Security Experts:

Virus & Threats
long dotted


Lexmark patches critical vulnerability in Markvision Enterprise printer management software [Read More]
A recently patched Windows zero-day vulnerability has been used by an APT actor dubbed FruityArmor for privilege escalation [Read More]
A new IoT worm dubbed Hajime uses BitTorrent protocols to communicate over a P2P network instead of using a centralized server [Read More]
The number of IoT devices ensnared by Mirai botnets has increased considerably following the leak of the malware’s source code [Read More]
Oracle's Critical Patch Update (CPU) for October 2016 brings a total of 253 new security fixes across multiple product families, nearly half of which can be exploited remotely without authentication. [Read More]
Researchers have found a new ASLR bypass method by exploiting a hardware vulnerability [Read More]
A recently conducted security assessment of VeraCrypt has revealed over 25 security vulnerabilities in the popular encryption platform, including a critical cryptography flaw. [Read More]
An exploit for a zero-day vulnerability affecting an ecommerce plugin for WordPress has been added by cybercriminals to their toolkit [Read More]
Many home Internet routers are known to include vulnerabilities, while home users are not known for their ability to behave securely. [Read More]
The Dyre developers that were not arrested by Russian authorities are apparently working on a new banking Trojan dubbed TrickBot [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart.
Jim Ivers's picture
IoT promises a lot of convenience, but there is a price to be paid if you don’t involve the best connected device ever created—your brain.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Emily Ratliff's picture
Wendy Nather coined the term “security poverty line” to describe how organizations operate when they have insufficient investment in IT security.
Jim Ivers's picture
Software that protects the crown jewels of the organization and reduces risk translates to “valuable.”
Jim Ivers's picture
Developers are not trained in security and security is not yet an adequately integrated component of the development process. We are not applying good, or even minimal, security practices.
Emily Ratliff's picture
Writing yet another “security” paper isn’t going to do the trick. Security practitioners need to do a better job of getting our messages integrated into core developer documentation.
Simon Crosby's picture
Next-gen Anti-Virus can’t help any more than traditional AV, but the principle of least privilege, enforced through virtualization based security, can stop the breach before it starts.