Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

BlackBerry patched an authentication bypass vulnerability affecting its smartphones as well as an information disclosure issue impacting BlackBerry Enterprise Server this week.
Google has updated Gmail spam filters to block out emails coming from addresses using suspicious combinations of Latin and non-Latin characters, the company said on Tuesday.
Adobe released security updates for Adobe Flash Player, Adobe Reader and Adobe Acrobat to address several critical vulnerabilities, including one (CVE-2014-0546) that has been exploited in the wild.
Microsoft patched 37 vulnerabilities today as part of its Patch Tuesday release.
Microsoft has announced its intention to stop supporting older versions of the Internet Explorer Web browser starting with January 12, 2016.
FinSpy Mobile surveillance software does not work on iOS unless the phone has been jailbroken, according to a leaked document apparently belonging to Gamma Group International.
In an attempt to prove how simply passwords could be cracked, the firm took a sample of 626,718 hashed passwords collected during thousands of network penetration tests and cracked more than half the passwords within the first few minutes.
Google is counting HTTPS use in its search engine rankings, and wants to promote HTTPS use around the Web.
In an open letter to Automotive industry CEOs, a group of security researchers called upon automobile manufacturers to build cyber-security safeguards inside the software systems powering various features in modern cars.
A critical, remotely exploitable vulnerability has been found in the popular Custom Contact Forms WordPress plugin that allows users to easily customize every aspect of the contact forms they embed into their websites.

FEATURES, INSIGHTS // Virus & Threats

rss icon

Mark Hatton's picture
Here are five things I recommend security pros keep in mind when navigating the line between tight security and keeping the organization running at peak proficiency.
Chris Hinkley's picture
Whether you’re buying a smart refrigerator for your home or a printer for your company, your first step is deciding the risk involved and how to deploy the device in a secure manner while preserving the functionality you require.
Mark Hatton's picture
Predictive security narrows the scope considerably and helps IT and security pros zero-in on the most likely vulnerabilities and areas most-at-risk due to the sensitive nature of the data they hold.
Chris Hinkley's picture
Vulnerabilities are a fact of life. Independent testing may be illegal without express permission, but that doesn’t stop code pillagers from sniffing out vulnerabilities and weaknesses in your web applications.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Torsten George's picture
Without putting vulnerabilities into the context of the risk associated with them, organizations often misalign their remediation resources.
Mark Hatton's picture
Complacency is never a good thing, but in security it can have devastating effects. While it’s good to acknowledge progress, that should never stand in the way of staying ahead of the next potential threat.
Aviv Raff's picture
Just as offices need to detect break-ins to keep criminals from committing industrial espionage, enterprises need to put more focus on detecting APTs and other advanced threats to keep adversaries from their network.
Mark Hatton's picture
The best way to anticipate a move by an adversary is to put yourself in their position and ask, what would I do in the same situation? Studying the ways in which you would attack a given situation provides a strategic advantage when planning your defense.
Ryan Naraine's picture
In this podcast, Richard Boscovich, assistant general counsel in the Microsoft Digital Crimes Unit, talks about the new Microsoft Cybercrime Center and the ongoing battle to stop the proliferation of botnets around the world.