Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Tampa Bay, FL-based security awareness and simulated phishing firm KnowBe4 has acquired Oslo, Norway-based security culture measurement company CLTRe for an undisclosed sum. [Read More]
As organizations migrate to Microsoft Office 365 and other cloud services, many fail to use proper configurations that ensure good security practices. [Read More]
A memory corruption vulnerability recently found in Linux Kernel’s implementation of RDS over TCP could lead to privilege escalation. [Read More]
TeamViewer confirms it was hacked in 2016 -- likely by Chinese cyberspies -- but the company decided not to make the breach public as it found no evidence that it affected users. [Read More]
Hackers had access to Stack Overflow systems for nearly a week before the attack was detected and some user data was exposed after all. [Read More]
The number of hacktivist attacks that resulted in quantifiable damage has declined by 95 percent since 2015, according to IBM. [Read More]
A recently patched vulnerability in the Slack desktop application for Windows can be exploited to steal and manipulate files. [Read More]
Tenable this week announced Nessus Essentials, an expanded version of its free vulnerability assessment solution previously known as Nessus Home. [Read More]
The wormable Windows RDS vulnerability patched recently by Microsoft (CVE-2019-0708), including in Windows XP and Server 2003, poses a serious risk to industrial environments. [Read More]
Stack Overflow, the popular Q&A platform for programmers, said hackers gained access to production systems over the weekend. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Ashley Arbuckle's picture
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Torsten George's picture
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Marc Solomon's picture
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.
Siggi Stefnisson's picture
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Torsten George's picture
Application Programming Interfaces (APIs) provide hackers with multiple venues to access an organization’s data and can even be used to cause massive business disruptions.