Security Experts:

More Security Headlines

BitTorrent has addressed the vulnerability that could have been exploited to launch DRDoS attacks.
Mozilla has updated Firefox 40 to patch a couple of critical and high severity vulnerabilities.
Adobe patches XXE vulnerability in ColdFusion. The flaw exists in the BlazeDS component and it can lead to information disclosure.
The United States is confident of having killed Junaid Hussain, a top Islamic State cyber hacker and recruiter in a drone strike in Syria this week, US authorities said Thursday.
Endress+Hauser has patched a vulnerability affecting many of the company’s ICS products. The flaw exists in a library used by several ICS vendors.
The threat actor behind the Regin cyberespionage tool is still active. Symantec discovers 49 new modules.
1% of employees are responsible for 75% of cloud security risk in an organization, according to CloudLock
The stable series of Grsecurity’s Linux kernel patches will no longer be publicly available. Decision comes in response to GPL violations by the embedded Linux industry.
Caroline Kennedy, the US ambassador to Japan and daughter of late president John F. Kennedy, was criticized for using private email for official business.
PayPal has patched a critical flaw that allowed hackers to steal users’ personal and financial data.

SecurityWeek Experts

rss icon

Marc Solomon's picture
How do we handle the responsibility that cloud computing brings? It’s a responsibility that must be shared among vendors, users, business leaders, and IT security professionals and involves three key aspects.
Joshua Goldfarb's picture
The way in which we as a security community seem to be approaching the topic of information sharing seems backward to me.
Alan Cohen's picture
If vaults deep within the building protect banks from bank robbers, why do so many security professionals focus so much attention on their data center’s front door?
Rafal Los's picture
Security people who jump into troubled security organizations to help right the ship put their careers on the line and personal aspirations on hold, and their families take a temporary back seat.
Nate Kube's picture
Critical services we rely on are increasingly dependent upon cyberphysical interactivity. The scope of these critical services continues to broaden and deepen across industries, especially as the functionality and speed of devices is more widely understood.
Jason Polancich's picture
While most businesses feel they should be pursuing more robust cyber intelligence functions, most aren’t actually doing anything about it at all.
Travis Greene's picture
As much fun as it is to wake up to patches waiting to be unwrapped, we don’t want the regret of “exploit Wednesday”, which is far more embarrassing than becoming a victim of a zero-day exploit.
Joshua Goldfarb's picture
Detection is a philosophy, approach, and methodology that seeks to identify suspicious or malicious behaviors matching risks and threats the organization is concerned about.
Marc Solomon's picture
Accepting the reality that some attacks will get through, security effectiveness must be measured by how quickly we detect a compromise and stop the exploitation of that attack.
Alan Cohen's picture
Many CISOs say that action they undertake in their first six months on the job is to determine the most valuable and most at-risk actions and take steps to mitigate the risk. How can they take those steps while also addressing the catch-22?