Security Experts:

More Security Headlines

Puerto Rico’s Senate says that it was the target of a cyberattack that disabled its internet provider, phone system and official online page, the latest in a string of similar incidents in recent years. [Read More]
Human Rights Watch said that one of its senior staff members was targeted last year with spyware designed by the Israeli hacker-for hire company NSO Group. [Read More]
In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension. [Read More]
Split into multiple stages to evade detection, the infection chain starts with the exploit for a MSHTML vulnerability (CVE-2021-40444) and uses the Graphite malware. [Read More]
Identity has always been the key to security. But the industry became sidetracked into concentrating more on the content of traffic than on the source of the traffic. [Read More]
Claroty has released a new open source tool designed for identifying ENIP stacks. [Read More]
The virtual doors are open and SecurityWeek’s Ransomware Resilience and Recovery Summit, presented by Palo Alto Networks, is now live! [Read More]
The company focuses on securing the cloud-native application development. [Read More]
A researcher has earned over $100,000 from Apple for showing how an attacker could exploit Safari and macOS vulnerabilities to hijack a user’s online accounts and webcam. [Read More]
Qualys security researchers warn of an easily exploitable privilege escalation vulnerability in polkit’s pkexec. [Read More]

SecurityWeek Experts

rss icon

Laurence Pitt's picture
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
Joshua Goldfarb's picture
The right to work is one of the most fundamental professional rights. Those who actively threaten or work against this right act against the interests of the security community as a whole.
Keith Ibarguen's picture
I would like to suggest a New Year’s Resolution for my peers in the security industry: Focus on the outcome the other person is seeking, and if you agree with it, help make it happen.
Torsten George's picture
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.
Galina Antova's picture
What can defenders do in this new reality to strengthen the security posture of their OT environments? Here are five recommendations every CISO should consider.
Landon Winkelvoss's picture
The security industry must commit to a risk-based approach that understands the specific attacks and actors targeting their industry and profile.
Jeff Orloff's picture
To sharpen and learn cybersecurity skills, security professionals need to ‘play’ in a safe, yet stimulating place that provides hands-on, interactive upskilling.
Derek Manky's picture
Public and private entities need to collaborate by sharing threat information and attack data to make attacks more difficult and resource-intensive for cybercriminals.
Yaniv Vardi's picture
Critical infrastructure companies need to think of cybersecurity holistically, enabled by a single SOC to protect these once-separate environments in a holistic manner.
Marie Hattar's picture
It is a good idea to assume that your network has already been breached, even if no overtly malicious notifications have surfaced.