Security Experts:

More Security Headlines

The Angler exploit kit has started using a technique called Domain Shadowing to ensure that operations are not disrupted by IP and domain blacklisting.
FireEye this week announced a new product integration with Samsung to enhance the security of mobile devices running Samsung’s KNOX.
Experts who contributed to making Chrome 41 secure have been awarded more than $50,000. A total of 19 vulnerabilities were reported by external researchers.
Researchers uncovered vulnerability that enables attackers to decrypt HTTPS-protected traffic.
A GAO report says the FAA needs to do more improve the cyber-security of the country's air traffic control systems.
Edward Snowden, the fugitive whistleblower who has been given refuge in Russia, is willing to return to the United States if he is given a fair trial, his lawyer said Tuesday.
Rapid7, a provider of security analytics software and services, announced on Tuesday that has launched a new services group dedicated to incident response.
Dutch chip equipment provider ASML has suffered a data breach, but the company says the attackers haven't gained access to any valuable information.
Despite the focus on exotic zero-day exploits and sophisticated hacking techniques, IT teams are more concerned about more mundane risks to their organizations, such as risky employee behavior and cloud security.
Natural Grocers said law enforcement is investigating a breach targeting payment card data.

SecurityWeek Experts

rss icon

Avi Chesla's picture
When security technologies are bypassed, they cannot be “programmed” to detect and prevent the new attack behavior, the same attack that has breached their protection-space borders.  
David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.
Pat Calhoun's picture
To evade network security defenses, Advanced evasion techniques (AETs) disguise malicious payloads by splitting them into smaller pieces and then delivering the pieces simultaneously, or at varying times, across multiple or rarely used network protocols.
Marcus Ranum's picture
With security data, you will almost never benefit from using a pie chart instead of a time/value chart, unless you only have a single instance of data.
Torsten George's picture
The transition from a compliance-driven check-box approach to a risk-based model, enables businesses to centralize the ongoing definition, evaluation, remediation, and analysis of their risk posture in a closed-loop process.
Joshua Goldfarb's picture
If you are a security leader, you owe it to yourself and to your organization to create a culture that rewards honesty and truthfulness. Otherwise, the house always wins.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.
Jason Polancich's picture
Most businesses today are not as secure as they could be due to an inaccurate view of their own cyberdefenses.
Marc Solomon's picture
For modern businesses, security leadership needs to ascend even higher in the organization: to the boardroom.
Wade Williamson's picture
Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.