Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

US Bans Huawei, ZTE Telecoms Gear Over Security Risk
EU Parliament Website Attacked After MEPs Slam Russian 'Terrorism'
Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse
Cross-Tenant AWS Vulnerability Exposed Account Resources
Facebook Parent Meta Links Influence Campaign to US Military
long dotted

More Security Headlines

Microsoft Warns of Boa Web Server Risks After Hackers Target It in Power Grid Attacks
Microsoft has warned organizations about the risks associated with Boa, a discontinued web server, after hackers exploited it in attacks aimed at a power grid. [Read More]
CISA Updates Infrastructure Resilience Planning Framework
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]
Multi-Purpose Botnet and Infostealer 'Aurora' Rising to Fame
The Aurora botnet/information stealer is seeing increasing adoption among cybercriminals as it continues to evade detection. [Read More]
Leaked Algolia API Keys Exposed Data of Millions of Users
CloudSEK warns of thousands of applications leaking Algolia API keys, including tens with hardcoded admin keys, potentially exposing data of millions of users. [Read More]
BMC Firmware Vulnerabilities Expose OT, IoT Devices to Remote Attacks
Researchers discovered more than 13 BMC firmware vulnerabilities, including critical flaws that can expose OT and IoT devices to remote attacks. [Read More]
Vietnam-Based Ducktail Cybercrime Operation Evolving, Expanding
The Ducktail information stealer has been updated with new capabilities and has adopted new spear-phishing avenues for distribution, such as WhatsApp. [Read More]
Microsoft Releases Out-of-Band Update After Security Patch Causes Kerberos Issues
Microsoft has released an out-of-band update after learning that the security patch for CVE-2022-37966 started causing Kerberos authentication issues. [Read More]
Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue
Some Cisco Secure Email Gateway filters can be bypassed using specially crafted emails, which Cisco says is caused by an issue with McAfee and Sophos malware scanners. [Read More]
US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks
GAO says the Department of Interior needs to address the cybersecurity risks that offshore oil and gas infrastructure face. [Read More]
California County Says Personal Information Compromised in Data Breach
The County of Tehama, California, informs employees, recipients of services, and affiliates of data breach. [Read More]

SecurityWeek Experts

rss icon

Gordon Lawson's picture
Digesting CISA's Cross-Sector Cybersecurity Performance Goals
Gordon Lawson - Compliance
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Read full story
Torsten George's picture
Cyber Resilience: The New Strategy to Cope With Increased Threats
Torsten George - Network Security
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Read full story
Galina Antova's picture
Risk Mitigation Strategies to Close the XIoT Security Gap
Galina Antova - ICS/OT
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Read full story
Marc Solomon's picture
Balancing Security Automation and the Human Element
Marc Solomon - Incident Response
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Read full story
Joshua Goldfarb's picture
Bringing Bots and Fraud to the Boardroom
Joshua Goldfarb - Fraud & Identity Theft
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Read full story
Derek Manky's picture
Offense Gets the Glory, but Defense Wins the Game
Derek Manky - Incident Response
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Read full story
Jeff Orloff's picture
Tailoring Security Training to Specific Kinds of Threats
Jeff Orloff - Training & Certification
By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.
Read full story
Gordon Lawson's picture
How to Prepare for New SEC Cybersecurity Disclosure Requirements
Gordon Lawson - Incident Response
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Read full story
Landon Winkelvoss's picture
Leveraging Managed Services to Optimize Your Threat Intelligence Program During an Economic Downturn
Landon Winkelvoss - Risk Management
How organizations can use managed services to optimize their threat intelligence program during an economic downturn.
Read full story
Torsten George's picture
Cybersecurity Awareness Month: 5 Actionable Tips
Torsten George - Network Security
Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.
Read full story