Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Four high severity denial-of-service (DoS) vulnerabilities have been patched in the BIND DNS software on January 11 [Read More]
Eight vulnerabilities and 62 bugs patched with the release of WordPress 4.7.1, including the recently disclosed PHPMailer flaw [Read More]
Trend Micro's Zero Day Initiative (ZDI) paid out nearly $2 million in 2016 for vulnerabilities [Read More]
The group calling itself “Shadow Brokers” is offering Windows exploits and anti-virus bypass tools for sale in a new underground marketplace. [Read More]
Developers of the Ansible automation platform release updates to patch a vulnerability that allows arbitrary command execution on the controller [Read More]
Proof-of-concept (PoC) code for one DoS vulnerability in Windows leads to the discovery of a different but similar flaw [Read More]
D-Link has hired government accountability organization Cause of Action Institute to defend it against “baseless” FTC charges [Read More]
Microsoft has patched vulnerabilities in Windows, Office and Edge, but only released four security bulletins [Read More]
Adobe patches a total of 42 vulnerabilities in its Acrobat, Reader and Flash Player products [Read More]
St. Jude Medical has patched some of the vulnerabilities found by MedSec, but the vendor insists the risk of cyberattacks is extremely low [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
Many of you understand that addressing the vulnerabilities in your software is something you can no longer ignore, and are ready to get serious about software security.
Jim Ivers's picture
If your target is a connected toy, there is a new angle to consider: how secure is that toy? Is the connectivity of the toy potentially exposing personal data about your child?
David Holmes's picture
Many can figure out how to hack Smart-city services using simple techniques like replay to get free services or, in some cases, make a little bit of money.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?
Alastair Paterson's picture
Understanding what makes a good exploit kit is the first step in protecting against such attacks. But what else can you do to prevent adversaries from using exploit kits against your organization?
Jennifer Blatnik's picture
The interests of the researchers should be to make the world more secure, not profit from a corporation’s vulnerabilities.
Jim Ivers's picture
I know I no longer have much trust in the connected devices in my home, and wonder what they do with their spare time.
Travis Greene's picture
A reliance on Internet voting with current technology will lead to the disenfranchisement of voters and manipulation by foreign or domestic attackers.