Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Apple, Facebook, Google, Microsoft and Mozilla outline their plans for Flash now that Adobe officially announced its end of life [Read More]
Adobe on Tuesday said that it will kill its Adobe Flash Player and stop providing security updates by the end of 2020. [Read More]
Facebook, GitHub and the Ford Foundation donate a total of $300,000 to the Internet Bug Bounty (IBB) to help expand the program [Read More]
Schneider Electric was informed by a researcher that its Trio TView software uses a version of Java from 2011 affected by over 360 vulnerabilities [Read More]
Researcher tricks Symantec into revoking certificates based on forged private keys – Comodo did not fall for the same trick [Read More]
CyberX launches new technology that allows organizations to simulate breach and attack vectors on their ICS networks [Read More]
Tor launches public bug bounty program with rewards of up to $4,000 per vulnerability, depending on impact and severity [Read More]
Apple this week released security patches for all four of its operating systems to resolve tens of security bugs in each of them. [Read More]
Vulnerabilities found by researchers in the Segway miniPRO allow hackers to take control of the hoverboard and possibly cause injury to the rider [Read More]
A security audit of Firefox Accounts revealed a total of 15 issues, including flaws rated critical and high severity [Read More]

FEATURES, INSIGHTS // Vulnerabilities

rss icon

Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Jim Ivers's picture
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.
Jennifer Blatnik's picture
If the WannaCry incident taught us anything, it’s that global, widespread ransomware can and will impact organizations without any notice. The time to prepare is now.
Torsten George's picture
Hackers are exploiting known vulnerabilities and are betting on the fact that organizations don’t know how to fix what really matters.
Jim Ivers's picture
With the advent of connected devices, privacy and security have become tightly linked because theft of private data is often the goal of malicious attacks.
Jim Ivers's picture
If we agree that quality and security problems are both a form of defect, then we must sufficiently address both to produce software of the highest integrity.
Adam Meyer's picture
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.