Security Experts:

long dotted


Nintendo is prepared to pay between $100 and $20,000 for vulnerabilities found in its 3DS consoles [Read More]
Google this week released Chrome 55 to resolve 36 security vulnerabilities and to switch the popular Adobe Flash plugin off by default. [Read More]
A communication protocol used by Implantable Cardioverter Defibrillators (ICDs) is weak enough to allow even attackers without advanced knowledge to exploit vulnerabilities and execute attacks. [Read More]
Vulnerabilities in the Android remote management tool AirDroid potentially impact over 50 million devices, security researchers at Zimperium zLabs warn. [Read More]
Google has launched the beta of OSS-Fuzz to help developers locate bugs in software that eventually lead to breaches. [Read More]
Experts comment on recently proposed software-based mitigations for the DRAM attack dubbed Rowhammer [Read More]
Updates released for Firefox and the Tor Browser patch the zero-day vulnerability exploited, possibly by law enforcement, to unmask Tor users [Read More]
During the more frequent feature updates in Windows 10, pressing SHIFT+F10 gives the user admin privileges while BitLocker is disabled. [Read More]
Cisco has decided to give vendors 90 days to patch the vulnerabilities discovered by its Talos researchers before disclosing their details [Read More]
While packed with a load of new security features, Window 10 doesn’t offer some of the additional protections that Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) brings, CERT vulnerability analyst Will Dormann warns. [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

David Holmes's picture
Many can figure out how to hack Smart-city services using simple techniques like replay to get free services or, in some cases, make a little bit of money.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?
Alastair Paterson's picture
Understanding what makes a good exploit kit is the first step in protecting against such attacks. But what else can you do to prevent adversaries from using exploit kits against your organization?
Jennifer Blatnik's picture
The interests of the researchers should be to make the world more secure, not profit from a corporation’s vulnerabilities.
Jim Ivers's picture
I know I no longer have much trust in the connected devices in my home, and wonder what they do with their spare time.
Travis Greene's picture
A reliance on Internet voting with current technology will lead to the disenfranchisement of voters and manipulation by foreign or domestic attackers.
Jim Ivers's picture
Mature organizations should adopt a blended approach that employs testing tools at various stages in the development life cycle.
Scott Simkin's picture
While exploit kits are certainly contributing to the steady rise in the number of cyberattacks, in the end, the methods they use to infect endpoints and networks can be stopped provided the proper steps are taken.