Top IT Security Bloggers

  • Apple issues security patches for… just about everything

    Graham Cluley
    If you have a piece of Apple technology in your house or office, chances are that it's time you updated it.
    Read more in my article on the We Live Security blog.
  • Heartbleed is not dead. And isn't likely to be any time soon

    Graham Cluley
    The people who cared about fixing their systems against the Heartbleed vulnerability did it long ago. The others simply don't give a damn.
  • Bug allowed attackers to delete ANY Facebook video they chose

    Graham Cluley
    Facebook has patched a vulnerability that attackers could have abused to delete any user's video off the social media platform.
    David Bisson reports.
  • Get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily

    Graham Cluley
    Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!
    Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web.
    And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators - helping you use threat intelligence to help make better decisions quickly and easily.
    Which means that you will be able to benefit from a daily update of the following:

    Information Security Headlines: Top trending news stories.
    Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
    Top Hackers: Organizations and people recognized as hackers by Recorded Future.
    Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research ("reverse engineering," "proof of concept") to malicious exploitation ("exploited in the wild," "weaponized").
    Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.

    Infosec professionals agree that the Cyber Daily is an essential tool:
    "I look forward to the Cyber Daily update email every morning to start my day. It's timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions." - Tom Doyle, CIO at EBI Consulting.
    So, what are you waiting for?
    Sign up for the Cyber Daily today, and starting tomorrow you'll receive the top trending threat indicators.

    If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
  • Many Organizations Still Opt for “Good Enough” Cybersecurity

    Network World - Networking Nuggets and Security Snippets
    Late last year, ESG published a research report titled, Through the Eyes of Cyber Security Professionals, in collaboration with the Information Systems Security Association (ISSA).  As part of this report, 437 cybersecurity professionals and ISSA members were asked if they’d experienced a number of types of security incidents.  The research revealed that:
    39% of organizations experienced one or several security incidents resulting in the need to reimage one or several endpoints or servers.
    27% of organizations experienced one or several incidents of ransomware.
    20% of organizations experienced one or several incidents resulting in the disruption of a business application.
    19% of organizations experienced one or several incidents resulting in the disruption of a business process.

    It should be noted that between 23% and 30% of the survey population responded “don’t know” or “prefer not to say” when asked about different types of security incidents so the percentages represented above are likely much higher.To read this article in full or to leave a comment, please click here
  • Greenbug cyberespionage group targeting Middle East, possible links to Shamoon

    Symantec Security Response Blogs
    Greenbug may answer the question of how Shamoon obtains the stolen credentials needed to carry out its disk-wiping attacks.

    Twitter Card Style: 

    Symantec is currently investigating reports of yet another new attack in the Middle East involving the destructive disk-wiping malware used by the Shamoon group (W32.Disttrack, W32.Disttrack.B).

    Click to Tweet: 

    Is there a link between Greenbug and the disk-wiping Shamoon attacks?

    Click to Tweet Acct: 


    read more
  • Israeli soldiers duped into installing malware via fake Facebook profiles

    Sophos - Naked Security
    Hamas used one of the oldest tricks in the social engineering book to dupe IDF soldiers
  • Twitter hack sees New York Times warn of Russian missile strike against USA

    Graham Cluley
    Vladimir Putin is planning a missile strike on the United States?
    Hold your horses, it's the latest example of a newspaper having one of its Twitter accounts hacked.
  • Monday review – the hot 31 stories of the week

    Sophos - Naked Security
    From the sysadmin sued for wiping school's Gmail login to the end of Patch Tuesday to Trump's new cybersecurity advisor, and much more!

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place