Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Comodo SecureBox is designed to help organizations protect the important applications running on their endpoints.
Many software development firms still fail to ensure that the components they use don't contain security vulnerabilities, according to a report published by software supply chain management company Sonatype.
A presentation on cracking the anonymity of the TOR network scheduled to be held at the upcoming Black Hat USA conference in Las Vegas has been cancelled.
IBM is advising the owners of certain KVM switches to update the firmware on their devices to address a total of three security holes that can be exploited remotely.
Four recently-patched OpenSSL vulnerabilities have been found to affect several industrial products from Siemens.
Nearly half of the IT professionals surveyed at the Gartner Security & Risk Management Summit believe that the Java applications used by their organizations are vulnerable.
Security researchers have conducted an in-depth analysis of both the client side and the command and control (C&C) servers of the malware dubbed "Mayhem."
Software developer vBulletin announced on Wednesday that it had released a patch to address a serious SQL injection vulnerability affecting the its forum software.
Researchers at Sentinel Labs say the malware is believed to originate from Russia and may have been designed to target government organizations.
A buffer overflow flaw affecting the Web server embedded into Cisco devices can be leveraged by a remote, unauthenticated attacker to inject arbitrary commands and execute arbitrary code with elevated privileges.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Mark Hatton's picture
Predictive security narrows the scope considerably and helps IT and security pros zero-in on the most likely vulnerabilities and areas most-at-risk due to the sensitive nature of the data they hold.
Chris Hinkley's picture
Vulnerabilities are a fact of life. Independent testing may be illegal without express permission, but that doesn’t stop code pillagers from sniffing out vulnerabilities and weaknesses in your web applications.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Torsten George's picture
Without putting vulnerabilities into the context of the risk associated with them, organizations often misalign their remediation resources.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Mark Hatton's picture
The best way to anticipate a move by an adversary is to put yourself in their position and ask, what would I do in the same situation? Studying the ways in which you would attack a given situation provides a strategic advantage when planning your defense.
Ryan Naraine's picture
In this podcast, Richard Boscovich, assistant general counsel in the Microsoft Digital Crimes Unit, talks about the new Microsoft Cybercrime Center and the ongoing battle to stop the proliferation of botnets around the world.
Michael Callahan's picture
There’s more than functionality and availability issues ailing Healthcare.gov. There’s significant potential for compromise.
Ryan Naraine's picture
Vinnie Liu from Bishop Fox joins Ryan Naraine on the podcast to warn businesses about the security risks associated with the new LinkedIn Intro application.