Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

Google Sees Drop in Government-Backed Phishing Attempts
Russian Hackers Exploited Windows Flaws in Attacks on European Firms
Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak
GitHub Paid Out Over $1 Million in Bug Bounties
Websites of U.S. Presidential Candidates Pose Security, Privacy Risks
long dotted

More Security Headlines

Unofficial Patches Released for Exploited Windows Font Processing Flaws
0patch has created free patches for actively exploited Windows remote code execution vulnerabilities for which Microsoft has yet to release official fixes. [Read More]
No Patch for VPN Bypass Flaw Discovered in iOS
Proton Technologies, the developer of ProtonMail and ProtonVPN, this week disclosed the existence of an unpatched iOS flaw that causes some VPN traffic to remain unencrypted. [Read More]
Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits
A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take control of devices. [Read More]
AMD Confirms Hacker Stole Information on Graphics Products
A hacker has stolen files related to some AMD GPUs and they plan on making them all public unless they get paid. [Read More]
Humio Raises $20 Million in Series B Funding
Log management platform Humio this week announced that it closed a $20 million Series B funding round, bringing the total investment raised to date to $32 million. [Read More]
Credit Card Skimmer Found on Tupperware Website
The official website of kitchen products maker Tupperware was hacked and the attackers planted malicious code designed to steal visitors’ payment card information. [Read More]
Apple Enables Full Third-Party Cookie Blocking in Safari
Apple this week announced that third-party cookies are now blocked by default in Safari on macOS, iOS and iPadOS. [Read More]
Remote Code Execution Vulnerability Patched in OpenWrt
A vulnerability that OpenWrt addressed in its opkg fork could have been exploited for the remote execution of arbitrary code. [Read More]
Insurance Giant Munich Re Invests in Rogue Device Mitigation Firm Sepio Systems
Rockville, Maryland-based startup Sepio Systems, a rogue device mitigation firm, has raised a further $4 million that supplements the Series A round of $6.5 million announced in November 2019. [Read More]
Most Security Pros Prefer Enterprise Over Industrial Cybersecurity: Survey
A global survey of 1,000 IT security professionals has revealed that over 70% would rather protect corporate networks than industrial organizations. [Read More]

SecurityWeek Experts

rss icon

Galina Antova's picture
How to Address the Surging Need for Secure Remote Access to OT Networks
Galina Antova - SCADA / ICS
As the size of the remote workforce surges, network administrators of operational technology (OT) networks find themselves on the front lines of enablement.
Read full story
Torsten George's picture
The Human Element and Beyond: Why Static Passwords Aren't Enough
Torsten George - Identity & Access
Static passwords lack the ability to verify whether the user accessing data is authentic or just someone who bought a compromised password.
Read full story
Alastair Paterson's picture
There Are Plenty of Phish in the Sea
Alastair Paterson - Phishing
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Read full story
Marc Solomon's picture
Human Intelligence is Pivotal in a Data-Driven World
Marc Solomon - Security Infrastructure
It’s up to humans, guided by instinct, intelligence and experience, to determine the right data, so they can focus on what matters to the organization, make better decisions and take the right actions.
Read full story
Laurence Pitt's picture
Never a Dull Moment - RSA Conference Afterthoughts
Laurence Pitt - Management & Strategy
We’ve seen a shift away from ‘common themes’ across the RSA Conference to real development in plenty of new areas that truly advance cybersecurity.
Read full story
Craig Harber's picture
Scouting the Adversary: Network Sensor Placement Considerations
Craig Harber - Network Security
Many organizations are not aware that their network sensors are improperly or inefficiently deployed because they do not have a full understanding of how to act on the network traffic being collected.
Read full story
Galina Antova's picture
The OT Security Opportunity for CISOs
Galina Antova - SCADA / ICS
Adversaries can enter through IT networks and remain undetected within an OT environment for months or even years, looking for subtle ways to undermine operations and create havoc.
Read full story
Gunter Ollmann's picture
Advancing DevSecOps Into the Future
Gunter Ollmann - Application Security
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
Read full story
John Maddison's picture
The Urgency for Having a True Security Platform
John Maddison - Security Infrastructure
A security platform is much more than just wrapping a collection of security tools together into a single bundle and then adding some sort of a shell script so independent management tools appear to be part of a congruent solution.
Read full story
Joshua Goldfarb's picture
Spotting a Norman: How to Root Out Those Wasting Organizational Resources
Joshua Goldfarb - Management & Strategy
How many times have you met someone full of promises and big on talk, only to be disappointed by what results from your engagement with them.
Read full story