Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

Apple Scraps CSAM Detection Tool for iCloud Photos
Vulnerabilities Allow Researcher to Turn Security Products Into Wipers
WAFs of Several Major Vendors Bypassed With Generic Attack Method
Iranian Hackers Deliver New 'Fantasy' Wiper to Diamond Industry via Supply Chain Attack
Lighting Giant Acuity Brands Discloses Two Data Breaches
long dotted

More Security Headlines

TikTok Hit by US Lawsuits Over Child Safety, Security Fears
TikTok hit with a pair of lawsuits from the US state of Indiana, which accused it of making false claims about the Chinese-owned app's safety for children. [Read More]
CloudSEK Blames Hack on Another Cybersecurity Company
CloudSEK claims a cybersecurity firm is behind a data breach resulting from the compromise of an employee’s Jira account. [Read More]
Pwn2Own Toronto 2022, Day 2: Smart Speaker Exploits Earn Big Chunk of $280,000 Total
On the second day of Pwn2Own Toronto 2022, participants earned more than $280,000 for smart speaker, printer, router, smartphone and NAS exploits. [Read More]
Apple Adding End-to-End Encryption to iCloud Backup
Apple added end-to-end encryption tools for iCloud backups and a feature to help users verify identities in the Messages app. [Read More]
Google Documents IE Browser Zero-Day Exploited by North Korean Hackers
Google's Threat Analysis Group publicly documents an Internet Explorer zero-day vulnerability exploited in attacks by a North Korean hacking group called APT37. [Read More]
Cyberattack on Top Indian Hospital Highlights Security Risk
The All India Institute of Medical Sciences (AIIMS) hospital limped back to normality after a cyberattack crippled its operations for nearly two weeks. [Read More]
Big Tech Vendors Object to US Gov SBOM Mandate
A lobbying outfit representing big tech is calling on the Office of Management and Budget (OMB) to "discourage agencies" from requiring SBOMs, arguing that “it is premature and of limited utility.” [Read More]
Investors Pour $200 Million Into Compliance Automation Startup Drata
San Diego startup Drata continues to attract major venture capital investor interest, banking $200 million in Series C funding that values the company north of $2 billion. [Read More]
Self-Propagating 'Zerobot' Botnet Targeting Spring4Shell, IoT Vulnerabilities
A newly observed Go-based IoT botnet capable of self-replicating and self-propagation has been observed targeting multiple vulnerabilities for initial access. [Read More]
Vaultree Raises $12.8 Million for Data-in-Use Encryption Solution
Vaultree has raised $12.8 million in Series A funding for its data-in-use encryption technology. [Read More]

SecurityWeek Experts

rss icon

Marc Solomon's picture
Removing the Barriers to Security Automation Implementation
Marc Solomon - Incident Response
When implementing security automation, organizations should starting with an open architecture, focusing on getting the right data for analytics and applying automation methodically in smaller chunks.
Read full story
Jeff Orloff's picture
Three Ways to Improve Defense Readiness Using MITRE D3FEND
Jeff Orloff - Network Security
The MITRE D3FEND framework is only as effective as the planning that goes into making sure it is properly aligned with the top threats facing the organization.
Read full story
Derek Manky's picture
Wipers Are Widening: Here's Why That Matters
Derek Manky - Malware
While the number of detections has been lower so far than other types of cyberattacks, the very nature of wipers and how they’re used makes them very dangerous.
Read full story
Joshua Goldfarb's picture
Don't Let Your Career Go the Way of Entertainment 720
Joshua Goldfarb - Management & Strategy
I believe that as security and fraud professionals, we can learn an important career lesson from fictional company Entertainment 720.
Read full story
Gordon Lawson's picture
Digesting CISA's Cross-Sector Cybersecurity Performance Goals
Gordon Lawson - Compliance
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Read full story
Torsten George's picture
Cyber Resilience: The New Strategy to Cope With Increased Threats
Torsten George - Network Security
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Read full story
Galina Antova's picture
Risk Mitigation Strategies to Close the XIoT Security Gap
Galina Antova - ICS/OT
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Read full story
Marc Solomon's picture
Balancing Security Automation and the Human Element
Marc Solomon - Incident Response
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Read full story
Joshua Goldfarb's picture
Bringing Bots and Fraud to the Boardroom
Joshua Goldfarb - Fraud & Identity Theft
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Read full story
Derek Manky's picture
Offense Gets the Glory, but Defense Wins the Game
Derek Manky - Incident Response
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Read full story