Security Experts:

More Security Headlines

The Russian cybersecurity firm has issued a report on ‘Ferocious Kitten’, an advanced threat actor in Iran that’s been conducting domestic cyber-surveillance for the last six years. [Read More]
The EU's proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned. [Read More]
Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited. [Read More]
Google has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE). [Read More]
A critical vulnerability discovered in a ThroughTek P2P SDK used by many security camera manufacturers can be exploited to gain remote access to camera feeds. [Read More]
Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies. [Read More]
Vulnerabilities discovered in some older Schneider Electric PowerLogic gateways can allow hackers to remotely take control of devices or disrupt them. [Read More]
The STEM Audio Table device was also found to be externally controllable without authentication. [Read More]
French court rules that Ikea had set up an elaborate system to illegally spy on hundreds of employees and job applicants over several years, using private detectives as well as police sources. [Read More]
Poland's parliament said it will hold a closed-door session Wednesday to discuss a wave of cyber attacks against the EU member that the government called "unprecedented". [Read More]

SecurityWeek Experts

rss icon

William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Gunter Ollmann's picture
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash of Continuous.
Derek Manky's picture
Although every network environment is unique, there are steps any organization can begin to implement now to reduce their risk from ransomware and other advanced threats.
Torsten George's picture
President Biden's Executive Order (EO) to improve the nation’s cybersecurity is a good first step but it is likely not going to materially change the defensive posture of the nation.
Joshua Goldfarb's picture
Josh Goldfarb analyzes five statements stubborn people often say, discusses how they harm an organization's security posture, and suggests ways forward in each case.
Marc Solomon's picture
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
Tim Bandos's picture
Shifting to the cloud can be a radical but necessary change. There’s no denying the transition can be time consuming and costly upfront.
Gordon Lawson's picture
While obscurity is an offensive tool for attackers, it also represents a defensive measure for organizations. Let’s consider the benefits of concealing network infrastructure and activity from the outside world to reduce the enterprise attack surface.
Landon Winkelvoss's picture
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
William Lin's picture
The combination of “shifting left” and “cloud security” is going to happen and be called “shifting everywhere.”