Security Experts:

Virus & Threats
long dotted


A patch released last week by the OpenSSL Project for a low severity issue led to a critical vulnerability that could allow code execution [Read More]
Microsoft removes the Windows Journal component from its operating systems following the discovery of many vulnerabilities [Read More]
Drupal 8.1.10 and 8.2.0-rc2 patch several vulnerabilities, including restriction bypass and XSS issues [Read More]
Mozilla has patched over a dozen critical and high severity vulnerabilities with the release of Firefox 49, including a recently disclosed certificate pinning issue [Read More]
Apple on Tuesday released the final version of macOS Sierra 10.12 as a free update and announced that no less than 65 security vulnerabilities were addressed in this operating system version. [Read More]
A vulnerability in Facebook’s Business Manager could have been exploited to hijack pages. The researcher who reported the flaw earned $16,000 [Read More]
Chinese researchers from Tencent’s Keen Security Lab remotely hack unmodified Tesla Model S both parked and while on the move [Read More]
The US homeland security chief said authorities have confidence in the integrity of electoral systems despite growing cybersecurity threats. [Read More]
Vulnerabilities found by researchers in the Android version of the secure messaging app Signal allow hackers to remotely crash the app and modify attachments [Read More]
Sophos' new Intercept X is designed to bring new technology to solving the last three of the Nasty Nine elements: crypto ransomware, exploits and clean and respond; and it does so with zero reliance on malware signatures. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
When will automakers speak up about the measures they have taken to test the software embedded in their vehicles?
Dan Cornell's picture
Security teams and DevOps teams aren’t always on the same page and the lack of communication often results in misaligned priorities that significantly inhibit productivity.
Erin O’Malley's picture
Conventional email security solutions may defend against spam, viruses, and malware, but they don’t defend against ignorance or egregious stupidity.
Jim Ivers's picture
Organizations should understand the risks and returns of open source and either start putting policies in place or getting serious about enforcing existing policies.
Torsten George's picture
Relying solely on existing intelligence provided by vulnerability scanners should only be a first step in a cyber risk management process.
Wade Williamson's picture
It turned out to be a tricky month for security admins to take that long-awaited summer vacation because July was one of the busiest months in recent memory in terms of vulnerabilities.
Jim Ivers's picture
If a car’s systems can be hacked to disable critical systems, then attacks can also be used to extract information. Similar to IoT, if data is being collected, data can be exfiltrated.
Torsten George's picture
Vulnerability assessments are often confused with penetration tests. In fact, the two terms are often used interchangeably, but they are worlds apart.
Jim Ivers's picture
IoT promises a lot of convenience, but there is a price to be paid if you don’t involve the best connected device ever created—your brain.
Torsten George's picture
Google Dorking can be used to identify vulnerable systems and trace them to a specific place on the Internet.