Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Synopsys has completed its acquisition of Black Duck Software, a privately held company that offers automated solutions for securing and managing open source software. [Read More]
Menlo Security, a provider of malware isolation technology, has raised $40 million in a Series C funding round, bringing the total amount raised by the company to $85 million. [Read More]
Users can now check if systems have been targeted with an NSA hacking tool designed to remove traces of an attack, and even recover deleted logs [Read More]
macOS-targeting HiddenLotus backdoor is using an innovative technique to disguise the fact that it is an executable in order to avoid alerting users on its execution. [Read More]
A vulnerability in the Android (CVE-2017-13156) mobile OS could result in tampering with applications’ code without altering their signature. [Read More]
After getting complaints from developers, Google is evaluating whether it should continue allowing innovative use of accessibility services by Android apps [Read More]
Microsoft used the same certificate for all instances of its Dynamics 365 ERP product and it took more than 100 days to take action, but the company claims the issue posed little risk [Read More]
Synaptics touchpad driver present on hundreds of HP laptops includes keylogging functionality. Patches available for a majority of affected devices [Read More]
Microsoft has released an update for the Microsoft Malware Protection Engine (MPE) to address a critical severity remote code execution (RCE) vulnerability that could allow an attacker to take control over a vulnerable system. [Read More]
Rockwell Automation patches high severity DoS vulnerability in FactoryTalk Alarms and Events (FTAE) product [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jack Danahy's picture
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Torsten George's picture
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Jalal Bouhdada's picture
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Markus Jakobsson's picture
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Scott Simkin's picture
Just as there should be consistency across network, endpoint and cloud security, there should be the same consistency in identification, prevention, policy and enforcement of that policy for IoT security.
Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security