Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
For Symantec, the investigation into the Duqu 2 began May 29, when Kaspersky Lab shared samples of the espionage malware - which is based on Flame and Stuxnet - and asked the security researchers to help verify its findings.
A three-month breach of card transactions at New York's Eataly restaurant/grocery store, and reports about two new malware strains, highlight why more attention needs to be paid to POS system security.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Financial services firms are increasingly applying contextual security tools to help identify fraud more quickly. But a shift to continuous authentication will provide even better security, says Vasco's Jan Valcke.
This year's Infosecurity Europe conference in London - celebrating its 20th anniversary - decamped from Earl's Court to the glass-topped, 19th-century Olympia Conference Center, and featured more than 300 exhibitors and 200 speakers.
Intel Security cybercrime expert Raj Samani says that after the April disruption of the Beebone botnet by law enforcement agencies, researchers have found more infected nodes than normal, largely in Iran.
How does an advanced threat adversary operate for 10 years, undetected? FireEye APAC CTO Bryce Boland shares details of the decade-long APT30 campaign that targeted organizations in India and Southeast Asia.
Cybercrime continues to evolve, offering an ever-increasing array of niche capabilities, ranging from attack techniques and infrastructure to related research and sales services, warns Trend Micro's Bharat Mistry.
To help organizations discover what they don't know is happening on their networks, Darktrace uses machine learning to create advanced baselines of normal behavior, then sounding alarms when it sees deviations.
Assessing the risks presented by "digital business" - the new business designs that blur the digital and physical worlds - will be a theme at the 2015 Gartner Security and Risk Management Summit, says Andrew Walls, event chairman.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
A new breach reported by Heartland Payment Systems won't get much attention. But this incident could be more damaging to the undisclosed number of consumers affected than was Heartland's 2008 payment card breach.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.