Security Experts:

More Security Headlines

Salvadoran digital newspaper El Faro's employees filed a lawsuit in a US federal court on Wednesday against NSO Group, alleging the Israeli firm's controversial Pegasus software was used to spy on them. [Read More]
Nvidia’s November 2022 display driver updates resolve high-severity vulnerabilities leading to code execution, denial-of-service, or information disclosure. [Read More]
Synopsys security researchers warn of multiple vulnerabilities in three applications for using an Android device as keyboard and mouse. [Read More]
South Pacific Ocean nation Vanuatu is slowly getting its communications back online following a cyberattack that knocked out emergency services, emails and phone lines for weeks. [Read More]
The hackers leaking stolen Australian records from Medibank to the dark web appeared to end their extortion attempt by dumping a final batch of data online and declaring:"Case closed." [Read More]
According to data from Tenable, more than 70 percent of global organizations remain vulnerable to the Log4Shell flaw as of October this year. [Read More]
Sphere Technology Solutions, a New Jersey startup building technology to help defenders clean up excessive and unnecessary access, raises a $31 million Series B round. [Read More]
Google has linked three exploitation frameworks, as well as several vulnerabilities that were likely zero-days at one point, to Spanish commercial spyware vendor Variston. [Read More]
Chrome 108 arrives with patches for 28 vulnerabilities, including multiple high-severity memory safety issues. [Read More]
Delta Electronics has patched command injection vulnerabilities in two of its industrial networking products. [Read More]

SecurityWeek Experts

rss icon

Derek Manky's picture
While the number of detections has been lower so far than other types of cyberattacks, the very nature of wipers and how they’re used makes them very dangerous.
Joshua Goldfarb's picture
I believe that as security and fraud professionals, we can learn an important career lesson from fictional company Entertainment 720.
Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Galina Antova's picture
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Joshua Goldfarb's picture
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Jeff Orloff's picture
By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.