Security Experts:

More Security Headlines

British parenting website Mumsnet is the latest organization to have been hacked due to the "Heartbleed" bug, founder Justine Roberts revealed.
During the second half of 2013, APWG found that attacks on vulnerable shared hosting providers led to 18 percent of all phishing attacks worldwide
Akamai Technologies admitted some custom code it thought protected users against the Heartbleed vulnerability is flawed.
Personal data for as many as 900 Canadian taxpayers was stolen after being made vulnerable by the "Heartbleed" bug, officials in Ottawa said on Monday.
CloudFlare was able to confirm that an attacker can retrieve a server's private SSL key by exploiting the "Heartbleed" Vulnerability.
Germany's aeronautics and space research center has for months been the target of a suspected cyber attack by a foreign intelligence service, according to reports.
The NSA denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
An appeals court in the United States overturned the conviction of a self-described "security research" hacker for breaking into the AT&T online network to reveal a security flaw.
Canada's government ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.
Officials at the Justice Department and FTC said they issued formal guidance telling companies that there would be no antitrust issues from the sharing of technical information about cyber attacks, malware or similar threats.

SecurityWeek Experts

rss icon

Dr. Mike Lloyd's picture
The fact that insurance companies – well respected by every business-centric executive – look at cyber risk and say “no, thanks” is a pretty clear indicator that something is rotten...
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Torsten George's picture
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Mark Hatton's picture
I am painfully aware that in business and in security, hope is not a plan. However, that doesn’t mean we can’t dream a bit about the best case scenario. In the spirit of the season, here are five things I’m hoping for in the security industry this year.
Wade Williamson's picture
As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.