Security Experts:

More Security Headlines

Third-party cyber risk management company CyberGRX raises $40 million in a Series D funding round, which brings the total raised by the company to $100 million. [Read More]
An attacker could exploit a vulnerability in the KeyWe Smart Lock by intercepting legitimate communications to steal the key and unlock doors at any point remotely. [Read More]
Adobe’s Patch Tuesday updates for December 2019 fix vulnerabilities in the company’s Acrobat and Reader, Brackets, Photoshop, and ColdFusion products. [Read More]
Microsoft’s December 2019 Patch Tuesday updates fix 36 vulnerabilities, including a Windows zero-day that has been exploited in Korea-linked attacks alongside a Chrome zero-day. [Read More]
Officials in Pascagoula, Mississippi have confirmed the local government fell victim to a ransomware attack on Thanksgiving. [Read More]
Facebook said it plans to move ahead with strong encryption for all its messaging applications, claiming that allowing law enforcement special access would end up being "a gift to criminals, hackers and repressive regimes." [Read More]
A recent update to the Ryuk ransomware has resulted in damage being made to large files the malware has encrypted, Emsisoft’s security researchers warn. [Read More]
A publicly accessible Amazon S3 storage bucket originating from iPR Software was found exposing information on thousands of users. [Read More]
The U.S. government has withdrawn the cash prize promised in the President’s Cup Cybersecurity Competition and one participant said the contest was poorly organized. [Read More]
For Cyber insurance, precise wording and the correct policy for are important, and it is also important that the policy accurately reflects the insured’s security posture. [Read More]

SecurityWeek Experts

rss icon

Gunter Ollmann's picture
With years of bug bounty programs now behind us, it is interesting to see how the information security sector transformed – or didn’t.
Marie Hattar's picture
There are good and bad ways to make vulnerabilities known. A premature “full disclosure” of a previously unknown issue can unleash the forces of evil, and the “black hats” often move faster than vendors or enterprise IT teams.
John Maddison's picture
To build and maintain a secure cyber presence, the best defense is to start with a security-driven development and networking strategy that builds a hardened digital presence from the ground up.
Joshua Goldfarb's picture
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
Torsten George's picture
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
Craig Harber's picture
Cybersecurity teams need actionable insight into the latest techniques, tactics and procedures being used by attackers and a continuous understanding of their environment and anomalous behavior.
Marc Solomon's picture
Having a platform that serves as a central repository allows you to aggregate internal threat and event data with external threat feeds and normalize that data so that it is in a usable format.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Josh Lefkowitz's picture
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.
Laurence Pitt's picture
The best way to stay ahead of threats while enabling business agility to keep up with the latest technology advances is to look to the network as the first line of defense.