Update: Watch McAfee CEO Dave DeWalt’s RSA Conference keynote on Predictive Security and also view my video on the topic.
The year started off really well for malware authors, with the Conficker worm infecting millions of computers. Threats are not only increasing on a daily basis but they are also getting smarter in leveraging multiple vectors [...]

As most of you now know, on 10/23, Microsoft announced a critical out-of-cycle patch (MS08-067) to fix a flaw being exploited by cybercrooks.
The vulnerability affects all major versions of Microsoft Windows.  In just a matter of moments, attackers can gain total remote control of a system and install malware, keyloggers, and Trojans. A successful attack [...]

Two members of the House of Representatives on Wednesday said their computer systems were broken into, the latest in a series of cybersecurity alarms raised by the government.
The lawmakers suggest that the break-ins were carried out by people who appear to be working from inside China seeking confidential lists of names of dissidents.
Virginia Rep. Frank Wolf [...]

Our brain is an amazing marvel that provides us the wisdom necessary to navigate the river of life.  Until recently though, research around how humans handle risks they encounter was spotty at best.  Understanding, and being able to influence, how we react to risks is key to making better decisions in life.
A recent study released [...]

Highly trained cyberterrorist groups have already demonstrated the destructive outcome of planned attacks on public infrastructure, most notably in Estonia last year. 
The cyber threat to national security is a growing concern and something we highlighted in our annual Virtual Criminology report. Coordinated attacks on national infrastructure take place every day. This calls for an equally [...]

Leave it to the Air Force Institute of Technology to develop technology that detects patterns in email/web usage that could offer leading indicators of insider security threats. 
 
The technology is called Probabilistic Latent Semantic Indexing (try saying that a couple times fast). It sifts through email and web traffic logs to identify trends in human behaviors [...]

Hotels in Cannes don’t just sell out for the Film Festival; all rooms are also booked for a big IT show this week: VMware’s first VMworld Europe.
Today I showed an audience of about 4,500 people at VMworld Europe how VMware and McAfee together will be able to protect virtual environments in ways beyond what is [...]

I attended the Macworld 2008 Conference last week in San Francisco, and in retrospect several diametrically-opposing observations come to mind on the experience.
First, and foremost as a security professional, I was struck by how little concern there is in the Mac community for matters of information security and personal information protection. Everyone reading this blog [...]

Data loss is a burning issue that should be on the mind of every C-level executive and board member, if it isn’t already. According to a recent Ponemon Data Loss Study, the costs associated with data breaches rose 55% in 2007.
What is troubling is the scope and opportunity for such abuse and loss of data, [...]

Open source software provides an invaluable benefit to almost any software developer, including McAfee. In the future I expect the use of open source code by software makers to increase.
Why is open source code so important? Well, because a software developer can use open source code instead of spending time developing code that does the [...]