Security Experts:

Virus & Threats
long dotted


A group of security researchers, hardware hackers, hardware developers and hobbyists have set out to demonstrate that many of the tools similar to those used by the NSA for surveillance operations can be reproduced on a low budget with open source software and hardware components.
Symantec's decision will create two separate companies - one focused on security, the other on information management - in the hopes of maximizing growth opportunities.
Microsoft is planning to release fixes for multiple products next week, including critical patches for Windows and Internet Explorer.
The developers of the Cuckoo Sandbox were forced to take quick action after being notified of the existence of a serious vulnerability that can potentially be exploited to take control of affected systems.
IBM is just one of the many technology companies struggling to patch products affected by the GNU Bash vulnerability dubbed "ShellShock."
Researchers have uncovered several security holes in enterprise software solutions developed by German business software giant SAP.
Google announced on Tuesday the availability of Chrome 38 for Windows, Linux and Mac. The latest version of the Web browser patches a total of 159 security vulnerabilities.
Arbor Networks observed an uptick in Simple Service Discovery Protocol reflection attacks during the third quarter of 2014, according to a new report on DDoS attacks.
The most serious of the vulnerabilities could be used by an attacker to escalate privileges.
The malware, dubbed Tyupkin, has been spotted on more than 50 machines throughout Eastern Europe.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
A threat is the agent that takes advantage of a vulnerability. This relationship must be a key factor in the risk assessment process and can no longer be treated as risk’s neglected step child.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Mark Hatton's picture
Here are five things I recommend security pros keep in mind when navigating the line between tight security and keeping the organization running at peak proficiency.
Chris Hinkley's picture
Whether you’re buying a smart refrigerator for your home or a printer for your company, your first step is deciding the risk involved and how to deploy the device in a secure manner while preserving the functionality you require.
Mark Hatton's picture
Predictive security narrows the scope considerably and helps IT and security pros zero-in on the most likely vulnerabilities and areas most-at-risk due to the sensitive nature of the data they hold.
Chris Hinkley's picture
Vulnerabilities are a fact of life. Independent testing may be illegal without express permission, but that doesn’t stop code pillagers from sniffing out vulnerabilities and weaknesses in your web applications.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Torsten George's picture
Without putting vulnerabilities into the context of the risk associated with them, organizations often misalign their remediation resources.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.