Security Experts:

Virus & Threats
long dotted


Researchers find several vulnerabilities, including ones rated high severity, in management and configuration tools from power grid protection company Schweitzer Engineering Laboratories (SEL) [Read More]
A CredSSP vulnerability affecting all versions of Windows and patched recently by Microsoft has been found to impact Pepperl+Fuchs HMI devices [Read More]
Researchers who discovered two new variations of the Spectre attack receive $100,000 bounty from Intel [Read More]
Microsoft patched over 50 vulnerabilities with the July 2018 Patch Tuesday updates, but none of the flaws have been exploited for malicious purposes [Read More]
The Hide 'N Seek Internet of Things (IoT) botnet has added support for more devices and can also infect OrientDB and CouchDB database servers, researchers say. [Read More]
Adobe has patched over 100 vulnerabilities in Acrobat and Reader, and several flaws in some of the company’s other products [Read More]
London, UK-based email archiving and security firm Mimecast has acquired Bethesda, Md-based security training company Ataata. Financial terms of the acquisition have not been disclosed. [Read More]
Researchers see new attacks on Palestinian Authority and the main suspect is the Gaza Cybergang/Molerats, which has been linked to Hamas [Read More]
Intel has updated its Processor Diagnostic Tool to address vulnerabilities that could lead to arbitrary code execution and escalation of privileges. [Read More]
German web hosting firm DomainFactory shuts down forum following data breach. Hacker gained access to sensitive data, including banking information [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

David Holmes's picture
Several tech vendors have been added to the list of vendors vulnerable to a variation on the Bleichenbacher attack called the ROBOT attack.
Lance Cottrell's picture
Laws to support swift and automatic updates for all devices, and consequence to organizations that fail to ensure their IoT devices are secure, would be a big step forward for IoT security.
Jim Ivers's picture
With a software composition analysis (SCA) tool in place, security teams can quickly scan an information repository and know where vulnerable software is being used.
David Holmes's picture
The "Reaper" IoT botnet is holding itself up as a blinky light in front of our faces, reminding the InfoSec community that we really need to get ahead of IoT madness.
Jack Danahy's picture
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Torsten George's picture
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Jalal Bouhdada's picture
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.