Security Experts:

More Security Headlines

Dell SecureWorks has added Advanced Endpoint Threat Detection (AETD) as the latest solution in its Advanced Threat Services portfolio.
British parenting website Mumsnet is the latest organization to have been hacked due to the "Heartbleed" bug, founder Justine Roberts revealed.
During the second half of 2013, APWG found that attacks on vulnerable shared hosting providers led to 18 percent of all phishing attacks worldwide
Akamai Technologies admitted some custom code it thought protected users against the Heartbleed vulnerability is flawed.
Personal data for as many as 900 Canadian taxpayers was stolen after being made vulnerable by the "Heartbleed" bug, officials in Ottawa said on Monday.
CloudFlare was able to confirm that an attacker can retrieve a server's private SSL key by exploiting the "Heartbleed" Vulnerability.
Germany's aeronautics and space research center has for months been the target of a suspected cyber attack by a foreign intelligence service, according to reports.
The NSA denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
An appeals court in the United States overturned the conviction of a self-described "security research" hacker for breaking into the AT&T online network to reveal a security flaw.
Canada's government ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.

SecurityWeek Experts

rss icon

Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Mark Hatton's picture
The oversight for the protection of healthcare information is only getting tighter, and it is incumbent upon the security teams to ensure healthcare professionals have all the tools necessary to improve patient outcomes, while we worry about keeping the bad guys away.
Nimmy Reichenberg's picture
By properly segregating the network, you are essentially minimizing the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do.
Tal Be'ery's picture
The Target breach shows that APT attacks have commoditized and therefore should concern not only the government and defense industry, but probably every enterprise.
Torsten George's picture
The NIST Cybersecurity Framework is a good first step towards creating a standardized approach to cyber security, but requires many substantial updates before really improving our nation’s cyber resilience.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.
Marc Solomon's picture
The energy sector requires an approach to cybersecurity that doesn’t rely exclusively on air gaps or point-in-time detection tools but addresses the full attack continuum – before, during, and after an attack.
Marcus Ranum's picture
There are many important and useful tools related to the metrics landscape; let's take a look at some of them and how they fit together.
Mark Hatton's picture
During the RSA Conference we heard a lot about the changing landscape of threats and how attackers are becoming more sophisticated and better funded every day. So naturally the debate ensued around whether keeping pace and ultimately closing the gap is a question of technology, spend or approach.
Aviv Raff's picture
The worst time for an enterprise to discover a gap between what they expected and what they need is during a cyber attack. Here are five questions that enterprises should ask about actionable intelligence now, not later.