Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Drupal 8.1.10 and 8.2.0-rc2 patch several vulnerabilities, including restriction bypass and XSS issues [Read More]
Mozilla has patched over a dozen critical and high severity vulnerabilities with the release of Firefox 49, including a recently disclosed certificate pinning issue [Read More]
Apple on Tuesday released the final version of macOS Sierra 10.12 as a free update and announced that no less than 65 security vulnerabilities were addressed in this operating system version. [Read More]
A vulnerability in Facebook’s Business Manager could have been exploited to hijack pages. The researcher who reported the flaw earned $16,000 [Read More]
Chinese researchers from Tencent’s Keen Security Lab remotely hack unmodified Tesla Model S both parked and while on the move [Read More]
The US homeland security chief said authorities have confidence in the integrity of electoral systems despite growing cybersecurity threats. [Read More]
Vulnerabilities found by researchers in the Android version of the secure messaging app Signal allow hackers to remotely crash the app and modify attachments [Read More]
Sophos' new Intercept X is designed to bring new technology to solving the last three of the Nasty Nine elements: crypto ransomware, exploits and clean and respond; and it does so with zero reliance on malware signatures. [Read More]
Attackers have been attempting to exploit a critical vulnerability in the RESTWS Drupal module. The issue was patched in July [Read More]
An Internet Explorer/Edge zero-day vulnerability patched by Microsoft this week has been used in malvertising attacks since 2014 [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Emily Ratliff's picture
Wendy Nather coined the term “security poverty line” to describe how organizations operate when they have insufficient investment in IT security.
Jim Ivers's picture
Software that protects the crown jewels of the organization and reduces risk translates to “valuable.”
Jim Ivers's picture
Developers are not trained in security and security is not yet an adequately integrated component of the development process. We are not applying good, or even minimal, security practices.
Emily Ratliff's picture
Writing yet another “security” paper isn’t going to do the trick. Security practitioners need to do a better job of getting our messages integrated into core developer documentation.
Simon Crosby's picture
Next-gen Anti-Virus can’t help any more than traditional AV, but the principle of least privilege, enforced through virtualization based security, can stop the breach before it starts.
Jim Ivers's picture
The Internet of Things (IoT) will result in billions of connected devices coming on line in the next ten years, and the associated software will be built by industries that traditionally have not emphasized software security.
Emily Ratliff's picture
When you run an application, how can you verify that what you are running was actually built from the code that a trusted developer wrote?