Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
To fight today's sophisticated adversaries and protect the nation's digital infrastructure, the cybersecurity industry must unite technologies, develop new ones and cultivate experts.
Department of Homeland Security (DHS) Secretary Janet Napolitano this week campaigned before federal lawmakers in support of her agency's portion of President Obama's $3.7-trillion proposed budget.
The Department of Homeland Security (DHS) division tasked with coordinating the cyber defense of federal agencies is falling short in several areas, according to an inspector general report released Wednesday.
Firewalls are again becoming talk of the town. There are an enormous amount of opinions including claims of a recent firewall revolution that have been proposed to completely change the firewall landscape. I will be the first to admit that the features and capabilities offered in today's firewall products are not the same as was offered in their original incarnation. But then again, traffic patterns and applications are not the same as they were when firewalls first hit the market.
There is overwhelming evidence in reports such as the SANS Top Cyber Security Risks and the Verizon Data Breach Investigation Report that web applications are the Achilles' heel of most networks and criminals know it. In order to protect web applications, the network security paradigm has to shift from "Keep People Out" to "What Are They Doing?" and the IT infrastructure spending needs to follow suit.
Hewlett-Packard announced Wednesday plans to acquire 3Com, whose TippingPoint subsidiary is one of the best-known providers of intrusion prevention systems.
Accused NASA hacker is running out options to avoid extradition to the United States.
A new report says web application firewalls and intrusion prevention systems are necessary technologies for many businesses, but intrusion detection systems and network behavior anomaly detection technologies are declining in popularity.
The National Security Agency will assist in a new program to monitor government traffic on private-sector computer networks, as part of a new program called Einstein 3, according to a published report.
A fundamental tension exists in balancing individual privacy rights and the collective right to security, Gary McGraw, CTO of application security vendor Cigital said at the RSA Conference Tuesday.
The Pentagon has spent more than $100 million in the past six months repairing damage to its networks caused by cyberattacks, according to military officials.
The recently uncovered cyberespionage network named GhostNet made use of phishing malware to attack the nearly 1,300 computers that are said to have been compromised by servers traced to China.
Vulnerabilities in web applications made up 80 percent of all web-related flaws in the second half of 2008 and rose in prevalence by about eight percent from the first half of the year.
Computer systems that are already infected by the Conficker worm are being pushed a new component that kills protective security processes.
Web filtering today goes beyond just blocking access. It now has to be integrating Web 2.0, managing data leakage, and guarding against malware coming in, according to a new study.
Attacks on government computer networks increased sharply in 2008, but the new administration's focus on cybersecurity may help thwart future attacks.
Managed security vendor Trustwave will add network access control (NAC) technology to its suite of solutions with its acquisition of Mirage Networks, the company announced Tuesday.
StillSecure has acquired ProtectPoint Security, a managed security services provider. The deal, announced Monday, helps round out StillSecure's line of NAC, IDS/IPS and vulnerability management products, the company said. Teams from both companies will integrate manufacturing and management efforts to build and manage network security. Terms of the deal were not disclosed; both companies are privately held. — CAM
An online computer supplies and electronics retailer settled Federal Trade Commission charges that it violated federal law by not providing adequate security to protect customer data, the agency announced Thursday.
Companies around the globe are recognizing the second annual Data Privacy Day on Wednesday with seminars and other events aimed at educating users and generating discussion around the topic.
NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.
There appears to be one more chance for accused NASA hacker Gary McKinnon to avoid extradition to the United States.
One of the congressmen who admitted last year that his office computers were hacked wants to raise cybersecurity awareness on Capitol Hill.
The news comes after a serious weakness was revealed last week in the MD5 cryptographic hash function.
Twitter users had their account credentials stolen in a massive, still ongoing phishing campaign.
Certification Authorities that have not moved to a more secure cryptographic hash function than MD5 have come under fire in the security world.
Research presented at the 25th Chaos Communication Congress in Berlin demonstrated how an attacker could impersonate any website, including those secured by the HTTPS protocol.
With attackers shifting their focus to applications, the IT team at University of Miami, Miller School of Medicine, decided it was time to upgrade the school's intrusion prevention solution, reports Greg Masters.
A former employee of the U.S. Department of State was sentenced for unauthorized access to a database containing passport applicants' confidential information.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards