What matters most, right now, to the information security community? At RSA 2018, RSA's president said WannaCry was a wakeup call for vulnerability and risk management. Other experts see artificial intelligence, machine learning and secure coding as hot trends.
Police have taken down Webstresser, a leading stresser/booter service tied to 4 million on-demand DDoS attacks, which could be used for as little as $15 per month. Six of the site's administrators have been arrested, as have some of the site's top users, authorities say.
Incident response is a critical pillar of an effective endpoint security program, one that will gain importance as GDPR enforcement comes into play on May 25. Organizations must be ready to react if and when an incident occurs in order to meet the stringent requirements that apply during an incident.
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
Multivector distributed denial-of-service attacks are having a bigger impact than simple volumetric attacks, says Brian McCann, president of Netscout's security business unit, who analyzes the latest trends in an in-depth interview.
More than 95,000 servers that run the open source Memcached utiltity appear to remain vulnerable to being abused to launch massive DDoS attacks, with one such attack reaching a record 1.7 terabits per second. Here's how organizations and IT administrators must respond.
In a groundbreaking prosecution, two individuals in Ukraine have been sentenced for running extortion campaigns that disrupted international victims' websites with massive DDoS attacks unless they paid bitcoin ransoms of up to $10,000.
Say hello to a new type of DDoS attack: UDP amplification via internet-facing servers running memcached, an open source distributed caching system that can be abused to amplify DDoS attacks by a factor of 50,000.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments. How can deception technology offer a new alternative? Ofer Israeli of Illusive Networks explains.
Arkansas developer Taylor Huddleston has been sentenced to serve more than two years in prison for developing, marketing and selling two tools designed to be used maliciously - the NanoCore remote access Trojan and Net Seal license software.
Australia's real-time payments platform, which launched last week, includes a feature designed to reduce fraud and erroneous payments. Ironically, the feature may also expose users to social engineering attacks.
As internet of things devices become increasingly common in the enterprise, CISOs must lead the way in making sure emerging security issues, including a higher risk of distributed denial-of-service attacks, are adequately addressed, says John Pescatore of the SANS Institute, which offers training for CISOs and others.
DDoS extortion comes in many forms. Campaigns over the past three years have varied in their nature and continue to evolve over even the past few months. What lessons can be learned from the latest attacks? Dennis Birchard of Akamai shares insights on the attacks and the newest defenses.
Illegal transactions on the internet have long been conducted in the cryptocurrency bitcoin. But underground vendors are accepting new kinds of virtual currency that may be safer to store and offer more privacy protections, according to a new study of 150 dark web markets and forums.