The European cyber security agency ENISA said Internet Service Providers in the EU have failed to implement a set of best practice recommendations which have been in place for 13 years – which could reduce the scope of even the largest DDoS attacks.

Up to 2.4 million credit cards may have been compromised after St. Louis grocery chain Schnucks was targeted with malware, the chain revealed this week.

The biggest cyber security problem large companies face could be employees – a survey reveals that nine out of ten employees knowingly ignore or violate their company’s data policies.

An Oregon farm products company is suing its own bank to recover losses after a phishing attack saw $223,500 transferred to accounts in the Ukraine over a period of three days in 2010.

President Barack Obama proposed to increase Defense Department spending on cyber security to $4.7 billion this week – a rise of $800 million. This budget increase stands out against a background of broader Pentagon budget cuts.

Utility companies have been warned not to share information such as email addresses on company websites, after a spear-phishing attack on an American electricity company.

More than half of British companies could be at risk of cyber attack, after a survey found that IT departments had not begun the process of migrating from Windows XP- with just a year left before Microsoft stops offering support for the ageing OS.

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),

What does the New Year hold for information security, malicious software, consumer privacy and cybercrime? Questions of this mature are posed by journalists toward the end of every year and, beginning about November, answers from security specialists start to appear in print. Indeed, ESET researchers in Latin America published a 20-page white paper on this

For several years now, antivirus researchers have observed increasing efficiency and sophistication in malware development and distribution. At the start of 2012, I began using the term “industrialization of malware” to describe this phenomenon. I also drew a picture of the fictitious enterprise “Malware, Inc.” as a means of conveying the transformation that malware has