Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Google is boosting the security of its popular web browser with the release of Chrome 63, which brings a host of enhancements aimed at enterprises and also addresses 37 vulnerabilities. [Read More]
The most common infiltration and exfiltration methods used by attackers are successful much of the time, according to SafeBreach’s latest Hacker’s Playbook report [Read More]
ICS-CERT provides solid advice on updating antiviruses in industrial control systems, but it’s not practical and organizations should not believe AVs are enough [Read More]
F-Secure CTO: Kaspersky's Links to Russian Government Probably Not any Stronger Than U.S. Intelligence [Read More]
One of the vulnerabilities addressed by Apple in its latest set of security patches for macOS is an arbitrary code execution flaw, which could be exploited via malicious USB devices. [Read More]
Windows 10 Creators Update can detect reflective Dynamic-Link Library (DLL) loading in a variety of high-risk processes, including browsers and productivity software, Microsoft says. [Read More]
Fileless attacks are on the rise and do not install detectable files, but leverage exploits designed to run malicious code or launch scripts directly from memory. [Read More]
A recently disclosed vulnerability that allows an attacker to abuse the quarantine feature of anti-virus products to escalate privileges doesn’t affect Windows Defender, Microsoft says. [Read More]
A complaint by Enigma Software against security firm Malwarebytes was dismissed by the District Court, Northern District of California, San Jose Division on November 7, 2017. [Read More]
AVGater vulnerability in some antiviruses allows hackers to escalate privileges on a system by abusing the ‘restore from quarantine’ feature [Read More]

FEATURES, INSIGHTS // Endpoint Security

rss icon

Jack Danahy's picture
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Markus Jakobsson's picture
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Scott Simkin's picture
Just as there should be consistency across network, endpoint and cloud security, there should be the same consistency in identification, prevention, policy and enforcement of that policy for IoT security.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Jack Danahy's picture
It seems as though competing vendors spend more of their marketing dollars describing the insufficiency of existing solutions than they do explaining the added value that their new advancements bring.
Scott Gainey's picture
There’s a difference between “nice-to-have” security products and “must-have” security products. The “must-haves” are critical to protecting organizations from cyber attacks.
Simon Crosby's picture
It’s hard keeping criminals from infiltrating networks, much less worrying that users will simply open the door to bad guys by letting their guard down.
Wade Williamson's picture
Behavioral detection models can focus in on what the attacker actually does, instead of relying on a set of signatures or known indicators of compromise that often lag behind attackers.
Simon Crosby's picture
Next-gen Anti-Virus can’t help any more than traditional AV, but the principle of least privilege, enforced through virtualization based security, can stop the breach before it starts.