What stands out most from Imperva’s new analysis of DDoS attack methodologies, is that DDoS is easy, growing in use and probably more prevalent than commonly perceived.

As the new academic year begins, two UK regulatory bodies have issued new guidelines that raise the bar for school security: the ICO advises on data protection while Ofsted indicates it will include schools’ e-safety in future inspections.

The US National Institute of Standards and Technology (NIST) has released a final version of its risk assessment guidelines for determining the level of information security risks in IT infrastructure.

Application security testing company Veracode has launched the Vendor Application Security Testing (VAST) program to provide independent, automated and outsourced compliance testing for cloud, mobile and outsourced applications, to help enterprises red…

The pre-installed malware found on fresh-from-the-factory PCs by Microsoft’s Digital Crimes Unit was not implemented on the factory line, a Microsoft spokesperson has confirmed.

Despite the hoohaa about the ‘Chinese cyberthreat’ (in reality, read east Asia), Russia’s Peter the Great (in reality, read east Europe) is beating Sun Tzu in modern cyber wargames. Eastern Europe has better cybercriminals than eastern Asia.

Damballa has discovered a new iteration of the TDSS/TDL4 botnet that, at its height last autumn, infected more than 5.5 million victims. Now, it’s back and is utilizing domain generation algorithm (DGA)-based communication for command-and-control (C&C).

Subway restaurant franchises can rest easy: The culprits behind an international electronic fraud ring that targeted point-of-sale (PoS) vulnerabilities at hundreds of US retail locations have pled guilty to cyber-fraud charges.

Infosecurity caught up with John Howie, COO of the Cloud Security Alliance (CSA), at the recent ASIS/(ISC)² Congress in Philadelphia, where he discussed how the cloud is altering the role of security professionals