Security Experts:

Virus & Threats
long dotted


Exploit acquisition firm Zerodium reveals how much money it’s prepared to pay for each type of zero-day.
VMware has released updates for several products due to a vulnerability in Apache Flex BlazeDS
Researchers showed various methods that attackers could have used to obtain LastPass passwords.
BitLocker, the disk encryption solution implemented in the Windows operating system starting with Windows Vista, does not require sophisticated tools or tactics to be bypassed on systems that do not have the latest patches from Microsoft installed, security researcher Ian Haken claims.
VirusTotal now allows users to check the behavior of Mac OS X files by running them in a sandbox.
Researchers have identified a flaw in D-Link smart switches that allows a remote attacker to easily access logs and configuration files.
The libpng library has been updated to patch a couple of memory corruption vulnerabilities that can be exploited with specially crafted images.
Police body cameras shipped with Conficker worm. The malware was discovered by a firm tasked with building a video storage system for police and government agencies.
Google plans to ramp up security for Gmail by letting users know when messages arrive via unencrypted connections that could be prone to snooping or tampering.
Chinese researcher Guang Gong demonstrated how an Android device can be hijacked by exploiting a JavaScript v8 vulnerability through the Chrome browser.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Simon Crosby's picture
While data breaches aren’t going away anytime soon, every company has a choice of how they prepare for them. By focusing on the endpoint, businesses can better secure themselves with less cost and less time expended by the IT team.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Torsten George's picture
IoT opens up companies all over the world to more security threats, and only time will tell if the IoT vendor community can come together to create a common security framework that helps shrink the security risk iceberg and minimize the risk of cyber-attacks.
Travis Greene's picture
In the case of Hilary Clinton's personal email server, we know that Top Secret information was transmitted over a network that likely wasn’t equipped to safeguard it. If her server was a target of foreign state actors, the implications are frightening.
Nate Kube's picture
Critical services we rely on are increasingly dependent upon cyberphysical interactivity. The scope of these critical services continues to broaden and deepen across industries, especially as the functionality and speed of devices is more widely understood.
David Holmes's picture
As new SSL vulnerabilities surface, we can use our enterprise-specific categorization to decide if it’s going to be a Godzilla day or a Hello Kitty day.
Mark Hatton's picture
Unfortunately, when it comes to security, what you’ve accomplished means very little. It’s all about where the vulnerabilities still exist.
David Holmes's picture
Is it possible to apply this maxim to global SSL patch rates? Let’s take a look at the most recent SSL vulnerability: POODLE.
David Holmes's picture
The media was so taken with the idea that Kate Upton nude photos had caused a DDoS attack that they just took the story and ran with it. But what really caused disrupted service across New Zealand’s major ISPs?
Mark Hatton's picture
Without the ability to prioritize in certain situations, you may end up waiting weeks to apply the most important patch. Think of your corporate network like your home. There are probably lots of items on your honey do list, but they can’t all be completed today.