SecurityWeek

Related News: U.S. Emergency Alerting Systems Vulnerable to Remote Attack

The ZeroAccess botnet closed out 2012 as the most active botnet in the wild, according to a malware report from security vendor Kindsight.

A little over a third of security professionals believe their organizations are investing in the wrong security technologies, according to a recent survey from SafeNet.

Vulnerability management has become a term that continues to be thrown around in security circles as a quick and easy path to threat remediation. However, the reality is that most companies are not actually managing vulnerabilities, but rather conducting scans that produce thousands of potential threats. Identifying possible security risks and actually managing them through to remediation are completely different things.

San Jose, California-based Zscaler, a provider of cloud-based security solutions, today added new analytics technology to its cloud security suite designed to provide enterprise security teams with real-time visibility into employee Internet activity across web, cloud email, and mobile application platforms.

Increased use of applications, mobility, virtualization, and network security consolidation as well as the evolution of sophisticated threats has driven the evolution of the traditional stateful firewall to what is commonly referred to as a next-generation firewall (NGFW).

FireEye, a provider of advanced threat protection solutions for enterprises, announced that Enrique Salem, former Symantec president and chief executive officer at Symantec, has been appointed to the FireEye board of directors.

After rushing out a Java update to address 50 security vulnerabilities back on Feb. 1, two weeks ahead of schedule, Oracle has acknowledged that the release missed some fixes and that it would issue an updated version of the February 2013 Critical Patch Update on the originally scheduled date.

F5 Networks on Monday announced that it has agreed to acquire LineRate Systems, a developer of software defined networking (SDN) services, for an undisclosed sum.

According to a recent study from Symantec, employees who leave a job, on their own or due to being fired, tend to keep confidential information and other corporate data, and have no problems using it at their next place of employment.

The Myanmar government has rejected claims that it is responsible for efforts to hack into the email accounts of foreign and local journalists working in the country. According to reports, at least 12 reporters received messages from Google last week when they tried to access their Gmail accounts that alerted them to possible attempts by hackers to compromise their account.

According to a report from Bloomberg, President Obama could issue an executive order aimed at cybersecurity as soon as this week. Word if the pending directive comes via two former White House officials briefed on the plans, the news agency reported.

If you need a one off example this week of why internal policies are important, or why failure to adhere to them could spell trouble, look no further than Bit9. According to the application whitelisting company, it was their failure to follow organizational deployment mandates, which led to one of their code-signing certificates being hijacked by an attacker.

The recent New York Times hack was yet another high-profile attack that demonstrated the evolution towards multi-vector, sophisticated attacks. In this case, the mission of the perpetrators was very specific -- retrieving editorial information and data related to a particular story -- but it could easily have been nastier.