Security Experts:

long dotted


Anti-malware firm Malwarebytes launches bug bounty program, offering rewards between $100 and $1,000 [Read More]
Facebook has awarded a researcher $7,500 for reporting a serious XSS vulnerability that could have been exploited to hack accounts [Read More]
OpenSSL 1.0.2f released to patch a high severity vulnerability that can be exploited by hackers to decrypt TLS traffic [Read More]
LG has released a security update for some of its latest smartphones to resolve a severe vulnerability found in the Smart Notice application. [Read More]
Samsung has released a maintenance update for its major Android flagship Galaxy models to resolve 16 vulnerabilities in these devices. [Read More]
Microsoft patched more than 570 vulnerabilities in its products in 2015, most of which affected the Internet Explorer browser, according to analysis from ESET. [Read More]
Firefox 44, the latest version of Mozilla’s web browser, is now available for download and comes with a series of security patches, and has fully removed support for the RC4 cipher. [Read More]
Malicious actors can abuse misconfigured HP enterprise printers to store malicious code and illegal materials [Read More]
Lenovo releases new versions of SHAREit for Windows and Android to address several vulnerabilities found by researchers [Read More]
Several vulnerabilities patched in Magento, including stored XSS flaws that can be exploited to take over websites [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
Jim Ivers's picture
Hackers are creative by nature, so you have to use your imagination to think like one. Once you can see your organization from a hacker’s point-of-view, you will be equipped to defend your organization like a security pro.
Simon Crosby's picture
We owe the richness of today’s Web to the micro-payment model of online advertising, and it is difficult to imagine an alternative. But there are consequences for anyone who uses the Internet, although they may not realize it.
Jim Ivers's picture
Security must be built into IoT devices and systems just like any other application. Security practices must be followed.
Torsten George's picture
IoT opens up companies all over the world to more security threats, and only time will tell if the IoT vendor community can come together to create a common security framework that helps shrink the security risk iceberg and minimize the risk of cyber-attacks.
Nate Kube's picture
Critical services we rely on are increasingly dependent upon cyberphysical interactivity. The scope of these critical services continues to broaden and deepen across industries, especially as the functionality and speed of devices is more widely understood.
David Holmes's picture
As new SSL vulnerabilities surface, we can use our enterprise-specific categorization to decide if it’s going to be a Godzilla day or a Hello Kitty day.
Mark Hatton's picture
Unfortunately, when it comes to security, what you’ve accomplished means very little. It’s all about where the vulnerabilities still exist.
David Holmes's picture
Is it possible to apply this maxim to global SSL patch rates? Let’s take a look at the most recent SSL vulnerability: POODLE.
David Holmes's picture
The media was so taken with the idea that Kate Upton nude photos had caused a DDoS attack that they just took the story and ran with it. But what really caused disrupted service across New Zealand’s major ISPs?