Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Many organizations in Ukraine targeted in a campaign that shares some similarities with Operation Groundbait [Read More]
Update released by Apple for GarageBand patches a code execution vulnerability discovered by Cisco Talos researchers [Read More]
High severity denial-of-service (DoS) vulnerability patched in OpenSSL 1.1.0 with the release of version 1.1.0e [Read More]
Cyber espionage group with ties to Iran and Shamoon attacks targets organizations in Middle East, particularly Saudi Arabia [Read More]
IBM researchers believe Shamoon used macro-enabled documents and PowerShell scripts to infect victims [Read More]
Microsoft informed customers that the February patches will only be released on March 14 as part of the next planned Update Tuesday [Read More]
Russian-speaking black hat breaches the systems of more than 60 universities and US government agencies [Read More]
FireEye today unveiled major updates to its endpoint security platform, including two new protection engines and support for Apple’s macOS systems. [Read More]
Address space layout randomization (ASLR) protection can be broken via practical attacks using JavaScript without any specific instructions or software features, a newly published research paper claims. [Read More]
Study conducted by Trend Micro shows the exposure of critical sectors and industrial systems in the United States [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
Enabling developers through the right mix of tools and education just makes too much sense and generates too much value for all concerned.
Adam Meyer's picture
Cyber threat intelligence is showing us is that most threats simply exploit a series of well-documented vulnerabilities and other weak points to move along the path of least resistance – and the most profit.
Josh Lefkowitz's picture
Not adhering to responsible disclosure has the potential to amplify the threats posed by certain vulnerabilities and incidents.
Jim Ivers's picture
Many of you understand that addressing the vulnerabilities in your software is something you can no longer ignore, and are ready to get serious about software security.
Jim Ivers's picture
If your target is a connected toy, there is a new angle to consider: how secure is that toy? Is the connectivity of the toy potentially exposing personal data about your child?
David Holmes's picture
Many can figure out how to hack Smart-city services using simple techniques like replay to get free services or, in some cases, make a little bit of money.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?
Alastair Paterson's picture
Understanding what makes a good exploit kit is the first step in protecting against such attacks. But what else can you do to prevent adversaries from using exploit kits against your organization?