ESET's senior research fellow David Harley says that, while his team of researchers have been tracking the TDL4 botnet for some time, they have noticed a new phase in its evolution.

Responding to Symantec – and McAfee's – reports last week about the 'Son of Stuxnet' worm appearing and harvesting information from industrial control systems, Venafi says the Duqu malware is definitely a major security threat.

Research just released by (ISC)² claims to show that application vulnerability was ranked as the number one threat by more than 72% of IT security professionals.

At the RSA Europe event earlier this month, Infosecurity got a chance to catch up with Paul Simmonds, a board member of the Jericho Forum.

Old bugs, it seems, do not die – nor do they fade away – as Dennis Fisher, editor of Kaspersky Lab's ThreatPost newswire says that there is a new worm in the wild that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm, he added, also attempts to install a remote access tool in order to give the attacker control over the newly infected server.

At the Hacker Halted conference in Miami, Florida, McAfee research architect, Barnaby Jack, demonstrated how to hack into an insulin pump live in his presentation titled ‘Life threatening vulnerabilities’.

The widely publicized data breach revealed by RSA back in March may not have been the only one to hit a major company, a leading security researcher has said.

AVG's free anti-virus is one of the most popular free IT security applications in the market, but according to one security researcher, its success has meant a surge in the number of fake download sites charging a subscription for the service.

Hackers who infiltrated Nasdaq’s computer systems last year were able to eavesdrop on communications of company directors, according to people familiar with the investigation.

Anonymous does not need sophisticated tools like Stuxnet or Duqu to carry out its threat to attack industrial control systems that regulate critical infrastructure, warned Dominic Storey with Sourcefire.

At the London IP Expo event yesterday, Infosecurity got a chance to catch up with Caroline Ikomi, technical director with Check Point, where she brought us up to speed on how the firm is adapting to a cloud-based IT landscape.

Researchers at Georgia Tech have built on the smartphone accelerometer analysis carried out by iSuppli back in 2009 and successfully used an iPhone 4 to measure vibrations from a nearby computer keyboard, allowing them to map which keys are being pressed on the desktop computer.