General Keith Alexander,
   Director of the 
   National Security Agency

Top Stories

Average Web App Attack Every Three Days
August 8, 2012

Do not envy the life of a Web app. It's a brutal, public existence filled with attacks from all sides. In fact, a new report by Imperva shows that a typical Web app is attacked once every three days and some are targeted as many as 2,700 times in a given year. Read More

2011 Was the Year of the ‘Hacktivist,’ According to the ‘Verizon 2012 Data Breach Investigations Report’
March 22, 2012

The "Verizon 2012 Data Breach Investigations Report" reveals the dramatic rise of "hacktivism" -- cyber hacking to advance political and social objectives. In 2011, 58 percent of data stolen was attributed to hacktivism, according to the annual report released today from Verizon.  Read More

Recent News

Cyber attacks grow extremely reckless
September 7, 2012

Other nations are increasingly employing cyber attacks without "any sense of restraint," a top U.S. cybersecurity official said on Friday, citing "reckless" behaviors that neither the United States nor the Soviet Union would have dared at the height of Cold War tensions.

R00tbeer strikes again – twice
August 21, 2012

Following yesterday’s news of hacks against AMD and TBN, hacking group r00tbeer security has struck again, twice – this time against Dutch electronics giant Philips and the UK’s Student Room.

Anonymous hacks Austrailian ISP AAPT to demonstrate data retention problems
July 26, 2012

Australian ISP AAPT has been hacked in an effort to demonstrate the problems with proposed laws that would require telecommunications companies to store user data for two years. The file accessed by the intruder was a 40GB database containing user information.

Data Breach to Cost Card Processor
July 26th, 2012

Global Payments Inc. said a security breach that exposed consumers' payment cards to fraud will cost it $84.4 million. The Atlanta-based company, which processes card transactions for banks and merchants, Thursday recorded a pretax charge for the amount, equal to 68 cents of diluted per-share earnings in the fiscal fourth quarter.

Israel's Businesses Losing the Cyber War
July 25th, 2012

In January, a hacker nicknamed 0xOmar jolted Israel by infiltrating an online coupon retailer and exposing credit-card information for tens of thousands of customers.

A half year later, a large swath of Israeli businesses and consumers remain prone to cyber attacks, placing individuals, companies—and perhaps the economy—at risk in a country believed to at the forefront of a cyber-espionage effort against Iran's nuclear program and targeted by political hackers.

London Olympics, smart phones make for huge data breach

July 24th, 2012

About 214 million books worth of corporate and personal data are expected to go missing during the Summer Olympics in London, estimates Venafi, a vendor of Enterprise Key and Certificate Management (EKCM) solutions.

Will Advanced Attackers Laugh at your WAF?
July 17th, 2012

Companies should not trust vendors' claims about Web application firewalls, says security engineer who at Black Hat USA will show 150 different ways attackers can get around Web defenses.

Cybercriminals Sniff out Vulnerable Firms
July 5th, 2012

With cybercriminals a greater threat to small businesses than ever before, more entrepreneurs like Lloyd Keilson are left asking themselves who is to blame for hacking attacks that drain their business accounts.

The Business Side of SaaS

Some technologies are all about performance—the Moore’s Law cycle of "smaller, faster, cheaper," for example. Others address business issues—the way virtualization dissolves physical barriers to server consolidation.

Negligent Employees Cause Most Data Breaches; Mobile is Key Factor
March 22, 2012

Negligent insiders are the leading cause of data breaches at U.S. companies and public sector agencies, according to a new study by the Ponemon Institute.

Average Cost of a Data Breach - $5.5 Million in 2011
March 23, 2012

The 2011 Cost of Data Breach Study: United States produced by Symantec and the Ponemon Institute estimates that the average cost of an enterprise data breach was $5.5 million in 2011, down from $7.2 million in 2010.

The 15 worst data breaches of the 21st Century
Feb 15th, 2012

Data security breaches happen daily in too many places at once to keep count. But what constitutes a huge breach versus a small one? For some perspective, we take a look at 15 of the biggest incidents in recent memory.

Foxconn hack releases Apple order data
Feb 9th 2012

Foxconn, the Taiwanese manufacturer best known for producing the iPad and iPhone, has been the target of a server hack, with a group calling itself Swagg Security leaking login details for every user in the company, up to and including CEO Terry Gou. 

Hacking At Citi Is Latest Data Scare
June 9th, 2011

Citigroup Inc. plans to send replacement credit cards to about 100,000 North American customers after its systems were breached by a hacking attack affecting about 200,000 accounts.

Security ‘Tokens’ Take Hit
June 7th, 2011

RSA Security is offering to provide security monitoring or replace its well-known SecurID tokens—devices used by millions of corporate workers to securely log on to their computers—"for virtually every customer we have," the company's Chairman Art Coviello said in an interview.

Enterprises Falling Short on App Security
Feb 9th, 2011

Most organizations have been hacked, yet 88 percent still spend more on coffee than on app security.

xyberShield SC Review
March 1st, 2010

XyberShield is a funny name for a very serious product that deals with an even more serious problem. Attacks against port 80 web access alone numbered nearly 114,000 on a single day and that number is by no means unique. 

The Push for Application Security

Feb 23rd, 2010

Back in the olden times (read: the '70s and '80s), whenever kids at some schools got into trouble, they'd have to stay after class and write on the board what they shouldn't have done -- and would never do again -- over and over (i.e., "I will not use nostalgia as a lead-in in an IT security blog"). Some teachers called this punishment "writing standards."
Which brings us to this question: Should developers and application code writers, dogged by naughty malware, be made to stay after work hours and write standards?

Virtual Patching: What is it and why you should be doing it
January 29th, 2009

The premise of virtual patching is that a web application firewall is not, I repeat is not a replacement for secure coding. It is, in fact, an augmentation of existing security systems and practices that, in fact, enables secure development to occur without being rushed or outright ignored in favor of rushing a fix out the door.