Security Experts:

Virus & Threats
long dotted


More than half of Alexa top 500 domains can be spoofed because their owners failed to properly configure email authentication [Read More]
Dubbed Containers, a few feature in Firefox is meant to allow people use different browser tabs for different contexts, including work, banking, shopping, or personal. [Read More]
Adobe patches Flash Player zero-day vulnerability exploited by the APT group ScarCruft in attacks aimed at high-profile targets [Read More]
Business email compromise (BEC) scams have resulted in losses of $3.1 billion from 22,000 victims as of May 2016. [Read More]
Security updates for Drupal 7 and 8 patch privilege escalation and access bypass vulnerabilities [Read More]
Sofacy, also known as APT28 and Pawn Storm, has been observed sending a spear phishing email to a US government organization [Read More]
A vulnerability in Verizon’s webmail service could have been exploited by hackers to silently forward emails [Read More]
A Chinese state-sponsored cyber espionage group has been observed targeting Myanmar and other countries for economic gain [Read More]
A relatively new APT group dubbed “ScarCruft” has been using a Flash Player zero-day to attack high profile targets [Read More]
Microsoft releases 16 security bulletins to address vulnerabilities in Windows, IE, Edge, Office and Exchange Server [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

David Holmes's picture
A determined attacker could almost certainly find another, easier (non-SSL) vulnerability much faster and cheaper than by using DROWN.
Jim Ivers's picture
Aside from tools, there are many types of application security testing that can be used to find vulnerabilities in software. An organization must consider multiple software security testing methods to really manage its risk.
Torsten George's picture
The benefits of automatic patching far exceed the risks, but with differing risk perceptions and tolerance levels, the decision must be made by each organization.
Jim Ivers's picture
What is missing from the conversation is how large a role software plays in the IoT equation. Plugging something into the Internet does not make it work -- it just makes it vulnerable.
Mike Lennon's picture
For the past several years, enterprise security leaders have been challenged with the task of locking down endpoints with traditional security solutions that are proving to be ineffective against todays threats.
Simon Crosby's picture
Attackers return again and again to vulnerable components like Flash because they can keep tapping into perennial vulnerabilities.
Jim Ivers's picture
Experienced organizations learn that security is not a drag on performance, but can provide productivity gains by eliminating security vulnerabilities early in the development process.
Simon Crosby's picture
While flexibility offers countless benefits for corporations and their employees, this new emphasis on mobility has also introduced a new set of risks, and this in turn re-ignites a focus on endpoint security.
Jim Ivers's picture
Hackers are creative by nature, so you have to use your imagination to think like one. Once you can see your organization from a hacker’s point-of-view, you will be equipped to defend your organization like a security pro.
Scott Gainey's picture
To replace antivirus, consider alternatives that integrate prediction, prevention, detection and remediation to protect against advanced threats that employ a wide variety of attack vectors.