Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Trend Micro's Zero Day Initiative (ZDI) paid out nearly $2 million in 2016 for vulnerabilities [Read More]
The group calling itself “Shadow Brokers” is offering Windows exploits and anti-virus bypass tools for sale in a new underground marketplace. [Read More]
Developers of the Ansible automation platform release updates to patch a vulnerability that allows arbitrary command execution on the controller [Read More]
Proof-of-concept (PoC) code for one DoS vulnerability in Windows leads to the discovery of a different but similar flaw [Read More]
D-Link has hired government accountability organization Cause of Action Institute to defend it against “baseless” FTC charges [Read More]
Microsoft has patched vulnerabilities in Windows, Office and Edge, but only released four security bulletins [Read More]
Adobe patches a total of 42 vulnerabilities in its Acrobat, Reader and Flash Player products [Read More]
St. Jude Medical has patched some of the vulnerabilities found by MedSec, but the vendor insists the risk of cyberattacks is extremely low [Read More]
A second variant of the Shamoon 2 malware targets virtualization products, likely in an effort to make recovery more difficult and increase the impact of the attack [Read More]
Exploits for a couple of Microsoft Edge vulnerabilities patched in November 2016 have been added to the Sundown exploit kit [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
I know I no longer have much trust in the connected devices in my home, and wonder what they do with their spare time.
Travis Greene's picture
A reliance on Internet voting with current technology will lead to the disenfranchisement of voters and manipulation by foreign or domestic attackers.
Jim Ivers's picture
Mature organizations should adopt a blended approach that employs testing tools at various stages in the development life cycle.
Scott Simkin's picture
While exploit kits are certainly contributing to the steady rise in the number of cyberattacks, in the end, the methods they use to infect endpoints and networks can be stopped provided the proper steps are taken.
David Holmes's picture
SWEET32 is probably not something that an enterprise administrator needs to lose sleep over. Very likely, we will never see a SWEET32 attack in the wild, just as we never have for POODLE or BEAST.
Jim Ivers's picture
When will automakers speak up about the measures they have taken to test the software embedded in their vehicles?
Dan Cornell's picture
Security teams and DevOps teams aren’t always on the same page and the lack of communication often results in misaligned priorities that significantly inhibit productivity.
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Jim Ivers's picture
Organizations should understand the risks and returns of open source and either start putting policies in place or getting serious about enforcing existing policies.
Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.