As enterprises spend frugally on IT security, cybercriminals aren't, and that presents big problems for organizations working feverishly to secure their digital assets, says Steve Durbin, global vice president of the Information Security Forum.
The Paul Allen card breach reiterates a concern financial fraud experts have been screaming about for years: Socially-engineered schemes that compromise employees. So, what can institutions do about them?
Increasingly, social engineers target unwitting insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? CMU's Dawn Cappelli offers tips.
Components manufactured overseas that go into IT products used by the U.S. government could be exploited by foreign intelligence agents to degrade the security of critical federal government networks and data, the GAO reports.
As one team of researchers analyzes a new version of Duqu, a worm related to the Stuxnet Trojan blamed for disabling Iranian centrifuges used to enrich uranium, other researchers zero in on who is behind the worm discovered last fall.
A recent research paper that raised questions about the efficacy of RSA public-private key cryptography shouldn't alarm IT security practitioners, says Eugene Spafford of Purdue University. Here's why.