Security firm Norman, investigating cyber-espionage-related to a Norwegian telecom company, the Pakastani government and others, says a lot of its findings lead to the word "Appin," which happens to be the name of a security outfit in India whose website indicates it does work for the Indian military.

Italian police arrested four suspected hackers Friday, accusing them of having taken control of the Italian branch of the Anonymous network.

Four British men associated with the LulzSec hacker collective received prison sentences Thursday for their roles in cyberattacks launched by the group against corporate and government websites in 2011.

Fighting denial-of-service attacks has become a matter of survival for some businesses that find their websites getting smashed and network flooded by attackers. Online gaming company SG Interactive says it's under constant attack and the only way to keep going is to set up an anti-DDoS defense.

A vast debit card fraud scheme that allegedly netted $US45 million has been linked to the hacking of credit card processors in the US and India.

Microsoft is issuing critical security bulletins this Patch Tuesday that affect all versions of Internet Explorer and deal with an exploit that attackers are actively working.

A 35-year-old Dutchman suspected of participating in a large DDoS attack on antispam organization Spamhaus was extradited from Spain to the Netherlands on Monday evening, the Dutch Public Prosecution Service said Wednesday.

An Algerian man accused of helping to develop and distribute the SpyEye computer virus has been extradited from Thailand to the U.S. to face criminal charges, the U.S. Department of Justice announced.

They're security myths, oft-repeated and generally accepted notions about IT security that ... simply aren't true. As we did a year ago, we've asked security professionals to share their favorite "security myths" with us. Here are 13 of them.

In the aftermath of RSA saying that its SecureID two-factor authentication tokens may have been compromised in a data breach of the company's network, here are some key questions and answers about the situation.

As cybercrime continues to proliferate on the Internet, one industry security group is hoping its work will help stem the tide of spam and scams.

The European Commission is seeking to strengthen cooperation between law enforcement and private industry worldwide as well as increase penalties for those engaged in cybercrime, a senior official said on Wednesday.

Imperva's Amichai Shulman looks at database attack and defense.

Salesmen and parents know the technique well. It's called the takeaway, and as far as Keith Mularski is concerned, it's the reason he kept his job as administrator of online fraud site DarkMarket.

They are etched into the conventional wisdom of IT security, but are these 12 articles of faith (to some) actually wise, or are they essentially myths? We've assembled a panel of experts to offer their judgments.