Increasingly, social engineers target unwitting insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? CMU's Dawn Cappelli offers tips.
As one team of researchers analyzes a new version of Duqu, a worm related to the Stuxnet Trojan blamed for disabling Iranian centrifuges used to enrich uranium, other researchers zero in on who is behind the worm discovered last fall.
Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.
"The misfortune here for the banks is that they can have the best fraud-detection systems out there ... but it all breaks down when they call the 'hacker' to verify the transaction," says Gartner's Avivah Litan.
Verisign Inc. may have followed the letter of the law when revealing a series of breaches in an SEC filing. But the company that assures the flow of a hefty portion of Internet traffic should have been more forthright to ease the minds of its various constituencies.