Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

Microsoft Open-Sources 'CyberBattleSim' Enterprise Environment Simulator
CISA Releases Tool to Detect Microsoft 365 Compromise
Security Automation Firm Tines Raises $26 Million at $300 Million Valuation
LG Promises Three Years of OS Updates for Premium Android Smartphones
Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits
long dotted

More Security Headlines

Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration
Threat actors are abusing organizations’ reliance on communication services such as Discord and Slack to circumvent network protections and ensure effectiveness of attacks. [Read More]
Cisco Patches Critical Flaw in SD-WAN vManage
Cisco patches a critical vulnerability in an SD-WAN software product but warned that a different high-risk bug in end-of-life small business routers will remain unpatched. [Read More]
Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?
NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. [Read More]
Library Dependencies and the Open Source Supply Chain Nightmare
A new study amplifies a major security concern for open source software supply chain -- managing the hodge-podge of libraries in commercial apps that contain vulnerabilities and are rarely updated. [Read More]
Belden Says Health-Related Information Exposed in Data Breach
Belden shared an update on the data breach disclosed in November 2020 and said health-related information was also exposed. [Read More]
Cring Ransomware Targets Industrial Organizations
Cring ransomware operators exploit an old vulnerability in the FortiOS SSL VPN web portal to access enterprise networks, including the ones of industrial organisations. [Read More]
PHP Developers Share Update on Recent Breach
PHP developers have shared an update on the recent breach and while they no longer believe the Git server was compromised, it’s possible that a user database was leaked. [Read More]
$200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own
Two researchers earned $200,000 on the second day of Pwn2Own 2021 for a Zoom exploit allowing remote code execution without user interaction. [Read More]
Vulnerability in 'Domain Time II' Could Lead to Server, Network Compromise
An unauthenticated update process vulnerability could be abused for the download and execution of malware on servers. [Read More]
Open Source Security Management Firm WhiteSource Raises $75 Million
Open source security management company WhiteSource has raised $75 million in Series D funding. [Read More]

SecurityWeek Experts

rss icon

AJ Nash's picture
What Cybersecurity Policy Changes Should We Expect from the Biden Administration?
AJ Nash - Security Infrastructure
Even if the best strategies and policies are created and uniformly agreed upon across all government and private sector domains, none of that will matter if the talent to execute does not exist.
Read full story
Yaniv Vardi's picture
The Rise of Industrial IoT and How to Mitigate Risk
Yaniv Vardi - ICS/OT
Proactive risk management requires being able to examine and address risk from different yet complementary perspectives to bring context to the overall security of an OT environment.
Read full story
Marc Solomon's picture
Improve Data Utilization to Modernize the SOC
Marc Solomon - Security Infrastructure
Collaboration with teams across the organization to utilize data more efficiently and effectively, dramatically improves detection and response and is critical to achieve enterprise-wide risk management.
Read full story
Torsten George's picture
The Often-Overlooked Element of a Hack: Endpoints
Torsten George - Endpoint Security
Understanding not just the tail end of the cyber-attack kill chain, but also focusing on initial attack vectors like endpoints provides a roadmap for aligning preventive measures with today’s threats.
Read full story
Laurence Pitt's picture
AI is Security's Best Defense
Laurence Pitt - Network Security
Using Machine Learning (ML) with AI means that security tools can be trained to work better with data and the ML system will be able to make recommendations for improvements.
Read full story
John Maddison's picture
The Growing Need for a New Security Platform
John Maddison - Network Security
In today’s highly dynamic environments, integration needs to go beyond just the security elements of a platform.
Read full story
Tim Bandos's picture
5 Things IT Should Ask Managed Security Providers
Tim Bandos - Management & Strategy
While it’d be impossible to dig into all of the requests I’ve received over the years, here are some of the types of requests we’ve received that may make sense for you to ask your own managed security provider.
Read full story
Idan Aharoni's picture
The Case for Taking Down Dark Web Sites
Idan Aharoni - Tracking & Law Enforcement
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.
Read full story
Gunter Ollmann's picture
The Cusp of a Virtual Analyst Revolution
Gunter Ollmann - Incident Response
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Read full story
William Lin's picture
The VC View: Hot Trends in Security After the Pandemic
William Lin - Management & Strategy
“What’s hot right now in security?” is one of the most common questions I hear from CISOs, vendors and VCs alike.
Read full story