Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
ICS-CERT published an advisory centered on a hard-coded password vulnerability that impacts some 300 medical devices – including implanted devices such as pacemakers or defibrillators.
ThreatVue automates the implementation, analysis and remediation guidance of essential security controls as recommended by the Center for Strategic and International Studies (CSIS) and The SANS Top 20 Controls.
Trend Micro researchers have found evidence of the Rarstone remote access tool in targeted attacks against various organizations in the telecommunications and energy industries in Asia.
The US Food and Drug Administration said implanted devices, which could include pacemakers or defibrillators, could be connected to networks that are vulnerable to hackers.
The Open Web Application Security Project (OWASP) released an update to its Top 10 list of risks facing developers. As in previous years, injection remained the top application security risk.
BlackBerry released two security advisories on Tuesday, alerting customers about vulnerabilities affecting its BlackBerry Z10 smartphones and BlackBerry PlayBook tablets.
Microsoft is telling users to prioritize not just a critical update for Internet Explorer, but also a vulnerability in Microsoft Office being exploited in the wild
Google has increased the amount of award money in its bounty program for researchers who discover and report vulnerabilities in Google products.
Only one of the bulletins - one affecting Internet Explorer - is rated 'Critical.'
Jerry Davis, the VA’s former CISO, told members of the House Veterans' Affairs oversight and investigations subcommittee the sensitive personal information the department is charged with protecting remains at risk due to flawed processes and procedures, and inadequate protection.
- 1 of 45
- ››
FEATURES, INSIGHTS // Vulnerabilities
We can assume Bitcoin will be followed by Bitcoin 2.0 that will solve Bitcoin 1.0 problems while maintaining the parts that were crucial to its success. But what exactly are these crucial elements?
The “if it works don’t touch it” mentality continues to thwart many aspects of cyber security — including information sharing. It’s also why the trust required to implement a successful Information Sharing scheme is also unlikely to blossom overnight.
In this podcast, Cylance Technical Directors Billy Rios and Terry McCorkle discuss the state of security in the ICS/SCADA world, the need for secure coding practices and whether the industry will have to rely on third-party security software.
The challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to controlling them. Organizations need to weigh the risk of a technology against the reward for the enterprise.
Ryan Naraine talks to Christopher Soghoian about the latest iMessage encryption brouhaha, the indifference of the telephone companies towards security and the controversial practice of buying and selling software exploits.
Immunity Inc. CEO and veteran hacker Dave Aitel talks about his early days in the security space, his argument against security awareness training, why Chris Soghoian is wrong on the exploit sale controversy and his own Brazilian Jiu-Jitsu game tactics.
In this podcast, CanSecWest founder Dragos Ruiu explains why Pwn2Own was created and shares his thoughts on the evolution of hacking and exploit writing.
In this debut episode the Security Conversations Podcast, Ryan talks to David Lenoe, Adobe's Product Security Incident Response Team (PSIRT) group manager, about the frustrations of responding to the "partial disclosure" of security vulnerabilities.
When it comes to security, you can scan for vulnerabilities all day long and even convince yourself that you know where that threat is hiding, but until you’re able to capture, correlate and contextualize it, it means nothing.
Not only is Google raising the bar, installing a ladder and raising the bar again in terms of vuln bounties - they are doing so for an operating system that is virtually non-existent in the wild.
- 1 of 6
- ››
Subscribe to SecurityWeek
- Researcher to Demonstrate Hollywood Style Attack at BlackHat
- Malicious Campaign Targeting Government Security News Hit Dozens of Sites
- Microsoft Unveils Three Bug Bounty Programs for Win 8.1, IE 11 Previews
- Russia and U.S. Setup Cybersecurity Hotline to Prevent Accidental Cyberwar
- Andreessen Horowitz and Citi Ventures Drop $11M Into Phone Fraud Prevention Startup
- Threat Intelligence Staffing to Evolve Security Operations
- Risk I/O Integrates Real-Time Attack Data
- Top WordPress Plugins Contain Serious Security Vulnerabilities
- Oracle Patches Critical Java Vulnerabilities
- Source Code for Carberp Trojan for Sale in Cybercrime Underground
Copyright © 2013 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use