Stories by Ellen Messmer

12 hot security start-ups you need to know

The willingness to invest in new security start-ups is continuing at such a breakneck pace that start-ups still in stealth mode are getting snapped up by more established players before they even publicly introduce their security products and services.

Skype-based malware shows how 'peculiar' malicious code can be

Malware often does strange things, but this one -- which looked like Skype installed on a corporate domain controller -- was most "peculiar," says Jim Butterworth, a security expert at ManTech International, whose security subsidiary HBGary recently found the custom-designed remote-access Trojan on a customer's network.

Are Apple iOS, OS X flaws really backdoors for spies?

Two recently-discovered flaws in Apple iOS and Mac OS X have security experts openly asking whether the software vulnerabilities represent backdoors inserted for purposes of cyber-espionage. There's no clear answer so far, but it just shows that anxiety about state-sponsored surveillance is running high.

TrustyCon vs. RSA and NSA: New conference pushes trustworthy agenda

Who do you trust? That's a question asked increasingly by a security industry with a growing sense that the National Security Agency (NSA) has sought to weaken encryption or get backdoors into computers, based on documents leaked by Edward Snowden to the media. Now, trust is also the theme of a new conference called TrustyCon that will vie for attention on Feb. 27 in San Francisco while the big RSA Conference for security pros is also taking place in that city.

Start-up takes on threat detection and intelligence-sharing for the enterprise

Start-up Confer recently debuted with software and services aimed at detecting stealthy malware and attackers targeting enterprise servers, laptops and mobile devices. Though market competition is fierce, Confer believes it can win through its application behavior-analysis approach and its cloud-managed threat-intelligence platform that makes use of the open protocol called STIX.