Security Experts:

More Security Headlines

All organizations – especially critical infrastructure entities – are encouraged to improve their security stance to prevent potentially impactful cyberattacks. [Read More]
The access token for a Google Cloud project could be leaked, thus allowing users to elevate privileges in other internal projects. [Read More]
Assurance and risk management firm DNV is acquiring industrial cybersecurity company Applied Risk in an effort to create an industrial cybersecurity powerhouse. [Read More]
Japan and Vietnam on signed a cybersecurity agreement as the two Asian nations rapidly step up their military ties amid concerns over China’s growing assertiveness. [Read More]
Apple has filed a lawsuit seeking to hold NSO Group accountable for hacking into Apple’s iOS mobile platform with so-called zero-click exploits to spy on researchers, journalists, activists, dissidents, academics, and government officials. [Read More]
Proof-of-concept (PoC) exploit code has been published for recently patched vulnerability in Microsoft Exchange Server. [Read More]
A vulnerability in the Imunify360 security suite for web servers can be exploited for remote code execution using specially crafted files. [Read More]
The company announced a $5 million funding round that will help it expand customer acquisition, marketing, product, and research and development operations. [Read More]
New Tardigrade variant of Smoke Loader was detected within the networks of two biomanufacturing facilities roughly half a year apart. [Read More]
Germany-based retail giant Schwarz Group has acquired Israel-based security posture management company XM Cyber for $700 million. [Read More]

SecurityWeek Experts

rss icon

Yaniv Vardi's picture
If you’re a CISO or security leader, here are three questions to ask yourself as you consider this legislation and look to improve the security posture of your OT environment.
Laurence Pitt's picture
With tight resources for managing healthcare, the IT challenge to keep track of vast amounts of data being created, accessed and modified is critical.
Marie Hattar's picture
In order to deliver on the promise of 5G, we need new industry standards for security, testing, and training to proactively combat 5G cyber threats and minimize risks.
Marc Solomon's picture
Security Operations Centers do not need another acronym. What they need are capabilities that enable them to address their top use cases faster and more thoroughly in the face of evolving attacks.
Gordon Lawson's picture
For red teams, using an obfuscated network for testing offers the advantage of hiding who is performing the attack and where it is originating, for a more real-life context
Tim Bandos's picture
There’s no doubt that there are a lot of things on your CISO’s mind. Whether they have an active role at board meetings or not, chances are these are some of the most pressing items they’d like to discuss with you.
Jeff Orloff's picture
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
John Maddison's picture
Recent changes have resulted in a proliferation of devices and users working from anywhere, which has expanded the digital attack surface and exposed more applications, devices, data, and users to risk.
Keith Ibarguen's picture
One of the best approaches to identifying both the value you are bringing to a customer and opportunities to increase that value is by going on the change-journey with your customers.
Torsten George's picture
Before the next Cybersecurity Awareness Month comes along, companies across all industries should consider moving to a Zero Trust approach, powered by additional security measures such as MFA and endpoint resilience.