Security Experts:

More Security Headlines

Russia on Friday said it had uncovered plans by foreign intelligence services to carry out massive cyberattacks this month targeting the country's financial system. [Read More]
AlphaBay vendor IcyEagle – real name Aaron James Glende – sentenced to 50 months in prison for selling stolen bank account information [Read More]
Changes to Rule 41 of the federal rules of criminal procedure give the FBI (with a judicially granted search warrant) authority to hack computers in any jurisdiction, and potentially overseas. [Read More]
Researchers discovered a bug that can be used to bypass the Activation Lock feature enabled on lost or stolen iPhones and iPads [Read More]
Android Trojan named SmsSecurity has been used by cybercriminals to target the customers of several banks in Europe [Read More]
The Kelihos botnet has switched to dropping ransomware onto targeted computers, and is currently spreading the Troldesh malware family, security researchers warn. [Read More]
Four years after it first brought havoc to oil giant Saudi Aramco, the Shamoon/Disttrack malware has reappeared in the Gulf and is apparently being used in attacks against several organizations in the region. [Read More]
Microsoft researchers release SAMRi10, a new anti-reconnaissance tool for Windows 10 and Windows Server 2016 [Read More]
Updates released for Firefox and the Tor Browser patch the zero-day vulnerability exploited, possibly by law enforcement, to unmask Tor users [Read More]
Gooligan Android malware can steal authentication tokens stored on devices which can be used to access sensitive data from Gmail, Google Photos, Google Docs and other services, including G Suite [Read More]

SecurityWeek Experts

rss icon

Ashley Arbuckle's picture
There’s a lot organizations can do to strengthen their incident response capabilities so that they’re up to the test. Here are a few ways to take charge and ensure a better outcome...
Joshua Goldfarb's picture
Defenders must think more broadly about the risk they're trying to mitigate, rather than getting distracted and instituting one-off policies and solutions to new means that may arise.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Steven Grossman's picture
The PCI DSS 3.2 should greatly help companies reduce third party vendor risk, and is starting to shift from just a check-the-compliance-box activity to a more continuous compliance model.
Marc Solomon's picture
Threat intelligence that incorporates external and internal data can go a long way toward helping you mitigate breaches during the holiday shopping frenzy.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
David Holmes's picture
What are the possible threat vectors if you were doing a threat model assessment for any of cloud passwords management models?
Travis Greene's picture
Unlike the political arena, or even other divisions of the technology industry, when working in IT security, people rarely notice when everything is done perfectly.
Avi Chesla's picture
It's time to consider whether proactive defense strategies exist in the realm of real battlefields.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?