Security Experts:

More Security Headlines

Security researchers have conducted an in-depth analysis of both the client side and the command and control (C&C) servers of the malware dubbed "Mayhem."
Software developer vBulletin announced on Wednesday that it had released a patch to address a serious SQL injection vulnerability affecting the its forum software.
Researchers at Sentinel Labs say the malware is believed to originate from Russia and may have been designed to target government organizations.
Microsoft said it would slash 18,000 jobs from its global workforce over the next year, the majority from the integration of the Nokia unit acquired this year.
An international cybercrime operation that targeted money transfer services throughout Europe was taken down this week in a joint operation involving law enforcement agencies in Europe.
A new variant of the PushDo malware has already infected tens of thousands of computers across the globe, researchers from Bitdefender reported.
A buffer overflow flaw affecting the Web server embedded into Cisco devices can be leveraged by a remote, unauthenticated attacker to inject arbitrary commands and execute arbitrary code with elevated privileges.
Andrei Sergejev, who admitted stealing personal information and creating fake identification documents has been sentenced to prison.
A trade association representing service providers and suppliers in the telecom industry, has warned consumers about an increase in the number of scams that rely on caller ID spoofing.
Law enforcement officials have asked Congress to consider legislation that would give them more tools to go after the botnet operators.

SecurityWeek Experts

rss icon

Torsten George's picture
While the initial investment in a proof of concept can be costly, the end results might not only justify the additional expenses, but in the long-term save you money (and your job).
Mark Hatton's picture
Having a CISO not only solves the diffusion of responsibility problem by putting one person in charge, it also helps to transform the security culture in your organization.
Marcus Ranum's picture
There are two ways to start establishing security metrics. One is what I think of as the “bottom up” approach and the other being “top down”. For best results you might want to try a bit of both.
Joshua Goldfarb's picture
Not all security technologies are alert driven, but for those that are, there is huge potential value in turning off the default rule set
Marc Solomon's picture
With the right approach to security you can protect your organization’s sensitive information from both insiders and outsiders.
Jason Polancich's picture
Studying a problem from every angle and every level always leads to more practical solutions and quicker (re)action.
Adam Ely's picture
Many of us create our own blind spots through assumption. Until we understand what is occurring on mobile devices, we cannot determine if our controls are effective at managing risk.
Mark Hatton's picture
So what does the World Cup have to do with cyber security? A great deal actually. Anytime there is a large-scale global event, there is a sharp spike in the number of cyber scams that are unleashed.
Aviv Raff's picture
While the phrase “cyber kill chain” is embedded in the cyber security vocabulary, many enterprises are still not proactive about keeping their assets, data, and reputations safe from bad actors.
Danelle Au's picture
As SaaS adoption grows, so do the security concerns. But there is so much confusion around SaaS security that many enterprises are focusing on the wrong problems. Here are the three biggest myths when it comes to SaaS security...