Security Experts:

More Security Headlines

KindleDrip exploit chain could have allowed an attacker to take complete control of a Kindle e-reader simply by knowing the targeted user’s email address. [Read More]
A researcher has released a functional PoC exploit for a SAP Solution Manager vulnerability patched in March 2020. [Read More]
The multi-stage, tag-based malicious ad campaign is heavily obfuscated and employs clever tricks to avoid detection. [Read More]
Cisco announces the official release and general availability of Snort 3, seven years after the alpha version was unveiled. [Read More]
Oracle patches hundreds of vulnerabilities with the January 2021 CPU, including 50 flaws rated critical severity. [Read More]
Ransomware attacks took a heavy toll on the United States last year with more than 2,000 victims in government, education and health care, security researchers say in a new report. [Read More]
The first Chrome release of 2021 also helps users quickly identify weak passwords and take action. [Read More]
New Linux malware creates a botnet of infected devices to launch distributed denial of service or crypto-mining attacks. [Read More]
Malwarebytes said it was targeted by the state-sponsored threat actor that breached SolarWinds. [Read More]
DNSpooq is the name given to 7 Dnsmasq vulnerabilities that could expose millions of devices to DNS cache poisoning, remote code execution and DoS attacks. [Read More]

SecurityWeek Experts

rss icon

AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Yaniv Vardi's picture
The change we encountered in 2020 was unprecedented and had a dramatic impact on our operational technology (OT) environments – accelerating and sometimes recasting how we address the following four key areas.
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
Joshua Goldfarb's picture
For any fraud detection solution to be practical, it must be easily integrated into security and fraud operations.
Laurence Pitt's picture
In the world of information security, it’s hard to flip between internet browser tabs without hearing a new term, and one of the biggest in 2020 was Secure Access Service Edge (SASE).
Torsten George's picture
While the SolarWinds hack is not the first supply chain attack to make headlines, its sophistication and blast radius is forcing organizations to consider how they can minimize their exposure to these types of threats in the future.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Gunter Ollmann's picture
CISOs and their security teams need to quickly master these technologies if they’re to successfully partner with in-house development teams and secure “data-in-use.”
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
John Maddison's picture
Multi-vendor environments with disparate security solutions that don’t integrate when deployed make it impossible for organizations to securely use the flexible network environments they need to compete effectively.