Security Experts:

More Security Headlines

Critical command execution/privilege escalation vulnerability found in display software shipped with millions of devices [Read More]
New variants of a recently discovered BrickerBot Internet of Things (IoT) malware capable of permanently disabling devices were observed last week, Radware security researchers warn. [Read More]
Russia-linked cyberspy group Pawn Storm (aka APT28 and Fancy Bear) reportedly targeted French presidential candidate Emmanuel Macron [Read More]
An update released by Webroot caused the company’s antivirus to detect legitimate files as W32.Trojan.Gen [Read More]
Peter Yuryevich Levasho, the alleged author of the Kelihos botnet, has been charged in an eight-count indictment returned by a federal grand jury. [Read More]
Russian cybercriminal Valeryevich Seleznev was sentenced in the United States to 27 years in prison for hacking into point-of-sale (PoS) computers to steal credit card numbers. [Read More]
The Cyber Shield Act is a legislative proposal designed to cut "to the core of critical infrastructure cyber defense." It is proposed by Senator Edward J. Markey, Massachusetts -- but you won't find a draft bill anywhere yet. [Read More]
One of the tools allegedly used by the NSA-linked threat actor “Equation Group” and made public roughly a week ago has been already observed in live attacks. [Read More]
Moxa addresses hardcoded credentials issue that can be exploited by attackers to gain complete control of the company’s APs [Read More]
The Necurs botnet has switched back to delivering the Locky ransomware which is being distributed in high volumes. [Read More]

SecurityWeek Experts

rss icon

Adam Meyer's picture
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Alastair Paterson's picture
Bad actors will do whatever they can to take advantage of this potentially lucrative tax season – so beware the Ides of April.
Joshua Goldfarb's picture
Organizations should not be lured into a false sense of security if they deal in information or data that are not typically sought after by nation-state attackers.
Dan Cornell's picture
Security cannot exist in a vacuum – it must be integrated with the entirety of an organization’s strategy when it comes to securing development operations.
Lance Cottrell's picture
Wouldn’t it be great if cyber security teams could spend more time acting like the doctors and surgeons who work away from emergency rooms and ICUs?
Josh Lefkowitz's picture
Digital risk monitoring is a helpful tool for organizations that already have rich intelligence and not just data. Failing to distinguish between the two can be problematic.
Torsten George's picture
There are several steps that both information security and DevOps teams can take to minimize their attack surface in the context of these emerging technologies and development practices.
Marc Solomon's picture
A threat intelligence platform (TIP) needs to operationalize and apply intelligence as the glue to reduce fragmentation.
Ashley Arbuckle's picture
With more leading-edge IT capabilities available only in the cloud, companies that can migrate more of their applications accordingly stand to gain even greater agility, scalability, and efficiencies required for business success.
Travis Greene's picture
April is Stress Awareness Month. With the pace of constantly-evolving threats, budget battles and security apathy from users, it isn’t a stretch to imagine that stress is a part of the job in IT security.