Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
Google makes public details of Chrome OS exploit chain for persistent code execution worth $100,000 [Read More]
Analysis shows that China delays disclosure of known critical vulnerabilities, sometimes to enable their immediate use by APT groups with probable Chinese government affiliation. [Read More]
MuddyWater attacks on Middle Eastern entities are difficult to attribute, despite being analyzed by several security firms [Read More]
Terdot banking Trojan packs information-stealing capabilities that could easily turn it into a cyber-espionage tool [Read More]
Kaspersky shares more details from its investigation into reports that Russian hackers stole NSA data using its software [Read More]
The U.S. government introduced greater transparency into the process by which government agencies decide whether to disclose or stockpile the cyber vulnerabilities they discover. [Read More]
Apache CouchDB was affected by critical vulnerabilities that could have allowed remote attackers to escalate privileges and execute code [Read More]
A critical vulnerability in Cisco’s Voice Operating System exposes a dozen collaboration products to remote attacks [Read More]
Vulnerabilities in the popular WordPress plugin Formidable Forms expose sensitive data and allow hackers to hijack websites [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.
David Holmes's picture
Security researchers found 26 vulnerabilities within ISP network devices that would have given them remote admin access to the majority of home networks in the United States.
David Holmes's picture
A manufacturer of a meter may have a different threat model involving the physical aspects of the device itself: device memory, firmware interface, ecosystem communications.
Markus Jakobsson's picture
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Jim Ivers's picture
These recommendations will help your organization reduce risk and save real money on the cost of resolving defects. It is not often you get such a clear win-win scenario.
Dan Cornell's picture
Being able to properly defend applications requires organizations to first identify their attack surfaces before meaningful risk management can take place.
Marie Hattar's picture
When done successfully, continuous testing and training prevents bugs and performance issues from going out the door, while enabling developers to better spot problems in the future.
Jack Danahy's picture
It seems as though competing vendors spend more of their marketing dollars describing the insufficiency of existing solutions than they do explaining the added value that their new advancements bring.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.
Jim Ivers's picture
Medical devices are indeed vulnerable to attack, but the industry is waking up to the breadth of the problems, and several organizations are forming a vanguard to show the way forward.