Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Apple this week released several security updates to address tens of vulnerabilities impacting the iOS and macOS platforms, the Safari browser, and various Windows applications. [Read More]
Siemens conducted a pilot test for releasing security advisories on the second Tuesday of each month (Patch Tuesday), just like Microsoft, Adobe and SAP. [Read More]
The UK government has shared details on its vulnerability equities process (VEP), which is used to decide whether a government agency should disclose a discovered vulnerability or keep it secret for its own purposes. [Read More]
Ukraine accuses Russian intelligence of launching cyber attacks on the information and telecommunications systems of the country’s judiciary. [Read More]
Flash Player zero-day vulnerability CVE-2018-15982 used to target hospital of the Russian presidential administration. Attack possibly related to the recent Kerch Strait incident involving Russia and Ukraine. [Read More]
Symantec unveils Industrial Control System Protection (ICSP) Neural, a USB scanning station designed to protect industrial and IoT environments against USB-borne malware. [Read More]
Thousands of emails were stolen from the hacked accounts of aides to the National Republican Congressional Committee (NRCC) during the 2018 midterm campaign. [Read More]
There is not enough evidence to attribute a recent wave of spear-phishing emails impersonating personnel at the United States Department of State to Russian hackers, Microsoft says. [Read More]
Malicious actors could abuse machine-to-machine (M2M) protocols such as MQTT and CoAP in attacks aimed at IoT and industrial IoT systems. [Read More]
A critical vulnerability allows an attacker to gain full administrator privileges on any node in a Kubernetes cluster, and detecting attacks is not easy. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jack Danahy's picture
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Torsten George's picture
We need to consider whether traditional approaches to vulnerability management are still viable and if just upgrading existing methods or tools is sufficient.
Jalal Bouhdada's picture
Vendors, practitioners and security experts must all work closely together to combat the well-funded actors who pose a threat to medical devices.
Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Markus Jakobsson's picture
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Josh Lefkowitz's picture
Oil and gas is one of the critical infrastructure sectors that face greater risks and challenges when it comes to security