Security Experts:

More Security Headlines

A massive Twitter data breach disclosed a few months ago appears to be bigger than initially reported, possibly with over 100 million accounts impacted. [Read More]
Vulnerabilities in Cisco ISE could lead to the injection of arbitrary commands, security protection bypass, and XSS attacks. [Read More]
Google releases emergency Chrome update to address actively exploited zero-day vulnerability. [Read More]
US authorities announced a ban on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear from Chinese giants Huawei Technologies and ZTE. [Read More]
The European Parliament website was hit by a cyberattack claimed by pro-Russian hackers shortly after lawmakers approved a resolution calling Moscow a "state sponsor of terrorism". [Read More]
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
A cross-tenant vulnerability in AWS abused the AppSync service to provide access to resources within a target organization’s account. [Read More]
Facebook parent Meta says the US military was behind tens of recently removed accounts, pages and groups that were part of an influence operation. [Read More]
Microsoft has warned organizations about the risks associated with Boa, a discontinued web server, after hackers exploited it in attacks aimed at a power grid. [Read More]
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]

SecurityWeek Experts

rss icon

Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Galina Antova's picture
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Joshua Goldfarb's picture
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Jeff Orloff's picture
By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Landon Winkelvoss's picture
How organizations can use managed services to optimize their threat intelligence program during an economic downturn.
Torsten George's picture
Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.