" to "What Are They Doing?" and the IT infrastructure spending needs to follow suit.
Hewlett-Packard announced Wednesday plans to acquire 3Com, whose TippingPoint subsidiary is one of the best-known providers of intrusion prevention systems.
Accused NASA hacker is running out options to avoid extradition to the United States.
A new report says web application firewalls and intrusion prevention systems are necessary technologies for many businesses, but intrusion detection systems and network behavior anomaly detection technologies are declining in popularity.
The National Security Agency will assist in a new program to monitor government traffic on private-sector computer networks, as part of a new program called Einstein 3, according to a published report.
A fundamental tension exists in balancing individual privacy rights and the collective right to security, Gary McGraw, CTO of application security vendor Cigital said at the RSA Conference Tuesday.
The Pentagon has spent more than $100 million in the past six months repairing damage to its networks caused by cyberattacks, according to military officials.
The recently uncovered cyberespionage network named GhostNet made use of phishing malware to attack the nearly 1,300 computers that are said to have been compromised by servers traced to China.
Vulnerabilities in web applications made up 80 percent of all web-related flaws in the second half of 2008 and rose in prevalence by about eight percent from the first half of the year.
Computer systems that are already infected by the Conficker worm are being pushed a new component that kills protective security processes.
Web filtering today goes beyond just blocking access. It now has to be integrating Web 2.0, managing data leakage, and guarding against malware coming in, according to a new study.
Attacks on government computer networks increased sharply in 2008, but the new administration's focus on cybersecurity may help thwart future attacks.
Managed security vendor Trustwave will add network access control (NAC) technology to its suite of solutions with its acquisition of Mirage Networks, the company announced Tuesday.
StillSecure has acquired ProtectPoint Security, a managed security services provider. The deal, announced Monday, helps round out StillSecure's line of NAC, IDS/IPS and vulnerability management products, the company said. Teams from both companies will integrate manufacturing and management efforts to build and manage network security. Terms of the deal were not disclosed; both companies are privately held. — CAM
An online computer supplies and electronics retailer settled Federal Trade Commission charges that it violated federal law by not providing adequate security to protect customer data, the agency announced Thursday.
Companies around the globe are recognizing the second annual Data Privacy Day on Wednesday with seminars and other events aimed at educating users and generating discussion around the topic.
NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.
There appears to be one more chance for accused NASA hacker Gary McKinnon to avoid extradition to the United States.
One of the congressmen who admitted last year that his office computers were hacked wants to raise cybersecurity awareness on Capitol Hill.
The news comes after a serious weakness was revealed last week in the MD5 cryptographic hash function.
Twitter users had their account credentials stolen in a massive, still ongoing phishing campaign.
Certification Authorities that have not moved to a more secure cryptographic hash function than MD5 have come under fire in the security world.
Research presented at the 25th Chaos Communication Congress in Berlin demonstrated how an attacker could impersonate any website, including those secured by the HTTPS protocol.
With attackers shifting their focus to applications, the IT team at University of Miami, Miller School of Medicine, decided it was time to upgrade the school's intrusion prevention solution, reports Greg Masters.
A former employee of the U.S. Department of State was sentenced for unauthorized access to a database containing passport applicants' confidential information.
SC Magazine Articles
- GCHQ infosec group disclosed kernel privilege exploit to Apple
- Adobe Flash remains threat as users fail to update, researchers
- Russian bank app changes password when users attempt removal
- Update: 117 million LinkedIn email credentials found for sale on the dark web
- 2.5K Twitter accounts hacked to spread links to adult content
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Spearphishing attack nets $495K from investment firm
- Updated: Gmail, Yahoo email credentials among millions found on the dark web
- Adobe Flash remains threat as users fail to update, researchers
- Organizations need formal vendor risk management programs, study
- The Southeast Eye Institute patient information compromised
- Microsoft warns of new, self-propagating ransomware in the wild
- Email error leaks hundreds of Northern Ireland prison officer details
- Knock Knock! Unique new backdoor Trojan infecting computers
- CEO sacked after aircraft company grounded by whaling attack