Security Experts:

More Security Headlines

A communication protocol used by Implantable Cardioverter Defibrillators (ICDs) is weak enough to allow even attackers without advanced knowledge to exploit vulnerabilities and execute attacks. [Read More]
Vulnerabilities in the Android remote management tool AirDroid potentially impact over 50 million devices, security researchers at Zimperium zLabs warn. [Read More]
ICS-CERT disclosed many critical and high severity vulnerabilities affecting products from Moxa, Siemens, Mitsubishi Electric and Advantech [Read More]
Google has launched the beta of OSS-Fuzz to help developers locate bugs in software that eventually lead to breaches. [Read More]
Experts comment on recently proposed software-based mitigations for the DRAM attack dubbed Rowhammer [Read More]
Russia on Friday said it had uncovered plans by foreign intelligence services to carry out massive cyberattacks this month targeting the country's financial system. [Read More]
AlphaBay vendor IcyEagle – real name Aaron James Glende – sentenced to 50 months in prison for selling stolen bank account information [Read More]
Changes to Rule 41 of the federal rules of criminal procedure give the FBI (with a judicially granted search warrant) authority to hack computers in any jurisdiction, and potentially overseas. [Read More]
Researchers discovered a bug that can be used to bypass the Activation Lock feature enabled on lost or stolen iPhones and iPads [Read More]
Android Trojan named SmsSecurity has been used by cybercriminals to target the customers of several banks in Europe [Read More]

SecurityWeek Experts

rss icon

Josh Lefkowitz's picture
Entering the Deep & Dark Web also requires highly-advanced operations security and technical skills. Not only is gaining access to these online communities extremely difficult, it is risky.
Ashley Arbuckle's picture
There’s a lot organizations can do to strengthen their incident response capabilities so that they’re up to the test. Here are a few ways to take charge and ensure a better outcome...
Joshua Goldfarb's picture
Defenders must think more broadly about the risk they're trying to mitigate, rather than getting distracted and instituting one-off policies and solutions to new means that may arise.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Marc Solomon's picture
Threat intelligence that incorporates external and internal data can go a long way toward helping you mitigate breaches during the holiday shopping frenzy.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Travis Greene's picture
Unlike the political arena, or even other divisions of the technology industry, when working in IT security, people rarely notice when everything is done perfectly.
Avi Chesla's picture
It's time to consider whether proactive defense strategies exist in the realm of real battlefields.