2,322 articles · page 41 of 47
BOLSTER, Thursday, May 11,2023
Lookalike domains are fraudulent domains that mimic legitimate ones in order to trick users into divulging sensitive information or downloading malware. These domains can be used for phishing attacks, domain name spoofing, and other malicious activities.
more →
Solutions Review, Wednesday, May 10,2023
Today's attackers have become increasingly elusive by generally just using stolen credentials or looking for misconfigured systems. With the evolving nature of the cyber landscape, they are taking advantage of the current geopolitical climate to exploit new areas of business operations.
more →
Security Boulevard, Wednesday, May 10,2023
The rapidly evolving cyber threat landscape demands constant vigilance from organizations seeking to protect their digital assets.
more →
SearchSecurity, Wednesday, May 10,2023
Organizations can use these SBOM tools to help secure their software supply chain by understanding the components of their deployed software and applications.
more →
ReversingLabs, Wednesday, May 10,2023
In this ConversingLabs Cafe interview, Josh Corman, founder of I Am The Cavalry, talks about what's behind industry skepticism around software bills of materials.
more →
HelpNet Security, Wednesday, May 10,2023
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos.
more →
Cloud Native Now, Wednesday, May 10,2023
Container vulnerability scanning is a critical part of container security. It involves inspecting container images and their components to identify potential security issues, weaknesses or vulnerabilities.
more →
Search Security, Tuesday, May 9,2023
Hypervisor security is the process of ensuring the hypervisor -- software that enables virtualization -- is secure throughout its lifecycle. Common security practices for hypervisors include limiting users in a local system, reducing attack surfaces and keeping systems updated.
more → flare, Tuesday, May 9,2023
Keeping up with cybersecurity news is a challenge. From newly discovered vulnerabilities to new attack methodologies, you live a life of 'need to know' when ability to find is difficult. As a security professional, knowing is more than half the battle.
more →
CloudTech, Tuesday, May 9,2023
Duncan is an award-winning editor with more than 20 years experience in journalism. Having launched his tech journalism career as editor of Arabian Computer News in Dubai, he has since edited an array of tech and digital marketing publications, including Computer Business Review, TechWeekEurope, Figaro Digital, Digit and Marketing Gazette.
more →
AWS News, Tuesday, May 9,2023
Security teams rely on threat intelligence like a ship's captain relies on a lighthouse. The information enables them to see new risks and steer clear of known threats. While threat intelligence provides benefits, many security teams struggle to use it effectively.
more →
Ckick Armor, Friday, May 5,2023
Security culture is the key to protecting your business from phishing and social engineering attacks. Without it, implementing successful training and having prepared employees is nearly impossible.
more →
LeaksID, Friday, May 5,2023
In today's digital age, the risk of insider threats has become increasingly common. Insider threats can be actions taken by employees, contractors, or partners who intentionally or unintentionally compromise the confidentiality, integrity, or availability of sensitive information.
more →
CXOtoday.com, Thursday, May 4,2023
Twitter co-founder and chief executive officer (CEO) Jack Dorsey has stepped down from his position, ending his nearly 16-year stint with the social media giant. The company's Board has unanimously appointed Twitter's chief technology officer (CTO) Parag Agrawal as his successor.
more →
DARKReading, Thursday, May 4,2023
Almost everyone is connected to the internet in some form, and while the internet is a wonderful opportunity - full of offerings for people from all walks of life, it's more important than ever for us to be #CyberFit and smart about cyber protection.
more → DTEX, Thursday, May 4,2023
According to the Ponemon Institute's 2022 Cost of Insider Threats Global study, the overall number of insider threat incidents jumped by 44% in the past two years, with non-malicious insiders driving 56% of incidents that cost organizations an average of $484,931 per incident.
more →
Fortra, Thursday, May 4,2023
Those words were spoken by the US National Security Advisor way back in 2005, and it is remarkable to see how prescient they were. The economy is not only supported by the cyber world, but that world is entirely data driven. Data has become a primary focus, not just for regulatory fodder, but for business survival.
more →
DARKReading, Wednesday, May 3,2023
Malicious packages are hard to avoid and hard to detect - unless you know what to look for.
more →
Guardrails, Wednesday, May 3,2023
No one said being a Chief Information Security Officer (CISO) was an easy job. There are numerous concerns competing for attention from CISOs that keep them busy. One of the more pressing concerns pertains to meeting regulatory requirements for application security compliance.
more →
Radware, Wednesday, May 3,2023
Cybersecurity staff and skills shortages have been consistent trends over the past few years. According to the (ISC2) 2022 Cybersecurity Workforce Study, the 2022 global cybersecurity workforce gap stood at 3.4 million people, an increase of 26.2% from 2021. This means that not only are cybersecurity staff shortages continuing, but they are getting worse and impacting organizations' ability to fight cyberattacks.
more →
VentureBeat, Tuesday, May 2,2023
Application security provider Data Theorem, announced the release of a new report in partnership with TechTarget's Enterprise Strategy Group (ESG). ESG surveyed 397 respondents on cloud-native applications and API security and found that 92% of organizations experienced at least one API-related security incident in the last 12 months.
more →
The Register, Tuesday, May 2,2023
The Open Web Application Security Project (OWASP) is an online community that was established on September 9, 2001, by Mark Curphey, a cybersecurity expert, with the objective of mitigating cyber attacks.
more → Search Security, Tuesday, May 2,2023
Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function. It provides the server and the client each with a private key that is known only to that specific server and client, providing a more secure means of encrypting data than a simple Message Authentication Code (MAC).
more → DTEX, Tuesday, May 2,2023
Companies worldwide spend billions of dollars on endpoint data loss prevention (DLP) technology, hoping it will protect intellectual property. In theory, it's a good idea. There's just one problem: it doesn't work.
more → Fortra, Tuesday, May 2,2023
Think of all the different points within your organization that provide access to information. That could be your website, the mobile version of your application, your Slack instance, and so much more. It's a list that gets very long, very quickly.
more → CSO Online, Tuesday, May 2,2023
Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.
more →
The Register, Monday, May 1,2023
Security posture management gets its due at RSA
more →
ITProToday, Thursday, April 27,2023
There are a lot of things that can go wrong with DevSecOps that practitioners should be aware of and avoid.
more →
DARKReading, Thursday, April 27,2023
SEO-aided attacks, developer targeting, and malicious use of AI top the list for 2023
more → Cloud Security Alliance (CSA), Thursday, April 27,2023
This position paper provides analysis across four dimensions: How it can benefit cybersecurity, how it can benefit malicious attackers, how ChatGPT might be attacked directly, and guidelines for responsible usage
more →
Forrester, Thursday, April 27,2023
Over the last year, I've been scared of two things. Our research teams have been planning and publishing a ton of research around Zero Trust, and since we're analysts, new terminology, and comorbid acronyms, have emerged.
more →
DARKReading, Thursday, April 27,2023
CISOs who have survived major cyber incidents recommend letting company ethos guide incident response.
more → CSO Online, Thursday, April 27,2023
Adversarial AI, ChatGPT-powered social engineering, and paid advertising attacks are among the most dangerous emerging attack methods, according to SANS Institute analysts.
more → Fortra, Wednesday, April 26,2023
A Comprehensive Guide to Understanding WAFs: How it Works, Types, and Security Models
more → SearchSecurity, Wednesday, April 26,2023
Organizations in every industry can be targets of cybercrime for profit. Get expert advice on ransomware prevention, detection and recovery in our comprehensive guide.
more → DARKReading, Wednesday, April 26,2023
The Data Security Maturity Model ditches application, network, and device silos when it comes to architecting a data security strategy.
more → HelpNet Security, Wednesday, April 26,2023
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos.
more → Security Boulevard, Tuesday, April 25,2023
If you are part of an app and security team, or work with sensitive data, especially those in the tech industries, or have a global consumer base, then GDPR compliance needs to be on your radar.
more → Security Intelligence, Tuesday, April 25,2023
Data breaches are a risk that every business has to prepare for. To mitigate potential risks like the loss of sensitive information, financial impact and reputational damage, organizations need to take a proactive approach to protect their data and comply with industry regulations.
more →
Enterprise Storage Forum, Tuesday, April 25,2023
When it comes to ensuring the security of your network, performing regular vulnerability scans is essential. This is the process of combing through the network for weaknesses, gaps, or loopholes in the network's software code or architecture.
more →
SearchSecurity, Tuesday, April 25,2023
Enterprises are struggling to keep up as adversary groups improve tactics. But one of the most difficult groups to defend against, according to Google and Mandiant, was a surprise.
more → SearchSecurity, Tuesday, April 25,2023
Author and chief risk officer Rich Seiersen talks about the challenges of securing cloud-native applications and how to use metrics to improve their effectiveness.
more → Security Boulevard, Tuesday, April 25,2023
While CISOs and other security leaders have never been blessed with unlimited budgets, many have recently felt the pinch as companies work to weather recent economic constraints.
more → Help Net Security, Monday, April 24,2023
Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new technology that simplifies their lives, according to 1Password.
more → RiskLens, Monday, April 24,2023
This comprehensive resource guide was compiled for cybersecurity leaders who want to secure or improve their budgets through the rest of this year and next.
more →
Help Net Security, Monday, April 24,2023
Ransomware operators have been increasingly launching frequent attacks, demanding higher ransoms, and publicly exposing victims, leading to the emergence of an ecosystem that involves access brokers, ransomware service providers, insurance providers, and ransom negotiators, according to Deepwatch.
more → Security Boulevard, Monday, April 24,2023
The Payment Card Industry Data Security Standard (PCI DSS) is a widely recognized set of security standards that organizations must comply with when handling credit card information.
more → The Enterprisers Project, Monday, April 24,2023
Thinking about an AI strategy for your organization? Here are 6 real-world examples of how this powerful technology can boost business.
more →
VentureBeat, April 22nd, 2023
Since its launch in November 2022, ChatGPT, an artificial intelligence (AI) chatbot, has been causing quite a stir because of the software's surprisingly human and accurate responses.
more → DARKReading, April 21st, 2023
Software written or acquired outside of IT's purview is software that IT can't evaluate for security or compliance.
more →