Threat detection and response

Just as malicious actors' threats and attack techniques evolve, so too must enterprise threat detection and response tools and procedures. From real-time monitoring and network forensics to IDS/IPS, NDR and XDR, SIEM and SOAR, read up on detection and response tools, systems and services.

Top Stories

News 03 Feb 2025
NSFocus: DeepSeek AI hit with 'well planned' DDoS attacks

Cybersecurity vendor NSFocus said AI startup DeepSeek endured multiple waves of DDoS attacks from attackers since its reasoning model was released Jan. 20. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Jan 2025
German police disrupt Cracked, Nulled cybercrime forums

Cracked and Nulled had a combined community of approximately 10 million users who used the sites to discuss cybercrime and sell malware and hacking tools. Continue Reading
By
- Alexander Culafi, Senior News Writer

News 29 Mar 2023
Google: Spyware vendors exploiting iOS, Android zero days

Recent campaigns observed by Google's Threat Analysis Group showed spyware vendors' use of zero days and known vulnerabilities pose an increasing threat. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Mar 2023
Microsoft launches AI-powered Security Copilot

Microsoft Security Copilot is an AI assistant for infosec professionals that combines OpenAI's GPT-4 technology with the software giant's own cybersecurity-trained model. Continue Reading
By
- Rob Wright, Senior News Director
Feature 28 Mar 2023
Publicly disclosed U.S. ransomware attacks in 2023

TechTarget Editorial's ransomware database collects public disclosures, notifications and confirmed reports of attacks against U.S. organizations each month. Continue Reading
By
- Rob Wright, Senior News Director
Tip 28 Mar 2023
Compare breach and attack simulation vs. penetration testing

A deep dive into breach and attack simulation vs. penetration testing shows both tools prevent perimeter and data breaches. Find out how they complement each other. Continue Reading
By
- Rob Shapland
Definition 23 Mar 2023
forensic image

A forensic image (forensic copy) is a bit-by-bit, sector-by-sector direct copy of a physical storage device, including all files, folders and unallocated, free and slack space. Continue Reading
By
- Paul Kirvan
News 22 Mar 2023
Cyber insurance carriers expanding role in incident response

While cyber insurance has its benefits, infosec professionals expressed concern that carriers have too much influence over incident response decisions, especially with ransomware. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Mar 2023
ZenGo finds transaction simulation flaw in Coinbase, others

Referred to as a 'red pill attack,' ZenGo researchers discovered a way to exploit smart contracts and bypass security features known as transaction simulation solutions. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 21 Mar 2023
4 ChatGPT cybersecurity benefits for the enterprise

As OpenAI technology matures, ChatGPT could help close cybersecurity's talent gap and alleviate its rampant burnout problem. Learn about these and other potential benefits. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
Definition 20 Mar 2023
packet filtering

Packet filtering is the process of passing or blocking data packets at a network interface by a firewall based on source and destination addresses, ports or protocols. Continue Reading
By
- Gavin Wright
News 17 Mar 2023
Google warns users of Samsung Exynos zero-day vulnerabilities

To prevent threat actors from exploiting the unpatched attack vectors, Google Project Zero made an exception for four Exynos chipset flaws by extending its disclosure timeline. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 09 Mar 2023
Why enterprise SecOps strategies must include XDR and MDR

Adopting extended detection and response and employing managed detection and response services may be the missing pieces of the SOC modernization puzzle. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 09 Mar 2023
Flashpoint: Threat vectors converging, increasing damage

The threat intelligence vendor warned that threat actors are increasingly combining known vulnerabilities, stolen credentials and exposed data to wreak maximum damage. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Mar 2023
Vishing attacks increasing, but AI's role still unclear

The volume of vishing attacks continues to rise. But threat researchers say it's difficult to attribute such threats to artificial intelligence tools and deepfake technology. Continue Reading
By
- Alexis Zacharakos, Student Co-op
News 06 Mar 2023
Police raids target 'core' DoppelPaymer ransomware members

A coordinated law enforcement effort last week resulted in raids and arrest warrants against 'core members' of the infamous DoppelPaymer ransomware group. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Feb 2023
Rapid7: Attackers exploiting vulnerabilities 'faster than ever'

Rapid7's 2022 Vulnerability Intelligence Report analyzed how attackers' increasing speed in deploying exploits affected an onset of widespread threats in 2022. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Feb 2023
Bitdefender releases decryptor for MortalKombat ransomware

MortalKombat ransomware was first spotted in January, but Bitdefender has already cracked the new variant and released a free decryptor to help victims recover data. Continue Reading
By
- Rob Wright, Senior News Director
News 22 Feb 2023
Exploitation attempts observed against Fortinet FortiNAC flaw

Hours after Horizon3.ai released a proof of concept exploit through GitHub, Shadowserver Foundation observed several IP addresses attempting to exploit the vulnerability. Continue Reading
By
- Arielle Waldman, News Writer
News 22 Feb 2023
IBM: Ransomware defenders showing signs of improvement

According to IBM X-Force's Threat Intelligence Index report, a smaller percentage of threat actors executed a ransomware attack after gaining access in 2022 than in 2021. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 16 Feb 2023
No relief in sight for ransomware attacks on hospitals

Despite being off limits for some hackers, hospitals continue to be lucrative targets for ransomware groups because of their valuable data and higher rate of paying ransoms. Continue Reading
By
- Alexis Zacharakos, Student Co-op
News 15 Feb 2023
Cisco Talos spots new MortalKombat ransomware attacks

Researchers discovered the threat campaign is also using a new GO version of malware called Laplas Clipper to steal cryptocurrency from individuals and businesses in the U.S. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
U.S., U.K. hit TrickBot cybercrime gang with sanctions

TrickBot malware has caused considerable damage to U.S. organizations, particularly in the healthcare industry, and was used in Conti and Ryuk ransomware attacks. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 08 Feb 2023
ESXiArgs ransomware campaign raises concerns, questions

This Risk & Repeat podcast looks at the widespread ESXiArgs ransomware attacks and the questions they've raised about the threat landscape, vulnerability patching and more. Continue Reading
By
- Rob Wright, Senior News Director
Definition 03 Feb 2023
passive reconnaissance

Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the systems. Continue Reading
By
- Robert Sheldon
Tutorial 01 Feb 2023
How to use BeEF, the Browser Exploitation Framework

The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks. Continue Reading
By
- Ed Moyle, SecurityCurve
Podcast 31 Jan 2023
Risk & Repeat: The FBI's Hive ransomware takedown

This podcast episode discusses the law enforcement operation that led to the infiltration and takedown of the Hive network and what it could mean for other ransomware gangs. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Jan 2023
Schools don't pay, but ransomware attacks still increasing

Ransomware gangs have increasingly focused their attacks on the K-12 education sector, even though most school districts do not pay the ransom. But how long will that last? Continue Reading
By
- Alexis Zacharakos, Student Co-op
News 26 Jan 2023
FBI hacked into Hive ransomware gang, disrupted operations

The FBI infiltrated Hive's network in July 2022 and obtained decryption keys, which it distributed to victims to prevent $130 million in ransom payments, according to the DOJ. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Jan 2023
ChatGPT could boost phishing scams

The conversational AI tool could make it hard to detect attackers due to how conversant and grammatically correct it is. A way to combat that is to create a detector. Continue Reading
By
- Esther Shittu, News Writer
Tip 25 Jan 2023
How cyber deception technology strengthens enterprise security

They say the best defense is a good offense. Cyber deception puts that philosophy into practice in the enterprise, using a combination of technology and social engineering. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Tip 25 Jan 2023
Centralized services as a hedge against shadow IT's escalation

Proliferation of cloud, AI and integration tools has increased the deployment security risks of shadow IT and the need to centralize business functions and share support services. Continue Reading
By
- George Lawton
Opinion 20 Jan 2023
6 cybersecurity buzzwords to know in 2023

Enterprise Strategy Group research indicates many organizations will increase cybersecurity spending in 2023, and with that comes an evolving set of vendor buzzwords to sort out. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 19 Jan 2023
Building a shared services organization structure

Amid the shifting economic climate and new reality of hybrid workforces, there's no better time for companies to consolidate business functions and centralize support services. Continue Reading
By
- George Lawton
News 12 Jan 2023
Windows zero day patched but exploitation activity unclear

Avast threat researchers detected exploitation of a Windows zero-day flaw in the wild, and organizations are being urged to patch the flaw immediately. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Jan 2023
Vulnerable software, low incident reporting raises risks

Beneath the buzz around tech innovations at CES were discussions about cybersecurity and how to prevent the next generation of tech from being just as vulnerable as the last. Continue Reading
By
- Bridget Botelho, Editorial Director, News
News 10 Jan 2023
BitSight, Schneider Electric partner to quantify OT risk

The new partnership aims to provide organizations with increased visibility and risk detection capabilities for operational technology environments and critical infrastructure. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 10 Jan 2023
Risk & Repeat: Analyzing the Rackspace ransomware attack

This Risk & Repeat podcast episode discusses new details of the Rackspace ransomware attack, as well as the questions remaining following the company's final status update. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 Jan 2023
Rackspace: Ransomware actor accessed 27 customers' data

Rackspace said Personal Storage Tables of 27 customers were accessed in the attack last month, but added there was no evidence threat actors viewed, obtained or misused the data. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 28 Dec 2022
Understanding current XDR elements and options

What do existing extended detection and response products provide? Learn about EDR+, SIEM+ and Comprehensive options, which all provide varying levels of XDR. Continue Reading
By
- Josh Davies
Tip 27 Dec 2022
How to prevent and mitigate process injection

Process injection is a defense evasion technique that helps attackers hide from enterprise security systems. Learn how it works and how to mitigate it. Continue Reading
By
- Rob Shapland
News 21 Dec 2022
Play ransomware actors bypass ProxyNotShell mitigations

CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Continue Reading
By
- Arielle Waldman, News Writer
Tip 21 Dec 2022
How to use Microsoft Sentinel with Office 365 to find risks

The security product attempts to ferret out threats that originate from apps and services then assists the enterprise with an automatic response to head off trouble. Continue Reading
By
- Liam Cleary, SharePlicity
News 20 Dec 2022
NCC Group: Ransomware attacks increased 41% in November

In addition to a month full of unexpected trends in both threat group activity and targeted sectors, NCC Group warned organizations to be aware of an increase in DDoS attacks. Continue Reading
By
- Arielle Waldman, News Writer
Feature 19 Dec 2022
11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By
- Kyle Johnson, Technology Editor
News 09 Dec 2022
Claroty unveils web application firewall bypassing technique

Claroty's attack technique bypasses web application firewalls, or WAFs, by tricking those that can't detect JSON as part of their SQL injection detection process. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Dec 2022
Vice Society ransomware 'persistent threat' to education sector

New research from Palo Alto Networks supports recent government warnings that Vice Society poses an increased risk to K-12 schools and higher education. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 02 Dec 2022
XDR definitions don't matter, outcomes do

Despite remaining confusion about what XDR is, security teams need to improve threat detection and response. ESG research revealed plans for increased XDR spending in 2023. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Opinion 02 Dec 2022
7 steps to implementing a successful XDR strategy

There's still confusion around what extended detection and response is, but it will play a key role in enterprise security. To successfully implement XDR, follow these steps. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 01 Dec 2022
Archive files become preferred format for malware delivery

The team at HP Wolf Security found that cybercriminals are using archive files as the preferred method for spreading malware, beating Microsoft Office for the first time. Continue Reading
By
- Shaun Nichols
News 30 Nov 2022
Lockbit 3.0 has BlackMatter ransomware code, wormable traits

LockBit 3.0 or 'LockBit Black' includes anti-debugging capabilities, the ability to delete Volume Shadow Copy files and the potential ability to self-spread via legitimate tools. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 22 Nov 2022
Google's new YARA rules fight malicious Cobalt Strike use

Google's YARA rules detect cracked versions of Cobalt Strike's older releases so that legitimate instances of the red teaming tool, which use the latest version, aren't targeted. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 Nov 2022
Magecart malware menaces Magento merchants

Sansec researchers say as many as 38% of commercial customers running the Adobe Commerce and Magento platforms could be infected with Magecart's TrojanOrders malware. Continue Reading
By
- Shaun Nichols
Tip 17 Nov 2022
Industrial control system security needs ICS threat intelligence

Threat actors and nation-states constantly try to find ways to attack all-important industrial control systems. Organizations need specialized ICS threat intelligence to fight back. Continue Reading
By
- Michael Cobb
News 17 Nov 2022
CISA: Iranian APT actors compromised federal network

CISA said Iranian nation-state actors exploited Log4Shell flaws on an unpatched VMware Horizon server before deploying a cryptominer and attempting to gain persistent access. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 17 Nov 2022
Top Kali Linux tools and how to use them

Learning to use Kali Linux is a journey, the first step of which is discovering which of the hundreds of cybersecurity tools included are most relevant to the task at hand. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 17 Nov 2022
LockBit ransomware activity nose-dived in October

LockBit, the most prolific ransomware group in 2022, had itself a down month as GuidePoint Security researchers reported a 49% decrease in its infections for October. Continue Reading
By
- Shaun Nichols
Tip 16 Nov 2022
How Wireshark OUI lookup boosts network security

Learn why using Wireshark OUI lookup for tracking devices by their network interface's organizationally unique identifier is such an important tool for security pros. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 14 Nov 2022
Moreno Valley school system shores up ransomware defenses

Moreno Valley Unified School District officials discuss the steps they've taken to better protect sensitive data and critical applications against the growing threat of ransomware. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Nov 2022
DOJ charges accused Lockbit ransomware actor

The U.S. Department of Justice filed criminal charges against a Canadian man with dual Russian citizenship who is accused of being part of the LockBit ransomware crew. Continue Reading
By
- Shaun Nichols
News 07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing

Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Nov 2022
Yanluowang ransomware gang goes dark after leaks

The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks. Continue Reading
By
- Shaun Nichols
News 02 Nov 2022
U.S. Treasury: Ransomware attacks increased in 2021

A new report from the U.S. Treasury's Financial Crimes Enforcement Network showed an increase in businesses reporting ransomware attacks in the second half of 2021. Continue Reading
By
- Shaun Nichols
Tip 01 Nov 2022
Where do business continuity plans fit in a ransomware attack?

Recovery isn't the only priority when ransomware hits. Careful planning, training and coordination among IT teams are critical to maintain business continuity during an attack. Continue Reading
By
- Paul Kirvan
Tip 31 Oct 2022
Why and how to use container malware scanning software

Malware is on the rise, and containers are potential attack vectors. Learn why it's crucial to check containers for vulnerabilities and compare container malware scanning tools. Continue Reading
By
- Joydip Kanjilal
News 26 Oct 2022
Ukraine: Russian cyber attacks aimless and opportunistic

Victor Zhora, a key Ukrainian cybersecurity official, says Russia is acting with "no particular strategy" in its cyber attacks on his country as their military invasion drags on. Continue Reading
By
- Shaun Nichols
News 26 Oct 2022
Cisco, CISA warn 2 AnyConnect flaws are under attack

CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Oct 2022
CISA warns of ransomware attacks on healthcare providers

A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
By
- Shaun Nichols
News 21 Oct 2022
BlackByte ransomware using custom data exfiltration tool

Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools. Continue Reading
By
- Shaun Nichols
News 20 Oct 2022
Brazil arrests alleged Lapsus$ hacker

Federal police in Brazil arrested a person accused of being a key member of the Lapsus$ hacking group on charges related to the takedown of government websites. Continue Reading
By
- Shaun Nichols
News 19 Oct 2022
Mandiant launches Breach Analytics for Google's Chronicle

Mandiant Breach Analytics for Google Cloud's Chronicle marks a new product launch from the security giant after its acquisition by Google was completed last month. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022

LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
By
- Shaun Nichols
Feature 13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By
- Kyle Johnson, Technology Editor
News 05 Oct 2022
APTs compromised defense contractor with Impacket tools

A CISA alert warned that APT actors compromised a defense contractor's Microsoft Exchange server and used Impacket, an open source Python toolkit, to move laterally in the network. Continue Reading
By
- Arielle Waldman, News Writer
News 05 Oct 2022
Ransomware attacks ravage schools, municipal governments

Attacks disclosed in September revealed that K-12 schools, universities and local governments continued to suffer at the hands of gangs such as Vice Society and BlackCat/Alphv. Continue Reading
By
- Rob Wright, Senior News Director
News 04 Oct 2022
Secureworks finds network intruders see little resistance

A report from Secureworks found that in many network intrusions, the attackers only need to employ basic, unsophisticated measures to evade detection. Continue Reading
By
- Shaun Nichols
News 03 Oct 2022
Intermittent encryption attacks: Who's at risk?

Threat analysts have observed some ransomware gangs using a new technique that only partially encrypts victims' files, which could evade some ransomware defenses. Continue Reading
By
- Shaun Nichols
News 29 Sep 2022
Cobalt Strike malware campaign targets job seekers

Cisco Talos researchers spotted a new wave of phishing attacks that target job seekers in the U.S. and New Zealand, infecting them with Cobalt Strike beacons. Continue Reading
By
- Shaun Nichols
News 29 Sep 2022
Mandiant spots new malware targeting VMware ESXi hypervisors

Mandiant researchers said the backdoors were installed with a novel technique that used malicious vSphere Installation Bundles, though it's unclear how initial access was achieved. Continue Reading
By
- Rob Wright, Senior News Director
Tip 29 Sep 2022
The 5 principles of zero-trust security

Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Tip 26 Sep 2022
Does AI-powered malware exist in the wild? Not yet

AI sending out malware attacks may invoke images of movielike, futuristic technology, but it may not be too far from reality. Read up on the future of AI-powered malware. Continue Reading
By
- Isabella Harford, TechTarget
News 23 Sep 2022
Malicious NPM package discovered in supply chain attack

Threat actors are circulating a look-alike version of the Material Tailwind NPM package to infect developers for supply chain malware attacks, according to ReversingLabs. Continue Reading
By
- Shaun Nichols
Podcast 23 Sep 2022
Risk & Repeat: Uber and Rockstar Games hacked

This podcast episode discusses recent hacks against Uber and Rockstar Games, the techniques of the attackers and the possible connection to the Lapsus$ cybercrime group. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Sep 2022
Cybercriminals launching more MFA bypass attacks

New research from Okta shows that cybercrime groups have stepped up their attacks on multifactor authentication systems in an effort to thwart account security measures. Continue Reading
By
- Shaun Nichols
News 19 Sep 2022
Uber says Lapsus$ hackers behind network breach

Uber said a hacker from the Lapsus$ group used stolen credentials from a contractor to gain access to several important silos within its internal network. Continue Reading
By
- Shaun Nichols
Tip 16 Sep 2022
Discover the benefits and challenges of bug bounty programs

Bug bounty programs have a number of benefits and challenges. Before adopting such a program at your organization, read up on the pros and cons to decide if it would be a good fit. Continue Reading
By
- Rob Shapland
News 16 Sep 2022
DOJ drops report on cryptocurrency crime efforts

The U.S. Department of Justice issued a report to President Biden on its various enforcement efforts around cybercrime and digital currency, as well as looming challenges. Continue Reading
By
- Shaun Nichols
Guest Post 16 Sep 2022
How SOCs can identify the threat actors behind the threats

Learn how SOC teams can track threat actors by understanding the factors that influence an attack, such as the type of infrastructure used or commonly targeted victims. Continue Reading
By
- Josh Davies
News 15 Sep 2022
Webworm retools old RATs for new cyberespionage threat

Symantec's Threat Hunter Team uncovered a new cyberespionage campaign run by a threat group named Webworm, which uses customized versions of old remote access Trojans. Continue Reading
By
- Shaun Nichols
News 14 Sep 2022
U.S. drops the hammer on Iranian ransomware outfit

The departments of Justice and the Treasury announced criminal charges and sanctions against a group of Iranian nationals accused of running an international ransomware operation. Continue Reading
By
- Shaun Nichols
News 08 Sep 2022
LockBit gang leads the way for ransomware

New research from Malwarebytes shows LockBit is far and away the most prolific ransomware gang, with hundreds of confirmed attacks across the globe in recent months. Continue Reading
By
- Shaun Nichols
News 08 Sep 2022
Cisco Talos traps new Lazarus Group RAT

The North Korean-backed Lazarus Group has deployed a new type of remote access Trojan that has already been turned against foreign government networks and private energy companies. Continue Reading
By
- Shaun Nichols
News 06 Sep 2022
Ransomware hits Los Angeles Unified School District

The second-largest public school system in the U.S. confirmed a ransomware attack caused districtwide disruption to various services over the holiday weekend. Continue Reading
By
- Arielle Waldman, News Writer
Tip 01 Sep 2022
Cybersecurity budget breakdown and best practices

Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 25 Aug 2022
Ransomware defies seasonal trends with increase

The return and rebranding of major crews saw the volume of ransomware attacks in July jump 47%, defying seasonal trends, according to researchers at NCC Group. Continue Reading
By
- Shaun Nichols
Tutorial 25 Aug 2022
How to build a vulnerability scanner with PowerShell

What do you do if there's a zero-day threatening your organization? When you need to act fast, use PowerShell to uncover vulnerabilities hiding in your environment. Continue Reading
By
- Liam Cleary, SharePlicity
Tip 25 Aug 2022
How SPF records prevent email spoofing, phishing and spam

Forged email has long been used by hackers to break into protected systems. Learn how the Sender Policy Framework protocol helps stop spoofing, phishing and other malicious mail. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Tip 24 Aug 2022
5 key questions to evaluate cloud detection and response

Consider these five questions before deciding to invest in a specialized cloud detection and response product. Continue Reading
By
- Ed Moyle, SecurityCurve
News 18 Aug 2022
Russian cyber attacks on Ukraine driven by government groups

Researchers with Trustwave say the cyber attacks against Ukraine are not the work of enlisted private hacking groups but Russian government intelligence agencies. Continue Reading
By
- Shaun Nichols
News 17 Aug 2022
Google patches yet another Chrome zero-day vulnerability

Google issued an update Wednesday to address a potentially serious security vulnerability in its Chrome browser, and the company urged users to patch their browsers immediately. Continue Reading
By
- Shaun Nichols
Podcast 17 Aug 2022
Risk & Repeat: Black Hat 2022 recap

This Risk & Repeat podcast episode discusses the Black Hat 2022 conference in Las Vegas and the notable sessions, major themes and hot topics from the show. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 17 Aug 2022
How to create a threat profile, with template

Read five key steps on how to create a threat profile, and get started making them customized to your organization with our free template. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity