Security Experts:

More Security Headlines

Technology mergers and acquisitions (M&A) soared by 57% year-over-year in the second quarter of 2014 and IT security has played an important role in this trend, according to professional services firm Ernst & Young.
The National Institute of Standards and Technology (NIST) released today draft guidelines for addressing the security risks posed by the use of Secure Shell (SSH) for automated access.
Of the 1,000 most downloadable free applications, almost 70 percent had at least one SSL vulnerability, according to an analysis FireEye.
A study conducted by iSEC Partners provided the developers of the Tor Browser Bundle with several long and short-term recommendations on how to make the application more secure.
The 2014 ICS Cyber Security Conference will address real world problems and discuss actual ICS cyber incidents, many of which have never been told before. Register by August 22 and save $300 on a full conference pass!
NIST is requesting public comments on a guide designed to help organizations determine potential security and privacy risks posed by third-party mobile applications
Experts say cybercriminals are moving away from fake anti-virus attacks because they're not as profitable as they used to be.
Attackers are playing on the hype around the crypto-currency Bitcoin to cast a wider phishing net looking for victims. It's not just bank credentials cyber-criminals are looking for.
Facebook awarded a $50,000 Internet Defense Prize to a pair of German researchers with a seemingly viable approach to detecting vulnerabilities in Web applications.
The UPS Store said on Wednesday that computer systems at several of its franchised center locations had been infected with stealthy malware that went undetected by its anti-virus software and exposed customer payment data.

SecurityWeek Experts

rss icon

Travis Greene's picture
The significant breaches of today are executed by people infiltrating the organization, and attackers are doing this by assuming identities or abusing insider privileges.
Danelle Au's picture
Cloud service providers play a key role in delivering security, but as part of the shared responsibility model, they are not liable for access to and usage of the cloud application.
Pat Calhoun's picture
With a community of nearly 400,000 registered users, Snort remains a valuable tool for security organizations and has certainly flexed its muscles, but it may need some reinforcements to maintain its security longevity.
James McFarlin's picture
Launched in 2009, CyberPatriot began with eight high school cybersecurity teams competing for scholarships. In just six years, participation quickly expanded to more than 1500 teams around the world.
Joshua Goldfarb's picture
Amidst recent headlines, I am concerned that as a security community, we are losing sight of an important principle that is very important to remember: not all intrusions involve malware.
Scott Gainey's picture
Corporate stewards are getting educated in a hurry and are gearing up to ask some very pointed questions regarding strategy for protecting company data.
Jason Polancich's picture
Businesses have more data on hand than they think. They key is crafting a plan to track it and combine it with data from outside their own walls against which the internal data can be analyzed.
Marc Solomon's picture
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.
James McFarlin's picture
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
Adam Ely's picture
This shift to mobile exposes a major fault that needs to be addressed and security practices must address mobile threats as well.