Symantec has issued new warnings about a malware strain known as Poweliks, noting that this Trojan is being used in conjunction with ransomware. But security experts disagree over the severity of the threat.
Christophe Birkeland, CTO of malware analysis for Blue Coat Systems, was part of the team that discovered the Russia-targeting Inception campaign, and says the hunt for new APT attacks remains ongoing.
EdgeWave's Mike Walls, a former bomber pilot who led Navy red teams, says penetration testing is useful in analyzing bits and bytes but not the readiness of operations under attack from cyberspace. Red teams, he says, can analyze the impact on operations.
Keeping track of missing devices is a critical aspect of information security. Ali Solehdin, senior product manager at Absolute Software, discusses Computrace, which helps organizations secure endpoints and the sensitive data those devices contain.
Encrypted browsing - using HTTPS - helps secure online communications, and Apple says developers must now employ the protocol by default. Likewise, the White House says that by 2017, all federal websites must adopt HTTPS-only policies.
Too few security systems interoperate, which makes it difficult for organizations to block or detect data breaches. But Cisco has an interoperability plan to improve the state of cybersecurity defenses, Chief Security Architect Martin Roesch says.
Kaspersky Lab has discovered a new, advanced persistent threat - inside its own networks. Dubbed Duqu 2.0, the malware has ties to Stuxnet, and was used to target Iranian nuclear negotiations, researchers say.
For Symantec, the investigation into the Duqu 2 began May 29, when Kaspersky Lab shared samples of the espionage malware - which is based on Flame and Stuxnet - and asked the security researchers to help verify its findings.
A three-month breach of card transactions at New York's Eataly restaurant/grocery store, and reports about two new malware strains, highlight why more attention needs to be paid to POS system security.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Financial services firms are increasingly applying contextual security tools to help identify fraud more quickly. But a shift to continuous authentication will provide even better security, says Vasco's Jan Valcke.
This year's Infosecurity Europe conference in London - celebrating its 20th anniversary - decamped from Earl's Court to the glass-topped, 19th-century Olympia Conference Center, and featured more than 300 exhibitors and 200 speakers.
Intel Security cybercrime expert Raj Samani says that after the April disruption of the Beebone botnet by law enforcement agencies, researchers have found more infected nodes than normal, largely in Iran.