Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

VMware starts releasing patches and workarounds for Virtual Appliance products in response to the Spectre and Meltdown vulnerabilities [Read More]
Trustwave discloses the details of several vulnerabilities affecting Netgear routers, including devices that are top-selling products on Amazon and Best Buy [Read More]
What appears to be the source code of a key component of Apple’s iOS platform, responsible for trusted boot operation, was posted on GitHub yesterday. [Read More]
Google paid nearly $3 million to security researchers in 2017 who reported valid vulnerabilities in its products. [Read More]
Cisco is aware of attacks exploiting CVE-2018-0101, a critical remote code execution and DoS vulnerability affecting the company’s firewalls [Read More]
Intel has started releasing new firmware updates that should address the Spectre vulnerability after the first round of patches caused problems [Read More]
Gas stations exposed to remote hacker attacks due to several vulnerabilities found in a widely used automation system [Read More]
Joomla 3.8.4 includes over 100 bug fixes and improvements, and patches four XSS and SQL injection vulnerabilities [Read More]
The massive 2016 breach that Uber covered up for more than a year was the work of a couple of individuals from Canada and Florida [Read More]
Adobe patches CVE-2018-4878, the Flash Player zero-day vulnerability exploited by North Korean hackers in attacks aimed at South Korea [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Jim Ivers's picture
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Torsten George's picture
Hackers are exploiting known vulnerabilities and are betting on the fact that organizations don’t know how to fix what really matters.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
If we agree that quality and security problems are both a form of defect, then we must sufficiently address both to produce software of the highest integrity.
Adam Meyer's picture
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.
Dan Cornell's picture
Gaining an understanding of the tools that development teams use provides security teams with valuable insight into how developers work, how they make decisions, and the incentives that drive them.
Jim Ivers's picture
Enlightened toy manufacturers likely begin to embrace the basic concepts of IoT security and build connected toys that can be trusted by parents.
Jim Ivers's picture
Enabling developers through the right mix of tools and education just makes too much sense and generates too much value for all concerned.