Security Experts:

More Security Headlines

Microsoft Threat Protection now allows security teams to correlate alerts and automate investigation and response, self-heal assets, and simplify attack indicators. [Read More]
Fortinet has acquired Security Orchestration, Automation and Response (SOAR) platform provider CyberSponse for an undisclosed sum. [Read More]
A credential harvesting campaign has been targeting multiple government procurement services in the United States and abroad, Anomali reveals. [Read More]
Critical infrastructure protection company OPSWAT acquires Network Access Control (NAC) and Software Defined Perimeter (SDP) solutions provider Impulse. [Read More]
FireEye unveils its Cyber Physical Threat Intelligence service, which provides organizations context, data and actionable analysis on threats targeting OT, ICS and IoT systems. [Read More]
Messaging platform WhatsApp announces plans to take legal action against individuals and companies that abuse the platform for bulk messaging. [Read More]
Twitter CEO Jack Dorsey announced that Twitter is "funding a small independent team of up to five open source architects, engineers, and designers to develop an open and decentralized standard for social media." [Read More]
Legislation whose goal is to protect the U.S. energy grid from cyberattacks passed the House this week after being added to the 2020 National Defense Authorization Act (NDAA). [Read More]
Cheyenne Regional Medical Center has added security measures and is informing people whose personal information was exposed due to a data breach earlier this year, hospital officials said. [Read More]
The Siemens SPPA-T3000 distributed control system, which is designed for power plants, is affected by over 50 vulnerabilities, including flaws that can be exploited to disrupt electricity generation. [Read More]

SecurityWeek Experts

rss icon

Laurence Pitt's picture
DDoS attacks are moving away from simply sending out broadcast traffic for massive disruption toward more complex and targeted attacks hitting the application layer of the network that can take down specific applications or services.
Gunter Ollmann's picture
With years of bug bounty programs now behind us, it is interesting to see how the information security sector transformed – or didn’t.
Marie Hattar's picture
There are good and bad ways to make vulnerabilities known. A premature “full disclosure” of a previously unknown issue can unleash the forces of evil, and the “black hats” often move faster than vendors or enterprise IT teams.
John Maddison's picture
To build and maintain a secure cyber presence, the best defense is to start with a security-driven development and networking strategy that builds a hardened digital presence from the ground up.
Joshua Goldfarb's picture
Change may not always be on the docket, but when it is, how can we embrace it, understand it, and work to create a constructive environment around it?
Torsten George's picture
Securing multi-cloud and hybrid environments creates an unfamiliar situation for many organizations, in which they’re unsure of who is responsible for controlling access to and securing the underlying infrastructure.
Craig Harber's picture
Cybersecurity teams need actionable insight into the latest techniques, tactics and procedures being used by attackers and a continuous understanding of their environment and anomalous behavior.
Marc Solomon's picture
Having a platform that serves as a central repository allows you to aggregate internal threat and event data with external threat feeds and normalize that data so that it is in a usable format.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Josh Lefkowitz's picture
The successful execution of each step of the intelligence cycle relies on the successful execution of the step that came before it.