Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

All totaled, Microsoft patched 42 vulnerabilities in the Patch Tuesday update.
Following the discovery of Heartbleed, the OpenSSL Project has created a new security policy and patched a total of 16 vulnerabilities in the open source library.
Adobe announced on Monday that the Adobe Reader and Acrobat security updates that should have been released Sept. 9, have been delayed until next week due to some problems that need to be addressed.
A phishing campaign targeting Apple IDs was spotted last week on the heels of news that Apple iCloud accounts belonging to several celebrities had been compromised.
Two well known independent antivirus testing labs have published the results of tests performed on security products designed for devices running Mac OS X operating systems.
Microsoft is planning to release four security bulletins next week for Patch Tuesday
The popular Slider Revolution WordPress plugin that enables users to easily create responsive sliders is plagued by a security hole that has been actively exploited by cybercriminals.
The CERT Coordination Center at Carnegie Mellon University (CERT/CC) has published a list of popular Android applications that fail to properly validate SSL certificates, exposing users to man-in-the-middle (MitM) attacks.
In an effort to thank researchers who responsibly disclose security vulnerabilities, Twitter has introduced a bug bounty program powered by the HackerOne platform.
The third edition of Mobile Pwn2Own will take place on November 12-13 alongside the PacSec Applied Security Conference in Tokyo with a prize pool of $425,000.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Mark Hatton's picture
Here are five things I recommend security pros keep in mind when navigating the line between tight security and keeping the organization running at peak proficiency.
Chris Hinkley's picture
Whether you’re buying a smart refrigerator for your home or a printer for your company, your first step is deciding the risk involved and how to deploy the device in a secure manner while preserving the functionality you require.
Mark Hatton's picture
Predictive security narrows the scope considerably and helps IT and security pros zero-in on the most likely vulnerabilities and areas most-at-risk due to the sensitive nature of the data they hold.
Chris Hinkley's picture
Vulnerabilities are a fact of life. Independent testing may be illegal without express permission, but that doesn’t stop code pillagers from sniffing out vulnerabilities and weaknesses in your web applications.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Torsten George's picture
Without putting vulnerabilities into the context of the risk associated with them, organizations often misalign their remediation resources.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Mark Hatton's picture
The best way to anticipate a move by an adversary is to put yourself in their position and ask, what would I do in the same situation? Studying the ways in which you would attack a given situation provides a strategic advantage when planning your defense.
Ryan Naraine's picture
In this podcast, Richard Boscovich, assistant general counsel in the Microsoft Digital Crimes Unit, talks about the new Microsoft Cybercrime Center and the ongoing battle to stop the proliferation of botnets around the world.