Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Siemens conducted a pilot test for releasing security advisories on the second Tuesday of each month (Patch Tuesday), just like Microsoft, Adobe and SAP. [Read More]
The UK government has shared details on its vulnerability equities process (VEP), which is used to decide whether a government agency should disclose a discovered vulnerability or keep it secret for its own purposes. [Read More]
Ukraine accuses Russian intelligence of launching cyber attacks on the information and telecommunications systems of the country’s judiciary. [Read More]
Flash Player zero-day vulnerability CVE-2018-15982 used to target hospital of the Russian presidential administration. Attack possibly related to the recent Kerch Strait incident involving Russia and Ukraine. [Read More]
Symantec unveils Industrial Control System Protection (ICSP) Neural, a USB scanning station designed to protect industrial and IoT environments against USB-borne malware. [Read More]
Thousands of emails were stolen from the hacked accounts of aides to the National Republican Congressional Committee (NRCC) during the 2018 midterm campaign. [Read More]
There is not enough evidence to attribute a recent wave of spear-phishing emails impersonating personnel at the United States Department of State to Russian hackers, Microsoft says. [Read More]
Malicious actors could abuse machine-to-machine (M2M) protocols such as MQTT and CoAP in attacks aimed at IoT and industrial IoT systems. [Read More]
A critical vulnerability allows an attacker to gain full administrator privileges on any node in a Kubernetes cluster, and detecting attacks is not easy. [Read More]
Hackers may have stolen information on 100 million users after breaching the systems of question-and-answer website Quora. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Torsten George's picture
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Marc Solomon's picture
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Torsten George's picture
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.
John Maddison's picture
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
Torsten George's picture
Microservices and containers enable faster application delivery and improved IT efficiency. However, the adoption of these technologies has outpaced security.
Oliver Rochford's picture
We can’t rely on our own governments to practice responsible full disclosure. Full Disclosure is compromised. We can’t really blame them. Either everyone discloses, or no-one does.