Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

QNAP says weak passwords, the use of default ports, and public network connections render devices vulnerable to brute-force attacks. [Read More]
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. [Read More]
Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to anyone. [Read More]
Feedzai lands $200 million in funding to build out its AI/ML-based fraud prevention tools for financial services firms. The round was led by KKR. [Read More]
Digital identity network firm ID.me has joined list of cybersecurity unicorns after banking a new $100 million funding round that values the company at $1.5 billion. [Read More]
Researchers investigating the SolarWinds attacks has discovered a new APT group called SilverFish that has conducted cyber-attacks on at least 4720 targets worldwide. [Read More]
The report details both the extent of risks and the scale of potential impact from cyber-attacks on the grid’s distribution systems. [Read More]
Microsoft Defender Antivirus now automatically protects Exchange servers against attacks exploiting the recent ProxyLogon vulnerabilities. [Read More]
Facebook announces support for the use of security keys on mobile devices to provide additional account protection features for its massive userbase. [Read More]
Security researchers at McAfee spot signs of the Mustang Panda cyber-espionage group targeting telecommunications companies. [Read More]

FEATURES, INSIGHTS // Risk Management

rss icon

Derek Manky's picture
It’s amazing how foundational security principles, consistently implemented, can help defeat the craftiest attack vector.
John Maddison's picture
By understanding the latest threat trends, security teams can take measures to ensure that their security strategies, including the identification and tracking of new IOCs, are being correctly updated.
Matt Morris's picture
Companies must instill a culture of resilience in which security improvements are emphasized as a fundamental component of an organization’s individual corporate culture
Preston Hogue's picture
From a cybersecurity perspective, perhaps the greatest risk for digital education comes from the wide variation across districts in terms of resources.
Alastair Paterson's picture
Opportunities for accidental exposure of sensitive information are often compounded by multiple stakeholders using collaborative tools without the proper policies, oversight and security training.
AJ Nash's picture
Intelligence is one of a few vital security concepts that industries are increasing their investments in as they recognize the documented value of proactive security.
Marc Solomon's picture
Phil Jones who, who has overseen Operations within Airbus Cybersecurity since 2016, discusses some of the key takeaways from the current crisis.
Joshua Goldfarb's picture
Some security start-ups bring much needed creative thinking and new ideas to a challenging field. Others don’t bring much of anything to the table, and in some cases, can actually harm an organization’s security posture.
Gunter Ollmann's picture
As SecOps teams increasingly take on proactive risk reduction, their vocabulary expands from security threats to include posture lapses, and posture fatigue will grow.
Idan Aharoni's picture
The threat intelligence space is filled with great vendors who can provide organizations with a lot of value in helping them protect their brand, employees and customers.