Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Cisco patches critical remote code execution vulnerability found by the company in its industrial routers [Read More]
Cisco finds serious code execution vulnerability in LabVIEW system design software from National Instruments [Read More]
High severity vulnerabilities have been patched in Rockwell Automation’s Connected Components Workbench and FactoryTalk Activation tools [Read More]
Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.) reintroduced two pieces of legislation that would implement and improve cybersecurity standards for cars and aircraft. [Read More]
Researchers discovered multiple serious vulnerabilities in popular solar park monitoring devices from Solar-Log [Read More]
Vulnerabilities found in the Chrome and Firefox extensions of the LastPass password manager allow attackers to steal passwords, execute code [Read More]
A security researcher took it to GitHub to disclose information on multiple vulnerabilities allegedly affecting Nest Cam and Dropcam Pro devices after receiving no response from Google for several months. [Read More]
DoubleAgent is a new attack method that abuses a legitimate Microsoft tool to hijack security products [Read More]
Metasploit has released a new hardware bridge extension to help researchers and pentesters discover security flaws in IoT radio (RF) communications. [Read More]
High severity vulnerabilities in Cisco IOS allow attackers to cause a DoS condition by sending specially crafted packets [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Torsten George's picture
Faced with hundreds, thousands, and even hundreds of thousands of vulnerabilities across their IT infrastructures leaves security practitioners at a virtually insurmountable disadvantage.
Jim Ivers's picture
As with any business relationship, you should use software or open source components from your allies with your eyes open to the potential risks.
Erin O’Malley's picture
What’s worse than having to cook a Thanksgiving turkey? How about being forced to relegate the poor bird to a crock pot after discovering that your net-connected oven and wireless meat thermometer have both been hacked?
Alastair Paterson's picture
Understanding what makes a good exploit kit is the first step in protecting against such attacks. But what else can you do to prevent adversaries from using exploit kits against your organization?
Jennifer Blatnik's picture
The interests of the researchers should be to make the world more secure, not profit from a corporation’s vulnerabilities.
Jim Ivers's picture
I know I no longer have much trust in the connected devices in my home, and wonder what they do with their spare time.
Travis Greene's picture
A reliance on Internet voting with current technology will lead to the disenfranchisement of voters and manipulation by foreign or domestic attackers.
Jim Ivers's picture
Mature organizations should adopt a blended approach that employs testing tools at various stages in the development life cycle.
Scott Simkin's picture
While exploit kits are certainly contributing to the steady rise in the number of cyberattacks, in the end, the methods they use to infect endpoints and networks can be stopped provided the proper steps are taken.
David Holmes's picture
SWEET32 is probably not something that an enterprise administrator needs to lose sleep over. Very likely, we will never see a SWEET32 attack in the wild, just as we never have for POODLE or BEAST.