Security Experts:

More Security Headlines

A high-severity security hole could allow an attacker to upload a file titled info.php.png that would be executable on certain configurations. [Read More]
Microsoft has shared more information on how users can protect Windows domain controllers and other servers against PetitPotam attacks. [Read More]
Diana Lebeau of Cranston, Rhode Island, admitted in court to attempting to trick candidates for political office into revealing their account credentials. [Read More]
Operating systems have been restored at South Africa's state-owned logistics firm, the company said Thursday following a cyber-attack last week that hit the country's key port terminals. [Read More]
The two individuals are believed to have stolen more than $270,000 from dozens of ATMs. [Read More]
Guardicore Labs provides full details on CVE-2021-28476, a critical vulnerability in Hyper-V’s virtual network switch driver. [Read More]
Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks. [Read More]
BlackCloak, a company that provides cyber protection services for corporate executives and high-profile individuals, has raised $11 million in a Series A funding round. [Read More]
Classified files apparently leaked from an Iranian cyber unit show that the country is looking to improve its offensive cyber capabilities, including against ICS. [Read More]
At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones. [Read More]

SecurityWeek Experts

rss icon

Yaniv Vardi's picture
Wherever you are on your industrial cybersecurity journey, the important thing is to start strengthening cyber defenses and resilience now.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Tim Bandos's picture
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
Gordon Lawson's picture
ICS operators need additional methods of obscuring their critical infrastructure from cyber security threats and tactics while allowing teams to more anonymously conduct incident detection and response.
John Maddison's picture
Trying to keep track of the who, what, when, where, and how of today’s network has broken the backs of many SecOps teams.
Torsten George's picture
Until organizations start implementing identity-centric security measures, account compromise attacks will continue to provide an easy entree for data breaches.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Marc Solomon's picture
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Landon Winkelvoss's picture
Executive protection teams face threats from many sources including social media, telephone, email, and event in-person physical threats.