Security Experts:

More Security Headlines

Edward Snowden joined a phone-in with Russian President Vladimir Putin, quizzing him over the extent of Moscow's surveillance activities.
Microsoft has updated its threat modeling tool with a number of new features.
Russia and Ukraine sit down for high-stakes talks in Geneva on Thursday, seeking to ease the crisis in the former Soviet republic after the US warned Moscow it must make concessions or face fresh sanctions.
Federal police in Canada arrested and charged a 19-year-old man in the theft of 900 Canadian taxpayers' data, which was made vulnerable by the "Heartbleed" bug.
The update includes fixes for critical vulnerabilities in Java SE and other products.
A new survey of nearly 600 IT pros found that it takes on average 140 days to find breaches due to SQL injection attacks and 68 days to remediate them.
A new study from the Ponemon Institute finds a tie between poor security and poor communication.
Web browsers may be overloaded by the overhaul of security certificates, leading to error messages and impacting Web performance.
Researchers at FireEye uncovered a vulnerability that enables attackers to use a malicious app to modify icons on the Android home screen to point to attack sites.
Britain named a top foreign ministry official as the new head of GCHQ, the electronic eavesdropping agency that came under scrutiny after leaks by former US analyst Edward Snowden.

SecurityWeek Experts

rss icon

Chris Coleman's picture
The shaping of the threat intelligence management market is critical to its success, and there is much confusion about the very term “threat intelligence.” I am a firm believer that intelligence is a process, not an individual thing, and that Intelligence is not “done.” It is “created.”
Nimmy Reichenberg's picture
Security practitioners have long had a love-hate relationship with automation, and for good reason.
Dr. Mike Lloyd's picture
The fact that insurance companies – well respected by every business-centric executive – look at cyber risk and say “no, thanks” is a pretty clear indicator that something is rotten...
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Torsten George's picture
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Mark Hatton's picture
I am painfully aware that in business and in security, hope is not a plan. However, that doesn’t mean we can’t dream a bit about the best case scenario. In the spirit of the season, here are five things I’m hoping for in the security industry this year.
Wade Williamson's picture
As enterprises become increasingly focused on security, it’s important to take an honest look not just at what security measures are in place, but how they are really used.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Chris Hinkley's picture
The most advanced technology in the world is only as good as the people and systems behind it. Otherwise your sophisticated security device is nothing more than a paperweight.