Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

SAP Releases 5 Security Notes on December 2019 Patch Day
Plundervolt Attack Uses Voltage to Steal Data From Intel Chips
Plundervolt Attack Uses Voltage to Steal Data From Intel Chips
Apple Patches Over 50 Vulnerabilities in macOS Catalina
Chrome 79 Patches Critical Vulnerabilities
long dotted

More Security Headlines

Cyber Risk Management Firm CyberGRX Raises $40 Million
Third-party cyber risk management company CyberGRX raises $40 million in a Series D funding round, which brings the total raised by the company to $100 million. [Read More]
Vulnerability Allows Hackers to Unlock Smart Home Door Locks
An attacker could exploit a vulnerability in the KeyWe Smart Lock by intercepting legitimate communications to steal the key and unlock doors at any point remotely. [Read More]
Adobe Patches Critical Flaws in Acrobat, Brackets, Photoshop
Adobe’s Patch Tuesday updates for December 2019 fix vulnerabilities in the company’s Acrobat and Reader, Brackets, Photoshop, and ColdFusion products. [Read More]
Microsoft Patches Windows Zero-Day Exploited in Korea-Linked Attacks
Microsoft’s December 2019 Patch Tuesday updates fix 36 vulnerabilities, including a Windows zero-day that has been exploited in Korea-linked attacks alongside a Chrome zero-day. [Read More]
Mississippi City Works to Resolve Thanksgiving Cyber Attack
Officials in Pascagoula, Mississippi have confirmed the local government fell victim to a ransomware attack on Thanksgiving. [Read More]
Facebook Firm on Message Encryption Despite Pressure
Facebook said it plans to move ahead with strong encryption for all its messaging applications, claiming that allowing law enforcement special access would end up being "a gift to criminals, hackers and repressive regimes." [Read More]
Ryuk Ransomware Damages Large Files Following Update
A recent update to the Ryuk ransomware has resulted in damage being made to large files the malware has encrypted, Emsisoft’s security researchers warn. [Read More]
Thousands of iPR Software Users Exposed on Amazon S3 Bucket
A publicly accessible Amazon S3 storage bucket originating from iPR Software was found exposing information on thousands of users. [Read More]
Government Withdraws Cash Prize From President's Cup Cybersecurity Competition
The U.S. government has withdrawn the cash prize promised in the President’s Cup Cybersecurity Competition and one participant said the contest was poorly organized. [Read More]
The Case for Cyber Insurance
For Cyber insurance, precise wording and the correct policy for are important, and it is also important that the policy accurately reflects the insured’s security posture. [Read More]

SecurityWeek Experts

rss icon

Gunter Ollmann's picture
How Commercial Bug Hunting Changed the Boutique Security Consultancy Landscape
Gunter Ollmann - Vulnerabilities
With years of bug bounty programs now behind us, it is interesting to see how the information security sector transformed – or didn’t.
Read full story
Marie Hattar's picture
Blunt the Effect of the Two-Edged Sword of Vulnerability Disclosures
Marie Hattar - Vulnerabilities
There are good and bad ways to make vulnerabilities known. A premature “full disclosure” of a previously unknown issue can unleash the forces of evil, and the “black hats” often move faster than vendors or enterprise IT teams.
Read full story
John Maddison's picture
Implementing Cyber Best Practices Requires a Security-First Approach
John Maddison - Security Infrastructure
To build and maintain a secure cyber presence, the best defense is to start with a security-driven development and networking strategy that builds a hardened digital presence from the ground up.
Read full story
Joshua Goldfarb's picture
Making the Most of a Changing Workforce Environment
Joshua Goldfarb - Identity & Access
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
Read full story
Torsten George's picture
Cloud(y) with a Chance of a Data Breach
Torsten George - Cloud Security
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
Read full story
Craig Harber's picture
When it Comes to Securing Your Environment, Think Like an Attacker
Craig Harber - Network Security
Cybersecurity teams need actionable insight into the latest techniques, tactics and procedures being used by attackers and a continuous understanding of their environment and anomalous behavior.
Read full story
Marc Solomon's picture
Random Acts of Security...or Not?
Marc Solomon - Security Infrastructure
Having a platform that serves as a central repository allows you to aggregate internal threat and event data with external threat feeds and normalize that data so that it is in a usable format.
Read full story
Preston Hogue's picture
Build Your Immunity Across All App-Security Insertion Points
Preston Hogue - Application Security
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Read full story
Josh Lefkowitz's picture
Don't Overlook the Importance of Feedback in an Intelligence Operation
Josh Lefkowitz - Risk Management
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Read full story
Laurence Pitt's picture
Making the Network the First Line of Defense
Laurence Pitt - Network Security
The best way to stay ahead of threats while enabling business agility to keep up with the latest technology advances is to look to the network as the first line of defense.
Read full story