Security Experts:

More Security Headlines

The creators of the jQuery Validation Plugin have fixed a vulnerability in a demo component that was first reported to them more than three years ago.
Britain's privacy watchdog called on Russia to take down a site showing hacked live feeds from thousands of homes and businesses around the world and warned it was planning "regulatory action".
A new variant of the Citadel Trojan is designed to capture keystrokes in an effort to obtain the passwords that protect access to authentications solutions and password managers.
The Federal Trade Commission and the state of Florida recently obtained a court order that temporarily shuts down what the agency says is a massive tech support scam.
Mobile security firm Lookout warned that Android-powered smartphones or tablets are being targeted with mobile malware called "NotCompatible" that puts them at the mercy of hacker overlords.
Apple's first update for the iOS 8.1 mobile operating system includes bug fixes, increased stability and performance improvements for older devices, and also addresses several security issues.
The vulnerabilities exist in Advantech EKI-6340 V2.05, Advantech Web Access 7.2 and Advantech AdamView V4.3, according to Core Security.
With the release of the stable version of Chrome 39, Google has made several changes to improve stability and performance, but it has also addressed numerous vulnerabilities.
An integration feature that allows Parallels Desktop users to access Windows folders from Mac OS X operating systems can exploited for a guest-to-host virtual machine (VM) escape.
Cloud security firm CipherCloud announced that it has closed a massive $50 million round of funding led by Transamerica Ventures.

SecurityWeek Experts

rss icon

Marc Solomon's picture
While we can’t address security without technology, we also need to consider education. Organizations must also be committed to keeping their IT security staff highly trained on the current threat landscape and advanced approaches to security.
Eddie Garcia's picture
By default, Hadoop is not secure and simply trusts that users are who they say they are. Within real business use cases, especially when confidential and sensitive data sets are involved, restricting access to only authorized users is critical.
Nate Kube's picture
I would like the OT security community to move away from asking what can we do to gain greater adoption of a greenfield IT security model and instead ask how we can gain demonstrable gains in OT security posture more efficiently.
Scott Simkin's picture
As more organizations build applications other than Web and corporate email into the course of their business, adversaries are taking note and adjusting their tactics.
Joshua Goldfarb's picture
Because of the large volume of even the highest priority alerts, analysts are not able to successfully review each event. And with a large number of false positives, analysts become desensitized to alerts and do not take them seriously.
Jason Polancich's picture
Sharing threat information, analysis and expertise within your “extended family” can be very valuable to establishing the kind of early warning system that is the promise of cyber information sharing to begin with - and without most of the risks.
Jon-Louis Heimerl's picture
We all know passwords are not a great solution for securing our accounts and information. But, it is what we have right now, so we might as well make the best of them, eh? Take this quick quiz to see how secure your password is.
Marcus Ranum's picture
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
Avi Chesla's picture
In order to reap the greatest benefit from virtualization, SDN and NFV concepts, the control and data-plane functions of network security devices should be decoupled.
Travis Greene's picture
Done correctly, process automation can be used for triggering and diagnosing, with corrective actions presented as a menu of options for overworked security teams.
view counter