Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

UK-based start-up Tessian, which uses machine learning artificial intelligence to prevent sensitive data leakage via email, has raised $13 million in a Series A funding. [Read More]
Chinese threat actor known as APT15, Ke3chang, Mirage, Vixen Panda and Playful Dragon creates new MirageFox malware, and researchers have found similarities to the first malware used by the group [Read More]
The number of cyber-attacks targeting Singapore skyrocketed from June 11 to June 12, during the meeting between U.S. President Donald Trump and North Korean President Kim Jong-un in a Singapore hotel, and most of these attacks originated from Russia [Read More]
Trend Micro analyzes new campaign that appears to be linked to MuddyWater espionage [Read More]
Microsoft patches remote code execution vulnerability affecting the wimgapi library. The company and Cisco, whose researchers found the flaw, disagree on its severity [Read More]
Facebook claims it removes 99% of content posted by terrorist organizations without the need for users to report it. 1.9 million pieces of this type of content removed in Q1 2018 [Read More]
Schneider Electric has patched several vulnerabilities, including ones rated critical, in its U.motion Builder building automation tool [Read More]
Siemens patches vulnerabilities in SCALANCE and other devices, including CSRF, XSS, command injection and code execution issues [Read More]
GnuPG recently addressed an input sanitization vulnerability where a remote attacker could spoof arbitrary signatures [Read More]
One of the vulnerabilities patched by Microsoft this month was a flaw in Cortana that can allow an attacker to elevate privileges and execute code from the lock screen [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Lance Cottrell's picture
Laws to support swift and automatic updates for all devices, and consequence to organizations that fail to ensure their IoT devices are secure, would be a big step forward for IoT security.
Jim Ivers's picture
With a software composition analysis (SCA) tool in place, security teams can quickly scan an information repository and know where vulnerable software is being used.
David Holmes's picture
The "Reaper" IoT botnet is holding itself up as a blinky light in front of our faces, reminding the InfoSec community that we really need to get ahead of IoT madness.
Jack Danahy's picture
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Torsten George's picture
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Jalal Bouhdada's picture
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Markus Jakobsson's picture
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.