Security Experts:

More Security Headlines

Cyber defenses for US drinking water supplies are "absolutely inadequate" and vulnerable to large-scale disruption by hackers, a senior official said. [Read More]
The activity of the ransomware cooperative did not decrease following Russia’s smackdown. [Read More]
The White House has published a federal zero trust strategy, requiring agencies to meet cybersecurity standards and objectives by the end of 2024. [Read More]
The funding will help Scribe Security bring its end-to-end protection platform to market. [Read More]
VMware warns customers of potential compromise as attacks targeting the Log4j vulnerability in Horizon are ramping up. [Read More]
The ransomware hijacks the NAS device’s login page to display a ransom note there. [Read More]
Puerto Rico’s Senate says that it was the target of a cyberattack that disabled its internet provider, phone system and official online page, the latest in a string of similar incidents in recent years. [Read More]
Human Rights Watch said that one of its senior staff members was targeted last year with spyware designed by the Israeli hacker-for hire company NSO Group. [Read More]
In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension. [Read More]
Split into multiple stages to evade detection, the infection chain starts with the exploit for a MSHTML vulnerability (CVE-2021-40444) and uses the Graphite malware. [Read More]

SecurityWeek Experts

rss icon

Landon Winkelvoss's picture
Similar to investigations that disrupt cyberattacks on retailers, the same tactics, techniques, and procedures (TTPs) can be leveraged against those that sell counterfeit or stolen goods.
Joshua Goldfarb's picture
While there are many approaches to successfully accomplishing cross-team security initiatives, these seven points are helpful when working to push these efforts across the finish line.
Derek Manky's picture
Living-off-the-land attacks are effective because they allow attackers to hide their activities in legitimate processes and makes it harder for defenders to detect them. These tools also make attack attribution much harder.
Jeff Orloff's picture
When organizations adopt a broader yet more focused framework for cybersecurity staffing, they’re suddenly positioned to gain a clear competitive advantage in the labor market.
John Maddison's picture
Cybersecurity deployments have become as complex as the networks they are trying to protect. And that’s not a good thing.
Galina Antova's picture
Under the leadership of Jen Easterly, CISA launch several key initiatives to significantly increase government collaboration among federal agencies as well as with the private sector.
Marc Solomon's picture
An open integration architecture provides the greatest access to data from technologies, threat feeds and other third-party sources, and the ability to drive action back to those technologies once a decision is made.
Gordon Lawson's picture
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Marie Hattar's picture
There is a pressing need tighten IoT security, especially in an insecure world where these unmanaged devices are playing a rapidly-growing and increasingly important role
Derek Manky's picture
While the sky just may be the limit (or actually, it may not be), when it comes to cybercriminals, three key areas where we expect to see more activity in the coming year are space, digital wallets and esports.