Security Experts:

More Security Headlines

Amazon was fined 746 million euros ($880 million) by Luxembourg authorities over allegations it flouted the EU's data protection rules. [Read More]
The agency published a new infosheet detailing steps required to mitigate the security risks associated with Wi-Fi, Bluetooth, and NFC connections in public. [Read More]
Several critical vulnerabilities found in a Swisslog Healthcare pneumatic tube system used in a majority of North American hospitals can be highly useful for ransomware attacks. [Read More]
Zoom has agreed to settle a class-action US privacy lawsuit for $85 million. [Read More]
The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts some of the most prominent federal prosecutors’ offices around the country last year, the Department of Justice said. [Read More]
The malware uses screen recording and keylogging to harvest users’ login credentials for banking applications and crypto-wallets. [Read More]
Russia’s APT29 is still actively delivering the WellMess malware, which it used in attacks aimed at COVID-19 vaccine makers, despite the fact that the malware was exposed by Western governments. [Read More]
Focused on high-profile victims, the Chinese-speaking adversary uses a formerly unknown Windows kernel-mode rootkit and does not appear to be linked to known threat actors. [Read More]
Developers need to improve their security by design, but have little incentive to do so while faced with the business pressure to increase the speed of development. [Read More]
A high-severity security hole could allow an attacker to upload a file titled info.php.png that would be executable on certain configurations. [Read More]

SecurityWeek Experts

rss icon

Yaniv Vardi's picture
Wherever you are on your industrial cybersecurity journey, the important thing is to start strengthening cyber defenses and resilience now.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Tim Bandos's picture
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
Gordon Lawson's picture
ICS operators need additional methods of obscuring their critical infrastructure from cyber security threats and tactics while allowing teams to more anonymously conduct incident detection and response.
John Maddison's picture
Trying to keep track of the who, what, when, where, and how of today’s network has broken the backs of many SecOps teams.
Torsten George's picture
Until organizations start implementing identity-centric security measures, account compromise attacks will continue to provide an easy entree for data breaches.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Marc Solomon's picture
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Landon Winkelvoss's picture
Executive protection teams face threats from many sources including social media, telephone, email, and event in-person physical threats.