Security Experts:

More Security Headlines

Siemens has patched a critical vulnerability in SIMATIC CP 44x-1 RNA modules and a medium severity flaw in XHQ automation software [Read More]
WikiLeaks releases details on Brutal Kangaroo, a tool suite used by the CIA to infect air-gapped networks with malware via thumb drives [Read More]
The UK government's Cyber Essentials scheme has suffered an embarrassing incident; but one that can hardly be called a breach and certainly not a cyber-attack. [Read More]
Microsoft this week announced that the Edge Web Platform bounty program it launched on Windows Insider Preview (WIP) last year has been extended indefinitely. [Read More]
OpenVPN this week patched several vulnerabilities impacting various branches, including flaws that could be exploited remotely. [Read More]
The Necurs spam botnet has switched back to distributing the Locky ransomware in a campaign featuring messages disguised as fake invoices, Cisco Talos security researchers reveal. [Read More]
The U.S. Chamber of Commerce, along with more than 40 companies, have signed up to a set of new guiding principles for fair and accurate security ratings. [Read More]
A wave of "computational propaganda," largely driven by Russia, is impacting politics around the world by spreading misinformation designed to manipulate public opinion, researchers said Tuesday. [Read More]
Honda said June 21 that it had temporarily halted production at a plant in Japan after it suffered a cyberattack from the same ransomware that struck hundreds of thousands of computers worldwide last month. [Read More]
Drupal developers release security updates that patch several flaws, including one exploited in the wild in spam campaigns [Read More]

SecurityWeek Experts

rss icon

Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
Michael Moniz's picture
Your elite cyber defense team needs to actively communicate, pass the bits of evidence around, develop the big picture strategy and be able to adjust to different adversaries.
Barak Perelman's picture
If WannaCry had targeted industrial controllers, it would have been much more difficult to protect them and the damage would have been much more widespread.
Lance Cottrell's picture
By surreptitiously monitoring and engaging with potential attackers and malware developers you can successfully gain information about emerging attack methods, patterns, and practices in the cyber underground.
Josh Lefkowitz's picture
Most threat intel teams haven’t been conditioned to maintain a comprehensive understanding of how geopolitical factors can influence, emergent strains of malware, insider threats, or supply chain security vulnerabilities.
Adam Meyer's picture
With sound and timely operational threat intelligence, you can make life a lot harder for adversaries and have a much better understanding of how your organization is positioned against today's cyber threats.
Joshua Goldfarb's picture
All the activity around the WannaCry ransomware attack really did make me want to cry. But not for the reasons you might expect. So what was it that nearly brought me to tears?
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Preston Hogue's picture
Today an organization may have thousands of apps on the internet, but having thousands of monolithic security devices just isn’t practical.
Steven Grossman's picture
A series of events converged during the past few weeks that reemphasized the need for our industry to do a better job of establishing measurable and repeatable processes.