Security Experts:

More Security Headlines

New Linux malware creates a botnet of infected devices to launch distributed denial of service or crypto-mining attacks. [Read More]
Malwarebytes said it was targeted by the state-sponsored threat actor that breached SolarWinds. [Read More]
DNSpooq is the name given to 7 Dnsmasq vulnerabilities that could expose millions of devices to DNS cache poisoning, remote code execution and DoS attacks. [Read More]
FireEye has released an open source tool that checks Microsoft 365 tenants for the use of techniques associated with the SolarWinds hackers. [Read More]
Security researchers see 5,447 devices still connecting to a sinkholed VPNFilter C&C domain on a single day. [Read More]
Defender for Endpoint users who opted into public previews are no longer required to approve remediation for identified threats. [Read More]
The funds will help Rewind continue expanding its backup-as-a-service (BaaS) offering for more business-critical applications. [Read More]
Symantec researchers have uncovered another piece of malware used in the SolarWinds attack, namely Raindrop, which has been used for lateral movement and payload deployment. [Read More]
Swimlane, a provider of security orchestration, automation and response (SOAR) solutions, announced today that it has raised $40 million in funding. [Read More]
The OpenWrt Project said someone breached its forum over the weekend and downloaded user information. [Read More]

SecurityWeek Experts

rss icon

AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Yaniv Vardi's picture
The change we encountered in 2020 was unprecedented and had a dramatic impact on our operational technology (OT) environments – accelerating and sometimes recasting how we address the following four key areas.
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
Joshua Goldfarb's picture
For any fraud detection solution to be practical, it must be easily integrated into security and fraud operations.
Laurence Pitt's picture
In the world of information security, it’s hard to flip between internet browser tabs without hearing a new term, and one of the biggest in 2020 was Secure Access Service Edge (SASE).
Torsten George's picture
While the SolarWinds hack is not the first supply chain attack to make headlines, its sophistication and blast radius is forcing organizations to consider how they can minimize their exposure to these types of threats in the future.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
John Maddison's picture
Multi-vendor environments with disparate security solutions that don’t integrate when deployed make it impossible for organizations to securely use the flexible network environments they need to compete effectively.