Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

One of the zero-day vulnerabilities patched this week by Microsoft has been exploited in attacks by several threat groups, including the ones known as FruityArmor and SandCat. [Read More]
Venezuelan President Nicolas Maduro's government says the massive power outage was caused by a cyberattack launched by the United States, but experts say a breakdown of old equipment is much more likely. [Read More]
Microsoft patches over 60 vulnerabilities, including two Windows zero-day flaws exploited in targeted attacks. [Read More]
Four senators backed by two representatives and several tech giants have reintroduced a bill whose goal is to improve the security of Internet of Things (IoT) devices. [Read More]
Adobe has patched two critical vulnerabilities in Photoshop and Digital Editions, and five flaws in a sandbox service. [Read More]
A white hat hacker earned $10,000 last year for a Facebook Messenger vulnerability that could have allowed an attacker to randomly obtain other users’ images. [Read More]
Vulnerability research firm Crowdfense has launched a new 0-day acquisition program and is promising payouts of up to $3 million for full-chain, previously unreported exploits. [Read More]
Over a dozen vulnerabilities, including ones classified as critical, have been found by researchers in industrial switches from Moxa. Patches and mitigations have been released by the vendor. [Read More]
An Iran-linked threat group tracked as IRIDIUM is said to be behind an attack on software giant Citrix, but some people are not convinced the attribution is accurate. [Read More]
Vulnerabilities in high-end smart alarms for cars exposed millions of vehicles to hacker attacks that could have had serious consequences. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Josh Lefkowitz's picture
Oil and gas is one of the critical infrastructure sectors that face greater risks and challenges when it comes to security
Jennifer Blatnik's picture
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.