Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

WordPress 4.5.3 released. The latest version patches eight vulnerabilities and 17 bugs [Read More]
A total of 16 information leakage, DoS, directory traversal and buffer overflow vulnerabilities have been patched in the Pidgin chat client [Read More]
HTML5 will not prevent malvertising. This has nothing to do with HTML5 per se, but is down to the nature of the adverts themselves. [Read More]
Several arbitrary code execution vulnerabilities have been patched in the open-source Libarchive library [Read More]
Several security firms confirm that the recent attacks on the DNC appear to have been carried out by Russian cyberspies [Read More]
Chinese cyberspies continue to launch attacks against the US and other countries, but their campaigns are more focused and calculated [Read More]
Exploit kit traffic is only a small percentage of what it used to be: it dropped 96% since early April 2016 [Read More]
More than half of Alexa top 500 domains can be spoofed because their owners failed to properly configure email authentication [Read More]
Dubbed Containers, a few feature in Firefox is meant to allow people use different browser tabs for different contexts, including work, banking, shopping, or personal. [Read More]
Adobe patches Flash Player zero-day vulnerability exploited by the APT group ScarCruft in attacks aimed at high-profile targets [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Emily Ratliff's picture
Wendy Nather coined the term “security poverty line” to describe how organizations operate when they have insufficient investment in IT security.
Jim Ivers's picture
Software that protects the crown jewels of the organization and reduces risk translates to “valuable.”
Jim Ivers's picture
Developers are not trained in security and security is not yet an adequately integrated component of the development process. We are not applying good, or even minimal, security practices.
Emily Ratliff's picture
Writing yet another “security” paper isn’t going to do the trick. Security practitioners need to do a better job of getting our messages integrated into core developer documentation.
Simon Crosby's picture
Next-gen Anti-Virus can’t help any more than traditional AV, but the principle of least privilege, enforced through virtualization based security, can stop the breach before it starts.
Jim Ivers's picture
The Internet of Things (IoT) will result in billions of connected devices coming on line in the next ten years, and the associated software will be built by industries that traditionally have not emphasized software security.
Emily Ratliff's picture
When you run an application, how can you verify that what you are running was actually built from the code that a trusted developer wrote?