Security Experts:

More Security Headlines

Facebook has patched a vulnerability in WhatsApp Desktop that could allow an attacker to launch cross-site scripting (XSS) attacks and access files from the victim’s system when paired with WhatsApp for iPhone. [Read More]
Researchers have demonstrated an ability to compromise an IoT smart bulb, and then use malware from the internet-connected bulb to infiltrate the rest of a network. [Read More]
US officials and cyber experts warned Tuesday that the voting debacle in the Democratic caucuses in Iowa underscored the vulnerabilities in the country's election infrastructure in everything from hacking to trust-eroding conspiracy theories. [Read More]
A prosecutor told a jury at the opening of an espionage trial Tuesday that an angry CIA employee got his vengeance by committing the agency’s biggest leak of classified information ever, but a defense lawyer said her client was innocent. [Read More]
A new Maryland bill would ask the state’s Department of Information Technology to develop a baseline plan for localities within the state to help battle cyber attacks. [Read More]
A patch has been released for a Sudo vulnerability that can be exploited by an unprivileged attacker to escalate permissions to root. [Read More]
Irish regulators have launched separate inquiries into Google and dating app Tinder over how they process user data, in a new round of regulatory scrutiny aimed at tech companies. [Read More]
Google this week released the February 2020 set of security updates for the Android operating system, which address a total of 25 vulnerabilities, including 2 rated critical severity. [Read More]
Twitter unveiled a plan to curb the spread of manipulated content including "deepfake" videos as part of a move to fight misinformation which could result in violence or other harm. [Read More]
Dropbox says it has awarded researchers over $1 million for vulnerabilities reported through its bug bounty program. [Read More]

SecurityWeek Experts

rss icon

Joshua Goldfarb's picture
Gap analysis can serve as a wonderful driver for improving security metrics if the security team understands how to seize the opportunity it presents.
Gunter Ollmann's picture
While defense scoring lowers the barrier to sharing defensive success insights, it does not yet address the insights gained from learning from others’ failures and the stigma of a breach.
AJ Nash's picture
Elevating from the Cyber threat intelligence (CTI) team concept to an “intelligence team” concept is the next generation of intelligence practice within the private sector.
Marc Solomon's picture
Threat intelligence value comes down to relevance and accessibility, which requires curation into a customized enrichment source, aggregating data filtered by a range of factors.
Craig Harber's picture
No matter how many best-of-breed protective solutions you use to defend your network, the unfortunate reality is eventually an attacker is going to get past them.
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Jim Ducharme's picture
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
John Maddison's picture
Outpacing your security capacity with digital innovation is a formula for disaster that may take you out of the running in today’s highly competitive digital marketplace entirely.
Joshua Goldfarb's picture
Performing gap analysis well and remediating findings appropriately can help reduce both the number of weak points within your enterprise and your susceptibility to attack at each of them.
Gunter Ollmann's picture
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.