Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

A vulnerability that allows malicious applications to capture screen contents and record audio without a user’s knowledge impacts over 78% of Android devices, researchers claim. [Read More]
GitHub warns developers if their project uses a library that is known to have security flaws [Read More]
Hundreds of Moxa devices similar to the ones targeted in the 2015 Ukraine power grid hack are vulnerable to remote attacks [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
Google makes public details of Chrome OS exploit chain for persistent code execution worth $100,000 [Read More]
Analysis shows that China delays disclosure of known critical vulnerabilities, sometimes to enable their immediate use by APT groups with probable Chinese government affiliation. [Read More]
MuddyWater attacks on Middle Eastern entities are difficult to attribute, despite being analyzed by several security firms [Read More]
Terdot banking Trojan packs information-stealing capabilities that could easily turn it into a cyber-espionage tool [Read More]
Kaspersky shares more details from its investigation into reports that Russian hackers stole NSA data using its software [Read More]
The U.S. government introduced greater transparency into the process by which government agencies decide whether to disclose or stockpile the cyber vulnerabilities they discover. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Jim Ivers's picture
Why are even the most security-conscious organizations being compromised, and what does it mean for everyone else?
David Holmes's picture
DUHK and ROCA are both implementation-specific vulnerabilities concerning one of my favorite topics, random number generators.
Torsten George's picture
The end user community is at the mercy of security researchers to act responsibly in order to limit the potential for their findings to be used for malicious purposes.
Markus Jakobsson's picture
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Scott Simkin's picture
Just as there should be consistency across network, endpoint and cloud security, there should be the same consistency in identification, prevention, policy and enforcement of that policy for IoT security.
Alastair Paterson's picture
With greater awareness about POS system attacks, operations against third-party suppliers, and the vulnerabilities of public or semi-public Wi-Fi networks, companies can do a lot to mitigate risk and ensure safer journeys for travelers.
Jack Danahy's picture
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Josh Lefkowitz's picture
Oil and gas is one of the critical infrastructure sectors that face greater risks and challenges when it comes to security
Jennifer Blatnik's picture
One of the crucial benefits of blockchain is its distributed capabilities, which mean there isn’t one centralized target to hack.
Jim Ivers's picture
Given the observation that consumers still seem oblivious to the risks and the lack of awareness about basic security hygiene, the education push will fall short.