Security Experts:

Virus & Threats
long dotted


Kaspersky has released an update for its antivirus products to address a flaw affecting the Network Attack Blocker component.
Amazon Inspector is a new tool designed to analyze the behavior of applications deployed on its Amazon Web Services (AWS) to help identify potential security issues.
Microsoft has awarded a researcher $24,000 for a authentication vulnerability that could have been exploited to hack accounts.
On Tuesday, October 13, Adobe will release updates for the Windows and Mac versions of Reader and Acrobat to address critical vulnerabilities.
New collision attack method involving GPUs lowers the cost of breaking the SHA1 security standard. Experts say the industry should speed up migration to SHA2.
The developers of the mysterious vigilante malware Wifatch have come forward and published the project’s source code.
Researchers at FireEye have been monitoring a malicious adware campaign that has affected the devices of Android users in more than 20 countries.
Google on Monday released a security update for Nexus devices, aimed at resolving critical "Stagefright 2.0." vulnerabilities the media playback engine in Android.
Cisco has made some improvements to its security vulnerability advisories based on customer feedback.
A threat group breached a company’s webmail server and used the access to steal credentials and maintain persistence.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
IoT opens up companies all over the world to more security threats, and only time will tell if the IoT vendor community can come together to create a common security framework that helps shrink the security risk iceberg and minimize the risk of cyber-attacks.
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Nate Kube's picture
Critical services we rely on are increasingly dependent upon cyberphysical interactivity. The scope of these critical services continues to broaden and deepen across industries, especially as the functionality and speed of devices is more widely understood.
David Holmes's picture
As new SSL vulnerabilities surface, we can use our enterprise-specific categorization to decide if it’s going to be a Godzilla day or a Hello Kitty day.
Mark Hatton's picture
Unfortunately, when it comes to security, what you’ve accomplished means very little. It’s all about where the vulnerabilities still exist.
David Holmes's picture
Is it possible to apply this maxim to global SSL patch rates? Let’s take a look at the most recent SSL vulnerability: POODLE.
David Holmes's picture
The media was so taken with the idea that Kate Upton nude photos had caused a DDoS attack that they just took the story and ran with it. But what really caused disrupted service across New Zealand’s major ISPs?
Mark Hatton's picture
Without the ability to prioritize in certain situations, you may end up waiting weeks to apply the most important patch. Think of your corporate network like your home. There are probably lots of items on your honey do list, but they can’t all be completed today.
Marc Solomon's picture
Today’s email-based attacks don’t occur at a single point in time and use multiple methods to evade detection. To bolster protection, organizations may turn to a set of disparate products that don’t – and can’t – work together.
Scott Simkin's picture
As more organizations build applications other than Web and corporate email into the course of their business, adversaries are taking note and adjusting their tactics.