Security Experts:

More Security Headlines

Microsoft postponed security updates to March 14, but decided to release one after all to address Flash Player vulnerabilities in IE and Edge [Read More]
The Windows variant of the infamous Mirai Linux botnet is the offspring of a more experienced bot herder, possibly of Chinese origin, Kaspersky Lab security researchers warn. [Read More]
Researchers warn about the threat posed by logic bombs to industrial control systems (ICS), particularly programmable logic controllers (PLCs) [Read More]
CompTIA has announced CSA+, a new security qualification which focuses on the skills required for the use of threat detection tools, data analysis and the interpretation of results to identify vulnerabilities, threats and risks. [Read More]
TeamSpy, the data-stealing malware that was associated with a decade-long cyber-espionage operation several years ago, has resurfaced in a new spam campaign. [Read More]
Unpatched vulnerabilities in Java and Python allow attackers to use FTP injections to bypass firewalls, including from Cisco and Palo Alto Networks [Read More]
A remote command execution (RCE) vulnerability has been found by a researcher in Siklu EtherHaul radios [Read More]
A recently observed malware downloader targeting Android users is masquerading as an update for Adobe Flash Player, ESET researchers warn. [Read More]
Lazarus-linked hackers behind attacks on banks worldwide attempted to trick investigators into thinking they speak Russian [Read More]
An Android Remote Access Trojan (RAT) used to target Israeli servicemen is part of a larger campaign that might not be associated with Hamas, as initially believed, security researchers have determined. [Read More]

SecurityWeek Experts

rss icon

Torsten George's picture
Let’s consider whether the proposed principles and tools by the World Economic Forum (WEF) can improve cyber resilience, and which types of enterprises can benefit most from implementing them.
Travis Greene's picture
Shadow IT 2.0 is a symptom of a bigger problem – the inability to maintain digital competitive advantage due to the insufficient pace of code deployment.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Jim Ivers's picture
Enabling developers through the right mix of tools and education just makes too much sense and generates too much value for all concerned.
Joshua Goldfarb's picture
Let’s take a look at the essential functions required to bring a mature security operations and incident response capability to the masses via a unified security operations platform.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.
Adam Meyer's picture
Cyber threat intelligence needs to be tailored to its audience as it means different things to different people, whether it’s on-the-network defenders, Red Teams, threat analysts, risk officers, business executives and Board of Directors, legal, application owners, and so on.
Avi Chesla's picture
Correlating data points through more holistic analytic systems can help reveal the bigger picture and understand the real intent of an attack campaign.
Alastair Paterson's picture
It’s fairly typical for bad actors to escalate extortion-based campaigns during seasonal events when the stakes for targets are high.