Security Experts:

More Security Headlines

Google, Microsoft and Mozilla are delaying plans to disable support for the Transport Layer Security (TLS) 1.0 and 1.1 protocols in Chrome, Edge, Internet Explorer, and Firefox. [Read More]
The Justice Department inspector general has found additional failures in the FBI’s handling of a secretive surveillance program that came under scrutiny after the Russia investigation. [Read More]
A newly discovered piece of malware is taking advantage of the current COVID-19 pandemic to render computers unusable by overwriting the MBR. [Read More]
Zoom is working on patching several vulnerabilities, including ones that can be exploited to spy on users via their microphone and camera, escalate privileges, and capture credentials. [Read More]
The Nigerian business email compromise (BEC) threat actors referred to as SilverTerrier have intensified assaults on multiple industries and should be considered an established threat. [Read More]
A recently uncovered attack campaign that stayed under the radar since May 2018 is targeting Microsoft SQL servers with backdoors and crypto-miners. [Read More]
Malicious, re-packaged versions of the Zoom video conferencing application are targeting work-from-home Android users with adware and Trojans. [Read More]
A patch has been released for a Linux kernel vulnerability that a researcher exploited at the Pwn2Own 2020 competition to escalate privileges to root on Ubuntu Desktop. [Read More]
AWS announces the general availability of Amazon Detective, a security service that makes it easier for customers to investigate security issues. [Read More]
SecurityWeek announced the launch of Security Summits, a new virtual event series designed to allow participants from around the globe to immerse themselves in a virtual environment to discuss the latest cybersecurity threats and challenges facing enterprise organizations. [Read More]

SecurityWeek Experts

rss icon

Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Jim Ducharme's picture
As the workforce continues to evolve, a one-size-fits-all approach won’t work for different identity and access management needs across organizations.
John Maddison's picture
Outpacing your security capacity with digital innovation is a formula for disaster that may take you out of the running in today’s highly competitive digital marketplace entirely.
Joshua Goldfarb's picture
Performing gap analysis well and remediating findings appropriately can help reduce both the number of weak points within your enterprise and your susceptibility to attack at each of them.
Gunter Ollmann's picture
CISOs are increasingly cognizant of the value deep integration of threat intelligence can bring to cloud protection platforms and bottom-line operational budgets.
AJ Nash's picture
Once we shed the shackles of “cyber” and “threat,” we free our teams to consider a full spectrum of intelligence, including support to physical security, insider threats, procurement, mergers and acquisitions, and executive decision-making.
Marc Solomon's picture
As a security professional you have several corrective measures available so you can efficiently and effectively make sense of massive volumes of data, understand what to work on next and know the right actions to take.
Torsten George's picture
Perimeter-based security, which focuses on securing endpoints, firewalls, and networks, provides no protection against identity- and credential-based threats.
Preston Hogue's picture
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Craig Harber's picture
Deep visibility allows organizations to see how different pieces of the overall cyber terrain are communicating with one another, enabling them to highlight potential or existing attack vectors.