Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Non-profit organization SAFECode unveiled a series of new training modules to help enterprises train software developers in-house to write secure code.
Carsten Eiram, Chief Research Officer for Risk Based Security, recently published three advisories that disclose vulnerabilities in products offered by Rockwell Automation and Schneider Electric.
As a SecurityWeek reader, we are pleased to offer you the following complimentary IT security resources for the week of May 13, 2013.
Microsoft is set to fix 34 security vulnerabilities in this month's Patch Tuesday.
The tool, which goes for as little as $10, has built-in SQL injection options as well as the ability to add custom exploits, a researcher said.
Adobe has issued a Security Advisory for a newly disclosed critical security vulnerability (CVE-2013-3336) in Adobe ColdFusion.
Microsoft has released a one-click Fix it to help protect customers from a recently-disclosed security vulnerability affecting Internet Explorer 8.
Billy Rios and Terry McCorkle, researchers for Cylance, discovered that Google was using an outdated version of the Niagara framework building management system.
Several media sites, including two Washington, DC-based radio stations, have been compromised to infect unsuspecting visitors' systems with fake antivirus software.
Smaller open source projects tend to be more secure than proprietary applications, but the opposite is the case for software with more than a million lines of code, according to a new report from Coverity.
- 1 of 42
- ››
FEATURES, INSIGHTS // Vulnerabilities
We can assume Bitcoin will be followed by Bitcoin 2.0 that will solve Bitcoin 1.0 problems while maintaining the parts that were crucial to its success. But what exactly are these crucial elements?
The “if it works don’t touch it” mentality continues to thwart many aspects of cyber security — including information sharing. It’s also why the trust required to implement a successful Information Sharing scheme is also unlikely to blossom overnight.
In this podcast, Cylance Technical Directors Billy Rios and Terry McCorkle discuss the state of security in the ICS/SCADA world, the need for secure coding practices and whether the industry will have to rely on third-party security software.
The challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to controlling them. Organizations need to weigh the risk of a technology against the reward for the enterprise.
Ryan Naraine talks to Christopher Soghoian about the latest iMessage encryption brouhaha, the indifference of the telephone companies towards security and the controversial practice of buying and selling software exploits.
Immunity Inc. CEO and veteran hacker Dave Aitel talks about his early days in the security space, his argument against security awareness training, why Chris Soghoian is wrong on the exploit sale controversy and his own Brazilian Jiu-Jitsu game tactics.
In this podcast, CanSecWest founder Dragos Ruiu explains why Pwn2Own was created and shares his thoughts on the evolution of hacking and exploit writing.
In this debut episode the Security Conversations Podcast, Ryan talks to David Lenoe, Adobe's Product Security Incident Response Team (PSIRT) group manager, about the frustrations of responding to the "partial disclosure" of security vulnerabilities.
When it comes to security, you can scan for vulnerabilities all day long and even convince yourself that you know where that threat is hiding, but until you’re able to capture, correlate and contextualize it, it means nothing.
Not only is Google raising the bar, installing a ladder and raising the bar again in terms of vuln bounties - they are doing so for an operating system that is virtually non-existent in the wild.
- 1 of 6
- ››
Subscribe to SecurityWeek
- Yahoo Japan Suspects 22 Million IDs Stolen
- US Authorities Seize Bitcoin Operator Accounts
- Saudi Reports Attacks on Government Websites
- Italian Police Raid Hackers Who Took on Vatican
- Britain's Financial Times 'Hacked by Syrians'
- The High Financial Costs of Failed Trust
- ESET Uncovers Cyber Espionage Campaign Targeting Government Agencies in Pakistan
- Malicious YouTube Pages Targeting Chrome Users
- Four Lulzsec Hackers Sentenced to Jail in Britain
- Online Crime Leaves $525 Million Price Tag for Consumers
Copyright © 2013 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use