Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Russia-linked threat group known as APT29 and Cozy Bear used domain fronting to disguise Tor traffic [Read More]
Apple updated iTunes for Windows and Mac to address old vulnerabilities in the Expat and SQLite libraries [Read More]
A hacker gained access to the names, dates of birth and SSNs of job seekers in 10 U.S. states after breaching the systems of America’s JobLink (AJL) [Read More]
Windows zero-day patched this month by Microsoft exploited since last summer by Neutrino EK and AdGholas malvertising campaign [Read More]
The server hosting Android Forums was hacked and the website’s database was accessed. Only 2.5% of active users affected [Read More]
Apple’s initial analysis shows that the iPhone and Mac exploits disclosed by WikiLeaks have already been patched, and the company told WikiLeaks to submit vulnerabilities through the normal process [Read More]
WikiLeaks releases documents describing Apple device hacking tools used by the CIA. Most require physical access to the targeted device [Read More]
A remote code execution (RCE) vulnerability in SAP GUI exposes unpatched systems to malware attacks such as ransomware, ERPScan security researchers warn. [Read More]
Cisco patches critical remote code execution vulnerability found by the company in its industrial routers [Read More]
Cisco finds serious code execution vulnerability in LabVIEW system design software from National Instruments [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Adam Meyer's picture
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.
Dan Cornell's picture
Gaining an understanding of the tools that development teams use provides security teams with valuable insight into how developers work, how they make decisions, and the incentives that drive them.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Jim Ivers's picture
Enabling developers through the right mix of tools and education just makes too much sense and generates too much value for all concerned.
Adam Meyer's picture
Cyber threat intelligence is showing us is that most threats simply exploit a series of well-documented vulnerabilities and other weak points to move along the path of least resistance – and the most profit.
Josh Lefkowitz's picture
Not adhering to responsible disclosure has the potential to amplify the threats posed by certain vulnerabilities and incidents.
Jim Ivers's picture
Many of you understand that addressing the vulnerabilities in your software is something you can no longer ignore, and are ready to get serious about software security.
Jim Ivers's picture
If your target is a connected toy, there is a new angle to consider: how secure is that toy? Is the connectivity of the toy potentially exposing personal data about your child?
David Holmes's picture
Many can figure out how to hack Smart-city services using simple techniques like replay to get free services or, in some cases, make a little bit of money.
Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.