Security Experts:

More Security Headlines

Several of the most popular antivirus products contain vulnerabilities that can be exploited locally or remotely, a security researcher revealed at the SyScan 360 security conference in Beijing earlier this month.
In this podcast, Chief Technology Officer at Bluebox Security Jeff Forristal, discusses a significant Android vulnerability that lets hackers create a malicious application by copying the ID of a legitimate application to gain the same special privileges of the legitimate app.
Chinese threat actors hacked into computer networks of the National Research Council (NRC) in Canada, the CIO of the Canadian government said on Tuesday.
China is investigating Microsoft for allegedly operating a monopoly in its market, the government said Tuesday, as it took aim at the US software giant over business practices.
A serious vulnerability exists in the Android operating system, which could allow malicious apps to impersonate well-known trusted apps such as Google Wallet. Essentially anything that relies on verified signature chains of an Android application is undermined.
Secure embedded L4 (seL4), said to be the world's most highly-assured operating system, has been released as open source.
The Neverquest malware has been updated to target more financial institutions in Japan.
Cloud services provided by Amazon Web Services and other companies are being abused by profit-driven cybercriminals to host DDoS bots, Kaspersky Lab reported on Friday.
The Russian government put a bounty on the Tor network in a posting online on a government procurement portal.
Microsoft said it was under investigation by antitrust authorities in China, pledging to cooperate in the investigation.

SecurityWeek Experts

rss icon

Jason Polancich's picture
In order to make our ecosystem a safer place for all of us, small and large, the big guys out there are going to have to start - at least in part - handling the security of their small business partners, suppliers and customers.
Rebecca Lawson's picture
As enterprises made trade-offs in security; either sacrifice performance in order to add more layers of security beyond the traditional stateful firewall or don’t implement the new protections necessary to protect against many of the latest threats.
Danelle Au's picture
As the era of Internet of Things dawns, the amount of data and other cloud applications developed for unique industries will increase and bring a new era of privacy and security concerns.
Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Adam Ely's picture
Security teams and lines of business have reached a turning point on BYOD. It’s now become more important than ever for the CISO to figure out how to manage risk without inhibiting users.
Torsten George's picture
While the initial investment in a proof of concept can be costly, the end results might not only justify the additional expenses, but in the long-term save you money (and your job).
Mark Hatton's picture
Having a CISO not only solves the diffusion of responsibility problem by putting one person in charge, it also helps to transform the security culture in your organization.
Marcus Ranum's picture
There are two ways to start establishing security metrics. One is what I think of as the “bottom up” approach and the other being “top down”. For best results you might want to try a bit of both.
Joshua Goldfarb's picture
Not all security technologies are alert driven, but for those that are, there is huge potential value in turning off the default rule set
Marc Solomon's picture
With the right approach to security you can protect your organization’s sensitive information from both insiders and outsiders.