Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google joins Apple and Microsoft in warning about zero-day flaws being exploited in the wild. This time the target is the popular Google Chrome browser. [Read More]
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
Hackers leaked online credentials stolen from 87,000 VPN devices, affecting roughly 22,500 victims worldwide, including nearly 3,000 in the United States. [Read More]
Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files. [Read More]
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
SecurityWeek examines if Taliban-ruled Afghanistan is, or will become, a notable cyber threat to the West. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]

FEATURES, INSIGHTS // Cyberwarfare

rss icon

Idan Aharoni's picture
Plausible deniability provides a massive operational leeway to military operations in cyberspace, enabling governments to take actions without risking an all-out war.
Gunter Ollmann's picture
While global corporations have been targeted by Iran-linked threat actors, the escalating tensions in recent weeks will inevitably bring more repercussions as tools and tactics change with new strategic goals.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Galina Antova's picture
We must recognize industrial cyberattacks as tactics in a new form of “economic warfare” being waged between nation-states to gain economic and political advantage without having to pay the price of open combat.
Oliver Rochford's picture
The lifting of certain sanctions may provide an alternative incentive to limit certain types of cyberwar activity.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.
Ryan Naraine's picture
Thomas Rid, Professor in the Department of War Studies at King’s College London, joins the podcast to discuss the lack of nuance in the crypto debate and the future of global cyber conflict.
James McFarlin's picture
If there were any lingering doubts that cybersecurity is a geopolitical issue with global implications, such opinions were cast on the rocks by discussions this past week at the 2015 World Economic Forum in Davos, Switzerland.
James McFarlin's picture
The overall industry tone of caution around active defenses may be calibrated to defuse the notion rather than taking the argument, buying time for other alternatives to surface.
James McFarlin's picture
Does a dangerous threat lie with ISIS’s possible use of cyber weapons against American critical infrastructure, financial system or other targets? Will such attacks be attempted and do the capabilities exist within ISIS to do so?