Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Researchers use drones and hard drive LEDs to steal data from air-gapped computers at speeds of up to 4,000 bps [Read More]
Netflix releases Stethoscope, an open source security tool that gives users recommendations for securing their devices [Read More]
Microsoft patched 189 critical vulnerabilities last year and a majority of them could have been mitigated by removing administrator rights [Read More]
Breach that may have affected many major organizations comes to light after nearly two years. Links found to Chinese APTs [Read More]
Microsoft postponed security updates to March 14, but decided to release one after all to address Flash Player vulnerabilities in IE and Edge [Read More]
Researchers warn about the threat posed by logic bombs to industrial control systems (ICS), particularly programmable logic controllers (PLCs) [Read More]
Unpatched vulnerabilities in Java and Python allow attackers to use FTP injections to bypass firewalls, including from Cisco and Palo Alto Networks [Read More]
A remote command execution (RCE) vulnerability has been found by a researcher in Siklu EtherHaul radios [Read More]
Lazarus-linked hackers behind attacks on banks worldwide attempted to trick investigators into thinking they speak Russian [Read More]
An unpatched vulnerability affecting the Windows Graphics Device Interface (Windows GDI) was publicly disclosed last week after Microsoft failed to address it within 90 days after being notified. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
Enabling developers through the right mix of tools and education just makes too much sense and generates too much value for all concerned.
Adam Meyer's picture
Cyber threat intelligence is showing us is that most threats simply exploit a series of well-documented vulnerabilities and other weak points to move along the path of least resistance – and the most profit.
Josh Lefkowitz's picture
Not adhering to responsible disclosure has the potential to amplify the threats posed by certain vulnerabilities and incidents.
Jim Ivers's picture
Many of you understand that addressing the vulnerabilities in your software is something you can no longer ignore, and are ready to get serious about software security.
Jim Ivers's picture
If your target is a connected toy, there is a new angle to consider: how secure is that toy? Is the connectivity of the toy potentially exposing personal data about your child?
David Holmes's picture
Many can figure out how to hack Smart-city services using simple techniques like replay to get free services or, in some cases, make a little bit of money.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?
Alastair Paterson's picture
Understanding what makes a good exploit kit is the first step in protecting against such attacks. But what else can you do to prevent adversaries from using exploit kits against your organization?