Security Experts:

More Security Headlines

Microsoft has warned organizations about the risks associated with Boa, a discontinued web server, after hackers exploited it in attacks aimed at a power grid. [Read More]
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]
The Aurora botnet/information stealer is seeing increasing adoption among cybercriminals as it continues to evade detection. [Read More]
CloudSEK warns of thousands of applications leaking Algolia API keys, including tens with hardcoded admin keys, potentially exposing data of millions of users. [Read More]
Researchers discovered more than 13 BMC firmware vulnerabilities, including critical flaws that can expose OT and IoT devices to remote attacks. [Read More]
The Ducktail information stealer has been updated with new capabilities and has adopted new spear-phishing avenues for distribution, such as WhatsApp. [Read More]
Microsoft has released an out-of-band update after learning that the security patch for CVE-2022-37966 started causing Kerberos authentication issues. [Read More]
Some Cisco Secure Email Gateway filters can be bypassed using specially crafted emails, which Cisco says is caused by an issue with McAfee and Sophos malware scanners. [Read More]
GAO says the Department of Interior needs to address the cybersecurity risks that offshore oil and gas infrastructure face. [Read More]
The County of Tehama, California, informs employees, recipients of services, and affiliates of data breach. [Read More]

SecurityWeek Experts

rss icon

Gordon Lawson's picture
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Torsten George's picture
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Galina Antova's picture
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Joshua Goldfarb's picture
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Jeff Orloff's picture
By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Landon Winkelvoss's picture
How organizations can use managed services to optimize their threat intelligence program during an economic downturn.
Torsten George's picture
Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.