Security Experts:

More Security Headlines

NukeBot (Nuclear Bot) banking Trojan developer leaks source code after failing to convince cybercriminals that he is not a scammer [Read More]
A 41-year-old Russian national has pleaded guilty over his role in a scheme involving the Ebury Linux botnet [Read More]
The Cerber ransomware is using new evasion techniques designed elude machine learning security solutions. [Read More]
A new ransomware family being dropped by the RIG exploit kit (EK) appears to be in the testing phase and could surface as a major threat, security researchers reveal. [Read More]
Apple on Monday released security patches for its macOS and macOS Server, iOS, watchOS, tvOS, Safari, and Pages, to address over 200 vulnerabilities. [Read More]
Nearly 1.4 billion data records were compromised in 2016, according to Gemalto’s latest Breach Level Index [Read More]
Targeted attacks aimed at companies in the industrial sector are increasingly common, Kaspersky warns [Read More]
The method used by the Shamoon 2 malware to spread within a network is rudimentary, but efficient, Palo Alto Networks said [Read More]
Google researcher Tavis Ormandy has identified a new vulnerability in the LastPass browser extension. LastPass is working on a fix [Read More]
A recently discovered Internet bot is conducting sustained attacks against retailers and checking millions of gift card numbers to determine if any have balances, Distil Networks researchers warn. [Read More]

SecurityWeek Experts

rss icon

David Holmes's picture
Classic SSL interceptors are notoriously lackadaisical about certificate verification, but that doesn’t mean the only choice is not to use them or that they’re not needed.
Rafal Los's picture
If enterprise information security is to make stride in a positive direction we need less of the self-aggrandizing “expert” and more of those who can aggregate and distill tribal knowledge into wisdom.
Josh Lefkowitz's picture
Executive protection and physical security teams must leverage cyber threat intelligence to gain visibility into all relevant cyber and physical threats and ensure open collaboration and information sharing with all business functions.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Adam Meyer's picture
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.
Erin O’Malley's picture
In cybersecurity, basic hygiene is a must. You could implement every eye-catching security tool on the market, but without good, clean hygiene and the ability to deliver tools the right data at the right time, they’ll never shine their brightest.
Alastair Paterson's picture
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
Jennifer Blatnik's picture
If CISOs took a page from physicians and worked together to share missteps and move forward, they could gain crucial security learnings and prevent the spread of attacks.
Joshua Goldfarb's picture
Although attackers still use malicious code quite often, they have been relying less and less on it. So how do attackers manage to be so successful without using any malware at all?
Marc Solomon's picture
Companies can make their entire security infrastructure more effective by using this threat intelligence as the glue to integrate layers of point products within a defense-in-depth strategy.