Security Experts:

More Security Headlines

In its Fourth Quarter, 2014 State of the Internet Report, Akamai Technologies cited China as the originator of 41 percent of observed attack traffic.
Big US technology firms joined a coalition of activists urging Congress to pass a law scaling back government surveillance ahead of key deadline.
In 2014, a total of 15,435 vulnerabilities were identified in 3,870 applications from 500 vendors, Secunia says in its latest vulnerability review.
China's cyberspace administration is "complicit" in attacks on major Internet companies including Google, an anti-censorship group said.
Cybercriminals have been using the Vawtrak Trojan in an ongoing campaign targeted at Canadian online banking users.
A survey from BeyondTrust highlights the issue of employees with excessive privileges.
Lookingglass Cyber Solutions raised $20 million in new capital through a Series B round of funding.
Two security holes rated critical have been addressed with the release of Firefox 36.0.4. The issues were reported at Pwn2Own 2015.
Twitch has been hacked. The streaming service has reset user passwords and streaming keys.
Palo Alto Networks shared details of a security vulnerability in Android that could allow an attacker to hijack the installation of a what appears to be a safe Android application and modify or replace it with malware.

SecurityWeek Experts

rss icon

Joshua Goldfarb's picture
Although home is where the heart is, it’s important to remember not to devote the overwhelming percentage of security resources to your home geographic area if that’s not where the overwhelming amount of your business and its assets are located.
Travis Greene's picture
Like those college recruiting compliance departments that are constantly training, monitoring, and enforcing policies, the IT compliance activity of access certifications needs to become more intelligent and real-time.
Rafal Los's picture
As a security professional you must know the three categories of threats your organization faces, how to respond to each — and how to expend your resources.
Avi Chesla's picture
When security technologies are bypassed, they cannot be “programmed” to detect and prevent the new attack behavior, the same attack that has breached their protection-space borders.  
David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.
Pat Calhoun's picture
To evade network security defenses, Advanced evasion techniques (AETs) disguise malicious payloads by splitting them into smaller pieces and then delivering the pieces simultaneously, or at varying times, across multiple or rarely used network protocols.
Marcus Ranum's picture
With security data, you will almost never benefit from using a pie chart instead of a time/value chart, unless you only have a single instance of data.
Torsten George's picture
The transition from a compliance-driven check-box approach to a risk-based model, enables businesses to centralize the ongoing definition, evaluation, remediation, and analysis of their risk posture in a closed-loop process.
Joshua Goldfarb's picture
If you are a security leader, you owe it to yourself and to your organization to create a culture that rewards honesty and truthfulness. Otherwise, the house always wins.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.