Security Experts:

More Security Headlines

TikTok hit with a pair of lawsuits from the US state of Indiana, which accused it of making false claims about the Chinese-owned app's safety for children. [Read More]
CloudSEK claims a cybersecurity firm is behind a data breach resulting from the compromise of an employee’s Jira account. [Read More]
On the second day of Pwn2Own Toronto 2022, participants earned more than $280,000 for smart speaker, printer, router, smartphone and NAS exploits. [Read More]
Apple added end-to-end encryption tools for iCloud backups and a feature to help users verify identities in the Messages app. [Read More]
Google's Threat Analysis Group publicly documents an Internet Explorer zero-day vulnerability exploited in attacks by a North Korean hacking group called APT37. [Read More]
The All India Institute of Medical Sciences (AIIMS) hospital limped back to normality after a cyberattack crippled its operations for nearly two weeks. [Read More]
A lobbying outfit representing big tech is calling on the Office of Management and Budget (OMB) to "discourage agencies" from requiring SBOMs, arguing that “it is premature and of limited utility.” [Read More]
San Diego startup Drata continues to attract major venture capital investor interest, banking $200 million in Series C funding that values the company north of $2 billion. [Read More]
A newly observed Go-based IoT botnet capable of self-replicating and self-propagation has been observed targeting multiple vulnerabilities for initial access. [Read More]
Vaultree has raised $12.8 million in Series A funding for its data-in-use encryption technology. [Read More]

SecurityWeek Experts

rss icon

Marc Solomon's picture
When implementing security automation, organizations should starting with an open architecture, focusing on getting the right data for analytics and applying automation methodically in smaller chunks.
Jeff Orloff's picture
The MITRE D3FEND framework is only as effective as the planning that goes into making sure it is properly aligned with the top threats facing the organization.
Derek Manky's picture
While the number of detections has been lower so far than other types of cyberattacks, the very nature of wipers and how they’re used makes them very dangerous.
Joshua Goldfarb's picture
I believe that as security and fraud professionals, we can learn an important career lesson from fictional company Entertainment 720.
Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Galina Antova's picture
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Joshua Goldfarb's picture
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.