Security Experts:

More Security Headlines

Google ships an urgent fix for CVE-2021-37973, a use-after-free security bug in the Portals API that could lead to the execution of arbitrary code. [Read More]
Attacks delivering the Netwire and Warzone (AveMaria) RATs were employing lures themed around India's National Informatics Centre’s Kavach two-factor authentication application. [Read More]
There’s a severe shortage of cybersecurity professionals and not enough financial firepower to compete with federal counterparts, global brands and specialized cybersecurity firms. [Read More]
The European Union on Friday condemned alleged Russian cyber attacks that have targeted Germany in the run up to this weekend's election for Chancellor Angela Merkel's successor. [Read More]
Active since at least 2019, the hacking group is mainly focused on hotels, but also targeted engineering and law firms, and international organizations. [Read More]
Google has observed a new code signing trick being used by a financially motivated threat actor to help its Windows files evade detection. [Read More]
A critical vulnerability patched by SonicWall in its SMA appliances can allow an attacker to disrupt devices or gain administrator access to them. [Read More]
LG is acquiring Israel-based vehicle cybersecurity company Cybellum for roughly $240 million. [Read More]
The document is aimed at helping federal agencies secure their networks through the use of IPv6. [Read More]
The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.” [Read More]

SecurityWeek Experts

rss icon

John Maddison's picture
Organizations considering ZTNA should look for these three essential components as a minimum when evaluating any solution.
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Idan Aharoni's picture
Despite having different infrastructure, goals and methods, threat actors do not work in a vacuum. They feed off of each other.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Tim Bandos's picture
When it comes to ensuring cyber talent retention, establishing the right working environment is critical to keeping people engaged and motivated to stay.
Gordon Lawson's picture
Current cloud deployments pose significant risks that could be mitigated with minor changes to infrastructure procurement and access.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
Jeff Orloff's picture
It’s important to show the effectiveness of training initiatives. Managers want to make sure that they're getting a return on their investment and justify future training budgets requests.
Laurence Pitt's picture
We have had to accelerate into remote and now hybrid working models over the last year and a half. Now that we are getting back to work, there is still much to do as everything moves fast.