Security Experts:

More Security Headlines

A group of former and current students have sued Google in federal court in San Jose, California, alleging that the company scanned their Gmail accounts and gathered data for advertising purposes. [Read More]
Gamers who created an account on the forums of Bohemia Interactive’s DayZ video game have been advised to change their passwords due to a data breach [Read More]
Google researcher Tavis Ormandy found a vulnerability in Avast SafeZone that allowed attackers to read any file on the system [Read More]
Dell announced the availability of a new enterprise endpoint security solution that now features post-boot BIOS verification, along with integrated threat protection technology powered by Cylance. [Read More]
A researcher has released exploits for a couple of unpatched vulnerabilities in Netgear’s NMS300 network management system [Read More]
In a statement provided in response to multiple inquiries by SecurityWeek, former Norse CEO Glines admitted to making mistakes in managing the company, but also contended that Krebs’ report contained inaccuracies. [Read More]
A series of vulnerabilities found by researchers in a Sauter building management SCADA product allow attackers to gain complete control of affected systems [Read More]
Hidden Tear, the so-called educational ransomware that was released as Open Source in August 2015, has been used to create over two dozen spin-offs, Kaspersky Lab researchers warn. [Read More]
The Socat networking utility is plagued by a crypto bug that puts secure communications at risk [Read More]
Cisco releases software updates to fix high severity vulnerabilities in switches, security, and management products [Read More]

SecurityWeek Experts

rss icon

Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
David Holmes's picture
During the public beta of Let’s Encrypt, it may simply be that people believe it will work. Belief works for medicine, but not for security. One way or the other, we’ll know soon.
Torsten George's picture
Threat intelligence has little value unless it is put into context of an organization’s security posture. Most enterprises don’t have the resources to apply the required logic to correlate external threat data with their internal security intelligence.
Alan Cohen's picture
Traditional incident management approaches that rely on network monitoring and detection of attacks are also falling short in today’s agile and distributed computing world.
Wade Williamson's picture
Asking for security backdoors that only benefit the good guys is like asking for bullets that only hurt the bad guys. That’s simply not how encryption works.
Tim Layton's picture
By understanding your adversaries’ activity on the Dark Web , you can take more of a proactive approach that helps reduce uncertainty and improves overall cyber resiliency.
Alastair Paterson's picture
As security professionals, it’s our job to enable business while protecting it; embracing social media is an imperative, but we also need to mitigate the exploitation of what our organizations reveal online.
Joshua Goldfarb's picture
Every organization will have its limitations and resource constraints. But that doesn’t mean the organization should aim solely for "good enough" security.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Johnnie Konstantas's picture
DLP provides a range of business benefits, including compliance support and intellectual property protection. The concept isn’t a new one, but the ability to put it to use in an easier, more viable manner is.