Security Experts:

More Security Headlines

The United States charged an Iranian with hacking into HBO, stealing scripts and plot summaries for "Games of Thrones," and trying to extort $6 million in Bitcoin out of the network. [Read More]
The final version of the ‘OWASP Top 10 - 2017’ has been released, and CSRF and unvalidated redirects didn’t make the list [Read More]
Intel finds several vulnerabilities in management and security technology shipped with processors present in millions of devices [Read More]
Researchers discovered new Android malware apparently being used by the North Korea-linked Lazarus group to target users in South Korea [Read More]
Address Space Layout Randomization (ASLR) isn’t properly applied on versions of Microsoft Windows 8 and newer. [Read More]
Secureworks releases two open source tools, Flowsynth and Dalton, for testing intrusion detection system (IDS) rules [Read More]
A crypto vulnerability affecting F5’s BIG-IP products can be exploited for recovering encrypted data and MitM attacks [Read More]
Microsoft engineers appear to have manually patched a 17 year-old vulnerability in Office, instead of altering the source code of the vulnerable component, ACROS Security researchers say. [Read More]
A new phishing campaign delivering the Jsocket variant of Adwind (also known as AlienSpy) was detected in October, and is ongoing. [Read More]
A vulnerability that allows malicious applications to capture screen contents and record audio without a user’s knowledge impacts over 78% of Android devices, researchers claim. [Read More]

SecurityWeek Experts

rss icon

Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
Steven Grossman's picture
The challenge of data protection is not going away. Even without the ever-improving tactics of the bad guys, data sprawl has made it difficult for those just trying to do their jobs.
Jalal Bouhdada's picture
Everyone from bedroom hackers to state sponsored spies have wanted to breach critical systems since the dawn of the networked era, whether that be for monetary gain, secret information, or just pure curiosity.
Oliver Rochford's picture
Compared to the perception that security inhibits productivity and innovation, the reality is bad security has a far greater negative impact.
John Maddison's picture
Here are six things every organization needs to consider when approaching security, especially during the chaos and time pressures of a network undergoing digital transformation.
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Ashley Arbuckle's picture
The goal of IT/OT convergence is to make the OT side more resilient through effective cyber protections, and instill confidence in your board and senior executives.
Marc Solomon's picture
Full automation ignores the key inputs from human intelligence. When it comes to “orient” and “decide,” the human element needs to be involved.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Joshua Goldfarb's picture
The way in which the security community typically reacts after certain high profile incidents is somewhat alarming. There are typically two responses, neither of which is particularly appropriate or helpful: Mocking and Ambulance chasing.