Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

A researcher earned $10,000 from Tesla after discovering a stored XSS vulnerability that could have been exploited to obtain (and possibly modify) vehicle information. [Read More]
Clemson and other universities are working to improve cybersecurity. [Read More]
LaPorte County in Indiana paid a ransom of over $130,000 demanded by cybercriminals who managed to infect its systems with a piece of ransomware. [Read More]
A researcher received $30,000 from Facebook after discovering a vulnerability that could have been exploited to hack Instagram accounts. [Read More]
Hackers can manipulate media files transferred by users via WhatsApp and Telegram due to the way Android allows apps to access files on a device’s external storage. [Read More]
Kevin Townsend analyzes Capgemini's 'Reinventing Cybersecurity with Artificial Intelligence' report. [Read More]
The web server that the Zoom Client installs on Macs can be abused to execute code remotely, security researchers have discovered. [Read More]
The Forum of Incident Response and Security Teams (FIRST) announces CVSS v3.1, which aims to simplify and improve upon CVSS v3.0. [Read More]
United States Conference of Mayors, which represents over 1,400 mayors from cities with a population of at least 30,000, promises not to pay ransomware demands. [Read More]
Apple disabled the Walkie-Talkie app on the Apple Watch after learning of a serious vulnerability that can be exploited to eavesdrop via another user’s iPhone. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Josh Lefkowitz's picture
Regardless of which framework you use, it’s crucial to operationalize it in the context of your organization’s unique environment and risk factors.
Devon Kerr's picture
Devon Kerr explains what happened when a municipality inadvertently deployed a brand-new endpoint protection technology across a small part of their production network.
Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Ashley Arbuckle's picture
By learning from the past there are many steps we can take to strength our approach to security as attackers continue to turn to email to help accomplish their mission.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Torsten George's picture
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Marc Solomon's picture
Recalculating and reevaluating priorities based on a continuous flow of new data, learnings and your risk profile, helps to ensure you’re staying focused on what matters in a highly dynamic environment.
Josh Lefkowitz's picture
Proper evaluation of business risk requires insight into the likelihood that a vulnerability will be exploited, and if exploited, how that vulnerability could impact the company on a macro level.