NEWS ANALYSIS: Details emerge on the massive internet attack that occurred Oct. 21, which was enabled by the Mirai botnet. But it did not shut down the internet.
Oftentimes, companies find themselves taking a defensive approach to cyber-security as they struggle to keep up with the latest threats and attack strategies. However, a well-defined security policy and posture plays a vital role in driving business success. With October being National Cybersecurity Awareness Month and with the NFL football season in full swing, enterprises should consider taking a page from team playbooks and determine an offensive security strategy. Just like football players have specific roles to help their team achieve its goals, security teams take on the same design, with specific employees each contributing to refine security strategies. Security solutions and policies should be implemented to help companies advance, not retreat. And line-of-business managers can be empowered to act as quarterbacks when executing offensive business strategies, all while protecting the football (their company's data). This eWEEK slide show, based on conversations with Citrix executives, further examines how different members of the enterprise ecosystem can contribute to flipping the traditional security approach on its head and use security to score by playing offense rather than limit security to defense, to advance the overall business.
The DOJ unseals its indictment against Yevgeniy Nikulin, alleging that the 2012 breaches of LinkedIn and Dropbox were related.
The Hack the Pentagon program was such a success that the DOD is launching a longer-term effort and has contracted with HackerOne and Synack to run it.
NEWS ANALYSIS: While the details regarding the sources and methods of the Oct. 21 DDoS attack that took down vast areas of the internet are still unclear, insecure endpoints are the likely culprit.
Over the course of the last decade, SecTor has emerged as a significant security conference. The 10th annual SecTor conference, held Oct. 18 and 19 in Toronto, tackled a broad range of security topics, including management practices, security fundamentals and the state of modern hacker tactics. The highlight of the event was the on-screen appearance of National Security Agency (NSA) whistleblower Edward Snowden, who remains hiding in an undisclosed location in Russia. Snowden provided the Canadian audience with his views on what is wrong with modern surveillance and why security backdoors tend to decrease security and privacy. Mikko Hypponen, chief research officer at security firm F-Secure, also had a somewhat dim view of the state of modern security, which he detailed during his SecTor keynote address. With the increasing use of technology in every facet of modern life and the growing realm of internet of things (IoT) devices, Hypponen now sees the role of IT security as no longer just protecting technology, but protecting modern society itself. In this slide show, eWEEK takes a look at some of the highlights from the 2016 SecTor security conference.
The massive distributed denial-of-service attack against DynDNS impacted Twitter, Reddit and much of the U.S. East Coast.
The Justice Department alleges Harold Thomas Martin III stole 50TB of data, including materials that were marked "Secret" and "Top Secret."
Four years after a massive data breach of LinkedIn, an Interpol Red Notice alert helps Czech police grab a suspect.
Oracle's latest Critical Patch Update, which fixes 253 vulnerabilities, is the company's second-largest CPU ever. Oracle's patching updates have been growing in recent years.
The Dell Endpoint Data Security and Management Portfolio includes technologies from both Dell and EMC, from Mozy to RSA and AirWatch.
In a SecTor keynote, F-Secure's Mikko Hypponen explains why ransomware is so bad and what the Russians really have in mind for the U.S.
VIDEO: Chris Pogue, CISO of Nuix, explains why cognitive bias in humans might be impacting cyber-security and what can be done to improve outcomes.
Fraudsters are branching out into ransomware and malvertising with the goal of installing scareware on computers and then charging victims for fake services.
In a keynote at the SecTor security conference, NSA whistleblower Edward Snowden detailed what he thinks is wrong with modern surveillance and what users can do to protect the internet.