Increasingly, social engineers target unwitting insiders to plunder organizations' financial and intellectual assets. How can you prevent these and traditional inside attacks? CMU's Dawn Cappelli offers tips.
As one team of researchers analyzes a new version of Duqu, a worm related to the Stuxnet Trojan blamed for disabling Iranian centrifuges used to enrich uranium, other researchers zero in on who is behind the worm discovered last fall.
Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.
Imperva would neither confirm nor deny it helped defend the Vatican website from a hacktivist assault last year, but the IT security provider's director of security, Rob Rachwald, explains how such an attack was constructed and defended.
IT security practitioners who employ the RSA public-private key cryptography needn't lose sleep about its efficacy, despite new research that raises questions on how it creates large prime numbers to generate secret keys, IT security authority Gene Spafford says.
What are the top emerging fraud threats via mobile banking, and how must security leaders respond? In an RSA Conference preview, Julie McNelley of the Aite Group offers tips for fighting the newest threats.
"The misfortune here for the banks is that they can have the best fraud-detection systems out there ... but it all breaks down when they call the 'hacker' to verify the transaction," says Gartner's Avivah Litan.