Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Panda Banker, an offspring of the infamous Zeus malware, was recently observed in a massive infection campaign where millions of spam messages were sent to potential victims. [Read More]
New and improved version of the Vawtrak banking Trojan released. Latest version includes SSL pinning, DGA [Read More]
Facebook announces winner of 2016 Internet Defense Prize – $100,000 awarded for research on post-quantum security for TLS [Read More]
A Word document exploit generator named HOMEKit has been used in the past years to deliver espionage malware [Read More]
Researcher gets $4,000 after finding a serious vulnerability in Rights Manager, Facebook’s anti-freebooting tool [Read More]
A TCP flaw affecting Linux systems allows attackers to terminate connections and inject malicious data [Read More]
Microsoft has been attempting to patch a serious Secure Boot vulnerability that researchers believe cannot be completely patched [Read More]
Researchers looking to cash in on working exploits for 0-day and N-day vulnerabilities can now turn to a new bounty program from Exodus Intelligence, which is offering up to $500,000 for certain exploits. [Read More]
Microsoft patches 27 vulnerabilities in Windows, Office, Edge and Internet Explorer [Read More]
The lack of any next-gen vendors among the participants in SELabs' recent report suggests that calling the report 'Enterprise Endpoint Protection' is probably unrealistic. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.
Wade Williamson's picture
It turned out to be a tricky month for security admins to take that long-awaited summer vacation because July was one of the busiest months in recent memory in terms of vulnerabilities.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
Torsten George's picture
Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart.
Jim Ivers's picture
IoT promises a lot of convenience, but there is a price to be paid if you don’t involve the best connected device ever created—your brain.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Emily Ratliff's picture
Wendy Nather coined the term “security poverty line” to describe how organizations operate when they have insufficient investment in IT security.
Jim Ivers's picture
Software that protects the crown jewels of the organization and reduces risk translates to “valuable.”