Security Experts:

More Security Headlines

"It's high time to have a serious discussion about the international legal framework in which cyberwars take place," UN secretary general Antonio Guterres said at the Munich Security Conference. [Read More]
Threat actors are exploiting a recently patched vulnerability (CVE-2017-10271) in Oracle WebLogic Server to infect systems with crypto-currency mining malware. [Read More]
BitSight has published an analysis of the security posture of the federal supply chain, which shows a significant gap between the security performance of U.S. federal agencies and their contractors. [Read More]
U.S. Department of Energy announces new Office of Cybersecurity, Energy Security, and Emergency Response (CESER) [Read More]
Several BGP daemon vulnerabilities patched in Quagga, a routing software used by several Unix platforms [Read More]
The United States, Canada, Australia and New Zealand have joined the U.K. in blaming Russia for the destructive NotPetya attack launched last summer [Read More]
A United States Judge sent two Russian nationals to prison for their involvement in a hacking scheme that compromised roughly160 million credit card numbers and incurred losses of hundreds of millions. [Read More]
Dispel launches platform designed to help secure elections, including voter, ballot and campaign information [Read More]
The new and emerging world of artificial intelligence -- that is, algorithms -- promises huge benefits for industry in increased speeds and lower costs; just as it does in the financial markets. [Read More]
The newly discovered DoubleDoor Internet of Things (IoT) botnet is using two exploits to ensure it can bypass authentication on targeted devices and render additional protections useless. [Read More]

SecurityWeek Experts

rss icon

Josh Lefkowitz's picture
Real-time intelligence is exceedingly difficult to attain. Many current offerings are limited in how they can address the broad spectrum of threats and adversaries that exist today.
Alastair Paterson's picture
The most technically sophisticated use detailed social engineering techniques, zero-day exploits and weaknesses in the supply chain.
Joshua Goldfarb's picture
When a high profile event like Meltdown/Spectre comes around, organizations need actionable information that they can use to mitigate their risk and get back to worrying about their core business.
Scott Simkin's picture
Blending in with legitimate users, attackers can infiltrate organizations and dwell inside networks for months or even years without being detected.
Marc Solomon's picture
There are four primary threat intelligence models that businesses employ today – from one to one to many to many. Let’s take a closer look at each.
Ashley Arbuckle's picture
By understanding and easing the cultural shift this entails, you can save time and money and sleep better at night with security occupying a seat at the DevOps table.
Torsten George's picture
To limit exposure to privileged credential attacks, organizations need to rethink their enterprise security strategy and move to an identity-centric approach based on a Zero Trust model.
Travis Greene's picture
As DevOps and agile development methodologies take greater root in the enterprise, the traditional tools and approaches for eliminating vulnerabilities in code will no longer be able to keep pace.
Barak Perelman's picture
Many systems that support industrial controllers are likely vulnerable to Spectre and Meltdown vulnerabilities, which affect hardware running in the majority of the world’s computing devices.
Oliver Rochford's picture
Fear Uncertainty and Doubt or FUD, have always played a part in convincing businesses and governments to invest in cybersecurity.