The massive distributed-denial-of-service attack in Europe that targeted Spamhaus could easily have been prevented if information service providers followed a 13-year-old industry best practice, ENISA's Thomas Haeberlen says.
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
Hackers were using a Facebook page as a how-to site for financial crime and to sell banking Trojans. One RSA security expert says this public promotion signifies the mainstreaming of "fraud-as-a-service."
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?
Hacktivists' phase 3 DDoS attacks against U.S. financial services firms have entered their eighth week, and FS-ISAC spokesman Greg Garcia says concerns are mounting that a criminal element to the attacks could emerge.
A 143-point drop in the Dow Jones Industrial Average proves the power of social media and the havoc it can cause when an account gets hacked. It's time for social media companies to tighten the authentication process.
The UK government pledges at Infosecurity Europe to help businesses improve cybersecurity. But it's going to take more than vouchers and training to address Europe's top threats to security and privacy.