Threats are becoming more sophisticated, and cybercriminals are getting smarter at evading new authentication controls, according to an RSA Conference panel of security practitioners representing three major financial institutions.
The security services company is to try to help enterprises protect their web-based apps from attacks like SQL injection, buffer overflow and cross-site scripting
How to prepare a disaster recovery plan and DR policy plus how to assess risks are among the topics taught at a residential training course aimed at security professionals
A security researcher on Saturday is set to unveil the first website-scanning script, a tool which allows attackers to gain control of infected users' web browsers and drastically reduce the time it takes to search the web for vulnerabilities.
Educating consumers about internet risks is a dicey proposition, one security expert said during a panel at RSA Conference 2007 in San Francisco.
Smile, relax, listen and exude confidence — but keep that ego in check. Oh, and don't forget that morning pep talk with yourself.
Security professionals from around the globe gathered in San Francisco today to kick off RSA Conference 2007.
International cooperation among law enforcement agencies is key to taking the allure from cybercrime, a panel of experts said today at a Kaspersky Lab-sponsored breakfast in New York.
A handful of data security companies announced they're forming a new alliance to advocate for firms who must comply with the payment card industry data security standards (PCI DSS).
Windows Vista may be hailed as Microsoft's most secure operating system to date, but the platform contains weaknesses in its default anti-malware capabilities, one security vendor has concluded.
Experts from the University of California, Davis warned this week that the reliability of fingerprint biometrics has declined considerably due to technological concerns and a growing world population.
While the percentage of infected emails declined significantly last year, web-related threats rose significantly, reported researchers at Sophos this week.
The use of image spam continues to grow, now accounting for as much as two-thirds of all spam, security researchers said this week.
Newsletter creators aren't the only ones hoping their products don't get caught in spam filters now that hackers have begun using newsletters to launch spam.
A U.S. District Court in California has ordered a movie download service to stop barraging users with pop-up advertisements.
Two vulnerabilities were reported today in a CA backup and recovery solution that, if exploited, could allow an attacker to execute remote code and gain unauthorized administrative privileges.
Fraudsters are hawking free trials of "universal" man-in-the-middle phishing kits through an online forum, security researchers said today.
PayPal, Barclays Bank and eBay were the three firms most targeted by phishers last month, according to statistics compiled by PhishTank users.
A worm posing as a New Year's greeting has been ranked as last month's most widespread virus, despite not appearing until Dec. 30.
Amazon.com is the latest target of a new wave of phishing schemes known as man-in-the-middle attacks.
Web application giant Google said today that it has fixed what researchers described as a cross-site request forgery vulnerability that could allow an attacker to steal a Gmail user's contact list.
More than 400 attacks on instant messenger (IM) platforms were spotted last year, an increase of 15 percent from the year before, according to researchers at Akonix.
IT security professionals should rely on personal vigilance and implemented methodologies - not just the slew of new products hitting the marketplace - to protect their networks in 2007.
Email users are again getting the electronic age's version of coal in a stocking - holiday-season spam and malware.
The popular ecommerce website CafePress told members it was hit by distributed denial-of-service (DDoS) attacks this week.
Researchers at eEye Digital Security have discovered malware with both botnet and worm characteristics that targets Symantec anti-virus software, not Microsoft applications.
Researchers from McAfee Avert Labs claim to have discovered proof of concept (PoC) spyware for mobile devices.
Researchers with eEye Digital Security released a new vulnerability tracking tool this week designed to help security practitioners reduce their risks of Zero-Day attacks.
Web surfers are accustomed to seeing a 404 error message when they try to reach a website that is not available. But now hackers are using that common occurrence to their advantage by creating fake sites containing the error message to load spyware and adware, security researchers said today.
Microsoft Vista is susceptible to common malware attacks that have been in the wild for more than two years, experts at Sophos warned this week.