Sen. Dianne Feinstein's (D-Calif.) claim that the CIA violated provisions of the Computer Fraud and Abuse Act when it accessed computers used by members of the Senate Intelligence Committee, could be hard to substantiate, according to a leading legal expert.
As the U.S. Secretary of Defense, Leon Panetta delivered strong warnings about the risks of cyberattacks on the country. His conviction that a possible 'cyber Pearl Harbor' may be looming has not tempered since leaving the post last year.
Recently released security updates for the popular Joomla content management system (CMS) address a SQL injection vulnerability that poses a high risk and can be exploited to extract information from the databases of Joomla-based sites.
Hackers attacked the personal blog of Mt. Gox CEO Mark Karpeles on Sunday and posted what they claim is a ledger showing a balance of some 950,000 bitcoins based on records they obtained from the defunct exchange for the virtual currency.
The first Cebit trade show in the post-Snowden era will focus on security, showing off locally developed bug-proof phones and messaging systems, as well as the ability to protect mobile devices using smartcards.
Trying to protect your expanding virtual machine (VM) empire will require a security product that can enforce policies, prevent VMs from being terminated or infected, and deliver the virtual equivalents of firewalls, IPS and anti-virus solutions.
Whether you're talking about your network, your company's building or your home, a perimeter approach to security is no longer adequate. As McAfee discussed at this week's RSA Conference, you can't provide physical or electronic security simply by trying to prevent authorized access -- you have to rethink all types to security to protect data and lives.
How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.
In medieval times, kings let barbarians break down the castle gates but made sure they paid the price once they got inside. McAfee's approach to security takes a similar approach -- since data breaches are inevitable, companies should worry less about the perimeter and more on catching the bad guys in the act.
Following a solid year of intensive work, the National Institute of Standards and Technology (NIST) released yesterday its "final" framework for improving critical infrastructure cybersecurity as mandated under a February 2013 executive order by President Obama. The 41-page document closely tracks, with some notable changes, the preliminary framework released by NIST in November.
Recently, we have been called in to help companies handle attacks from the Syrian Electronic Army (SEA). Our first priority is to help contain the damage, figure out which accounts have been compromised that have not been used yet to cause damage, and clean things up.