A look at moments in infosec history that left us dumbfounded.
Stories by Bill Brenner
A look at 10 of the more notorious acts of hacktivism by Anonymous and LulzSec
An open letter to those who are distraught over the impending retirement of Windows XP SP2:
In his interview with CSO last week, FireEye Chief Security Architect Marc Maiffret lamented what he sees as <a href="http://www.csoonline.com/podcast/592577">the inability of security vendors to keep up with the malware innovations</a> made in the pursuit of attacks against the likes of Adobe and Apple.
Tyler Shields, senior member of the Veracode Research Lab, spends a lot of time <a href="http://www.csoonline.com/podcast/533263">picking apart those BlackBerry devices</a> that are ubiquitous across the enterprise. What he's found may disappoint those who thought they were secure.
The term Software as a Service (SaaS) has been around a long time. The term cloud is still relatively new for many. Putting them together has meant a world of hurt for many enterprises, especially when trying to integrate security into the mix.
Security vendors are launching a gazillion products this week at RSA Conference 2010, but hidden in all of those press releases are a few nuggets that illustrate the big picture trends.
A corporate security specialist on motives and tactics Jerry Mangiarelli has gained a lot of private-sector perspective on the DDoS threat over the years through his own personal research into botnets.
Seven months after he announced the creation of a White House cybersecurity coordinator, President Obama has selected industry veteran Howard Schmidt for the job, an administration official confirmed Monday night.
IT security administrators have had a fairly easy case to make against such social networking sites as Myspace in the past. Myspace in particular tends to be a place for the mostly personal, and some profiles are simply front companies for online mobsters and malware pushers.
Security experts say it all the time: If a company thinks it has suffered a data security breach, the key to getting at the truth unscathed is to have a response plan in place for what needs to be done and who needs to be in charge of certain tasks. And, as SANS Institute instructor Lenny Zeltser advised in CSOonline's recent How to Respond to an Unexpected IT Security Incident article, "ask lots and lots of questions" before making rash decisions.
The perpetual proliferation of botnets is hardly surprising when one considers just how easy it is for the bad guys to hijack computers without tipping off the users.<br/>
Kaspersky Lab and F-Secure were up-front in acknowledging recent hacks against them, but the negative fallout is still justified.
In a country that's seen many regulatory compliance challenges this decade, the headaches of PCI security tend to be analyzed from a largely American perspective.
If there is truly a gray zone in the struggle between online good and evil, anonymous proxy servers live there.