Security Experts:

More Security Headlines

Researchers at IBM Trusteer have come across a new banking Trojan that is designed to target the customers of Japanese financial institutions.
Identity thieves cost U.S. consumers an estimated $16 billion in 2014, despite a decrease in the number of victims, according to Javelin Strategy & Research.
Suits and Spooks London 2015 will be our first 2-day international event, and is jointly produced with TechUK, an association of over 850 companies that's funded by the British government.
Two vulnerabilities have been discovered in ShareLaTeX, but only one of them has been fixed. A workaround is available for the second flaw.
Symantec reports the number of financial malware detections fell in 2014, in part due to the success of takedown operations by law enforcement and the security community.
A researcher has demonstrated that the Wi-Fi settings of GoPro camera users could have been downloaded by anyone from the company's servers.
The Angler exploit kit has started using a technique called Domain Shadowing to ensure that operations are not disrupted by IP and domain blacklisting.
FireEye this week announced a new product integration with Samsung to enhance the security of mobile devices running Samsung’s KNOX.
Experts who contributed to making Chrome 41 secure have been awarded more than $50,000. A total of 19 vulnerabilities were reported by external researchers.
Researchers uncovered vulnerability that enables attackers to decrypt HTTPS-protected traffic.

SecurityWeek Experts

rss icon

Avi Chesla's picture
When security technologies are bypassed, they cannot be “programmed” to detect and prevent the new attack behavior, the same attack that has breached their protection-space borders.  
David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.
Pat Calhoun's picture
To evade network security defenses, Advanced evasion techniques (AETs) disguise malicious payloads by splitting them into smaller pieces and then delivering the pieces simultaneously, or at varying times, across multiple or rarely used network protocols.
Marcus Ranum's picture
With security data, you will almost never benefit from using a pie chart instead of a time/value chart, unless you only have a single instance of data.
Torsten George's picture
The transition from a compliance-driven check-box approach to a risk-based model, enables businesses to centralize the ongoing definition, evaluation, remediation, and analysis of their risk posture in a closed-loop process.
Joshua Goldfarb's picture
If you are a security leader, you owe it to yourself and to your organization to create a culture that rewards honesty and truthfulness. Otherwise, the house always wins.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.
Jason Polancich's picture
Most businesses today are not as secure as they could be due to an inaccurate view of their own cyberdefenses.
Marc Solomon's picture
For modern businesses, security leadership needs to ascend even higher in the organization: to the boardroom.
Wade Williamson's picture
Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.