Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Researchers have uncovered a targeted attack against political rights activists in China in which a malicious Word document exploits a vulnerability in Microsoft Office to take control of the victim computer.
The ISO/IEC 27034-1 offers a "common validation language" for security development practices and offers organizations a clear and simple outline for adopting a security development framework.
All totaled, Microsoft patched 33 security vulnerabilities across a number of products, including Internet Explorer.
Non-profit organization SAFECode unveiled a series of new training modules to help enterprises train software developers in-house to write secure code.
The two card payment processors compromised by a cyber gang in a massive fraud scheme have been identified.
Microsoft warned Facebook users about a malicious extension targeting Google Chrome or Mozilla Firefox users that can make posts, 'Like' pages and take other actions on infected systems.
Carsten Eiram, Chief Research Officer for Risk Based Security, recently published three advisories that disclose vulnerabilities in products offered by Rockwell Automation and Schneider Electric.
As a SecurityWeek reader, we are pleased to offer you the following complimentary IT security resources for the week of May 13, 2013.
Microsoft is set to fix 34 security vulnerabilities in this month's Patch Tuesday.
The tool, which goes for as little as $10, has built-in SQL injection options as well as the ability to add custom exploits, a researcher said.
- 1 of 75
- ››
FEATURES, INSIGHTS // Virus & Threats
We can assume Bitcoin will be followed by Bitcoin 2.0 that will solve Bitcoin 1.0 problems while maintaining the parts that were crucial to its success. But what exactly are these crucial elements?
The “if it works don’t touch it” mentality continues to thwart many aspects of cyber security — including information sharing. It’s also why the trust required to implement a successful Information Sharing scheme is also unlikely to blossom overnight.
In this podcast, Cylance Technical Directors Billy Rios and Terry McCorkle discuss the state of security in the ICS/SCADA world, the need for secure coding practices and whether the industry will have to rely on third-party security software.
The challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to controlling them. Organizations need to weigh the risk of a technology against the reward for the enterprise.
Ryan Naraine talks to Christopher Soghoian about the latest iMessage encryption brouhaha, the indifference of the telephone companies towards security and the controversial practice of buying and selling software exploits.
Immunity Inc. CEO and veteran hacker Dave Aitel talks about his early days in the security space, his argument against security awareness training, why Chris Soghoian is wrong on the exploit sale controversy and his own Brazilian Jiu-Jitsu game tactics.
In this podcast, CanSecWest founder Dragos Ruiu explains why Pwn2Own was created and shares his thoughts on the evolution of hacking and exploit writing.
Was the Mayan Apocalypse was a myth? Since I am a security geek, I just happen to talk about security a lot. What are some security myths I have heard in my conversations with some very bright people?
Virtualized end-user systems and public cloud computing will play a role in nearly every business over the next decade, but applying the disposable philosophy universally in an enterprise environment is beyond risky, when you consider how attacks have changed.
In this debut episode the Security Conversations Podcast, Ryan talks to David Lenoe, Adobe's Product Security Incident Response Team (PSIRT) group manager, about the frustrations of responding to the "partial disclosure" of security vulnerabilities.
- 1 of 10
- ››
Subscribe to SecurityWeek
- Arbor Networks Goes Inside Development of BlackRev DDoS Malware
- Blue Coat To Acquire Solera Networks, Unveils New Business Strategy
- Fixmo Unveils New Enterprise Mobility Management Suite
- Fortinet Unveils New Web App Firewall OS, Appliances
- Most Small to Medium Enterprises Clueless on Common Mobile Threats: Survey
- Cloud Security Concerns Stall Projects, Survey Finds
- The Human Side of Security
- AVG Acquires Online Privacy Firm PrivacyChoice
- When it Comes to Your Infrastructure, Security is More than Skin Deep
- GSA Looks for Feedback on Improving Cybersecurity and Resilience
Copyright © 2013 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use