Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

GitHub has rewarded researchers nearly $100,000 since the launch of its bug bounty program two years ago [Read More]
Oracle has patched a high severity vulnerability in Java that can be exploited for arbitrary code execution [Read More]
EMET 5.5 was released with improved configuration of various mitigations via Group Policy Object (GPO) and various EAF/EAF+ pseudo-mitigation performance improvements. [Read More]
Researchers have found a vulnerability in eBay that can be exploited for phishing and malware attacks, but the e-commerce giant believes the risk is low [Read More]
WordPress 4.4.2 patches open redirect and SSRF vulnerabilities, along with 17 functionality bugs [Read More]
Anti-malware firm Malwarebytes launches bug bounty program, offering rewards between $100 and $1,000 [Read More]
Facebook has awarded a researcher $7,500 for reporting a serious XSS vulnerability that could have been exploited to hack accounts [Read More]
OpenSSL 1.0.2f released to patch a high severity vulnerability that can be exploited by hackers to decrypt TLS traffic [Read More]
LG has released a security update for some of its latest smartphones to resolve a severe vulnerability found in the Smart Notice application. [Read More]
Samsung has released a maintenance update for its major Android flagship Galaxy models to resolve 16 vulnerabilities in these devices. [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
Jim Ivers's picture
Hackers are creative by nature, so you have to use your imagination to think like one. Once you can see your organization from a hacker’s point-of-view, you will be equipped to defend your organization like a security pro.
Simon Crosby's picture
We owe the richness of today’s Web to the micro-payment model of online advertising, and it is difficult to imagine an alternative. But there are consequences for anyone who uses the Internet, although they may not realize it.
Jim Ivers's picture
Security must be built into IoT devices and systems just like any other application. Security practices must be followed.
Torsten George's picture
IoT opens up companies all over the world to more security threats, and only time will tell if the IoT vendor community can come together to create a common security framework that helps shrink the security risk iceberg and minimize the risk of cyber-attacks.
Nate Kube's picture
Critical services we rely on are increasingly dependent upon cyberphysical interactivity. The scope of these critical services continues to broaden and deepen across industries, especially as the functionality and speed of devices is more widely understood.
David Holmes's picture
As new SSL vulnerabilities surface, we can use our enterprise-specific categorization to decide if it’s going to be a Godzilla day or a Hello Kitty day.
Mark Hatton's picture
Unfortunately, when it comes to security, what you’ve accomplished means very little. It’s all about where the vulnerabilities still exist.
David Holmes's picture
Is it possible to apply this maxim to global SSL patch rates? Let’s take a look at the most recent SSL vulnerability: POODLE.
David Holmes's picture
The media was so taken with the idea that Kate Upton nude photos had caused a DDoS attack that they just took the story and ran with it. But what really caused disrupted service across New Zealand’s major ISPs?