Security Experts:

More Security Headlines

A critical information leakage vulnerability dubbed JetLeak has been found in the Jetty web server. The flaw has been fixed in version 9.2.9.
Cybercriminals use phishing emails and CSRF exploits to hijack routers in Brazil and redirect victims to fake banking websites.
A steady stream of low-level cyber attacks poses the most likely danger to the United States rather than a potential digital "armageddon," US intelligence director James Clapper said.
The breach has cost Target $162 million so far, according to the firm's earnings report.
Bitdefender finds 10 apps hiding aggressive adware on Google Play. The applications redirect users to ads in all Web browser and even Facebook.
Silent Circle has agreed to buy out the joint venture between Silent Circle and Geeksphone, giving Silent Circle a 100 percent ownership stake in SGP Technologies and full ownership of the privacy and security focused “Blackphone”.
Onapsis has published the details of several vulnerabilities affecting SAP BusinessObjects and SAP HANA. Patches are available.
Zimperium, a provider of mobile security solutions, announced that it has closed a Series B round of funding totaling $12 million.
Facebook has shared information on the vulnerabilities reported and rewards paid out as part of the company's bug bounty program in 2014.
Lizard Squad hijacks Lenovo's website and emails after hacking into the systems of Malaysia-based registrar WebNIC.cc

SecurityWeek Experts

rss icon

David Holmes's picture
If Let’s Encrypt succeeds, will self-signed certificates go extinct? I’m guessing no, and that’s not necessarily a bad thing.
Pat Calhoun's picture
To evade network security defenses, Advanced evasion techniques (AETs) disguise malicious payloads by splitting them into smaller pieces and then delivering the pieces simultaneously, or at varying times, across multiple or rarely used network protocols.
Marcus Ranum's picture
With security data, you will almost never benefit from using a pie chart instead of a time/value chart, unless you only have a single instance of data.
Torsten George's picture
The transition from a compliance-driven check-box approach to a risk-based model, enables businesses to centralize the ongoing definition, evaluation, remediation, and analysis of their risk posture in a closed-loop process.
Joshua Goldfarb's picture
If you are a security leader, you owe it to yourself and to your organization to create a culture that rewards honesty and truthfulness. Otherwise, the house always wins.
Travis Greene's picture
It’s time for targeted complexity that balances the convenience that users demand with the security that organizations need. It’s a bit like teaching a new dog old tricks.
Jason Polancich's picture
Most businesses today are not as secure as they could be due to an inaccurate view of their own cyberdefenses.
Marc Solomon's picture
For modern businesses, security leadership needs to ascend even higher in the organization: to the boardroom.
Wade Williamson's picture
Like most modern malware, Carbanak is not some autonomous bit of code running on its own, but rather a vehicle for a remote human attacker to watch, learn and remotely drive the attack.
Mark Hatton's picture
What are we to make of Hollywood’s latest obsession with all things cyber? Between the recently released movie, Blackhat, and the forthcoming CSI CYBER TV series, the powers that be have clearly decided this subject is exciting enough to attract an audience.