Threat detection and response

Just as malicious actors' threats and attack techniques evolve, so too must enterprise threat detection and response tools and procedures. From real-time monitoring and network forensics to IDS/IPS, NDR and XDR, SIEM and SOAR, read up on detection and response tools, systems and services.

Top Stories

News 03 Feb 2025
NSFocus: DeepSeek AI hit with 'well planned' DDoS attacks

Cybersecurity vendor NSFocus said AI startup DeepSeek endured multiple waves of DDoS attacks from attackers since its reasoning model was released Jan. 20. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Jan 2025
German police disrupt Cracked, Nulled cybercrime forums

Cracked and Nulled had a combined community of approximately 10 million users who used the sites to discuss cybercrime and sell malware and hacking tools. Continue Reading
By
- Alexander Culafi, Senior News Writer

Definition 12 Aug 2022
What is Domain-based Message Authentication, Reporting and Conformance (DMARC)?

The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol is one leg of the tripod of internet protocols that support email authentication methods. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
News 11 Aug 2022
Google researchers dissect Android spyware, zero days

Researchers with Google's Threat Analysis Group say the ecosystem of surveillance vendors is far larger than just NSO Group, and some vendors are sharing or trading exploits. Continue Reading
By
- Shaun Nichols
Feature 11 Aug 2022
What is data security? The ultimate guide

Dig into the essentials of data security, from must-have tools, technologies and processes to best practices for keeping data safe. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
News 10 Aug 2022
Industroyer2: How Ukraine avoided another blackout attack

A Black Hat 2022 session explained how the latest attack on Ukraine's energy grid was thwarted this spring, thanks to quick responses and timely sharing of threat data. Continue Reading
By
- Rob Wright, Senior News Director
News 08 Aug 2022
U.S. sanctions another cryptocurrency mixer in Tornado Cash

The U.S. Treasury Department issued sanctions against Tornado Cash, a cryptocurrency mixer accused of helping North Korea's Lazarus Group launder stolen funds. Continue Reading
By
- Shaun Nichols
News 08 Aug 2022
VMware: The threat of lateral movement is growing

The majority of incident response professionals surveyed for VMware's 'Global Incident Response Threat Report' observed lateral movement in at least some attacks in the past year. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Aug 2022
Amazon CSO Steve Schmidt talks prescriptive security for AWS

In part two of this Q&A, Amazon CSO Steve Schmidt discusses why AWS has taken a more prescriptive approach to customer security and how it influences areas like incident response. Continue Reading
By
- Arielle Waldman, News Writer
- Rob Wright, Senior News Director
News 02 Aug 2022
New Microsoft tools aim to protect expanding attack surface

New security concerns have arisen around initial attack vectors and visibility into a broader attack surface as companies have moved to the cloud, according to Microsoft. Continue Reading
By
- Arielle Waldman, News Writer
Tip 01 Aug 2022
Top 10 UEBA enterprise use cases

The top user and entity behavior analytics use cases fall in cybersecurity, network and data center operations, management and business operations. Check out the risks. Continue Reading
By
- John Burke, Nemertes Research
News 29 Jul 2022
Coveware: Median ransom payments dropped 51% in Q2

Coveware hypothesized that large enterprises are making themselves more expensive targets for ransomware gangs and refusing to give into high demands. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Jul 2022
AWS adds Kubernetes security tie-ins amid SecOps tool sprawl

Amazon Detective pulls Kubernetes security data into a broader threat detection and CSPM context as IT pros at large orgs seek integrated multi-cloud security workflows. Continue Reading
By
- Beth Pariseau, Senior News Writer
Feature 28 Jul 2022
How to develop a data breach response plan: 5 steps

A data breach response plan outlines how a business will react to a breach. Follow these five steps, and use our free template to develop your organization's plan. Continue Reading
By
- Rob Shapland
News 28 Jul 2022
How Zoom security incident response survived the pandemic

March 2020's influx of users meant the video conferencing company had to massively scale its incident response operation and the observability infrastructure that fed it, and fast. Continue Reading
By
- Beth Pariseau, Senior News Writer
Definition 27 Jul 2022
stack overflow

A stack overflow is a type of buffer overflow error that occurs when a computer program tries to use more memory space in the call stack than has been allocated to that stack. Continue Reading
By
- Robert Sheldon
Definition 27 Jul 2022
data breach

A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an unauthorized fashion. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Katie Terrell Hanna
- Kevin Ferguson
News 26 Jul 2022
CrowdStrike launches cloud threat hunting service

Launched at AWS re:Inforce 2022, CrowdStrike's Falcon OverWatch Cloud Threat Hunting is a standalone threat hunting service built to stop advanced threats from within the cloud. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 22 Jul 2022
insider threat

An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Katie Terrell Hanna
- Brien Posey
News 21 Jul 2022
NCC Group observes a drop in ransomware attacks -- for now

Changes in top ransomware-as-a-service groups like LockBit 2.0 and Conti accounted for the decline in activity, though NCC Group anticipates attacks will ramp back up. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Jul 2022
SynSaber: Only 41% of ICS vulnerabilities require attention

The industrial cybersecurity vendor analyzed 681 ICS vulnerabilities that were disclosed this year and found many had a low probability of exploitation. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jul 2022
DOJ report warns of escalating cybercrime, 'blended' threats

The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading
By
- Shaun Nichols
Definition 20 Jul 2022
network packet

A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a packet-switched network, such as the internet. Continue Reading
By
- Kinza Yasar, Technical Writer
- Andrew Zola
Feature 20 Jul 2022
VMDR: Inside vulnerability management, detection and response

VMDR offers automated asset identification, threat prioritization and patch management. But do companies need another vulnerability management tool? Continue Reading
By
- Kyle Johnson, Technology Editor
News 20 Jul 2022
Sophos launches cross-operational task force X-Ops

The Sophos X-Ops team aims to create an AI-assisted security operations center using the cybersecurity vendor's research and threat response teams. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 19 Jul 2022
Cyber-war game case study: Preparing for a ransomware attack

In this real-world cyber-war game case study, an exercise on ransomware preparedness helped a company discover shortcomings in its incident response plan. Continue Reading
By
- Johna Till Johnson, Nemertes Research
News 15 Jul 2022
Cryptocurrency mixer activity reaches new heights in 2022

Chainalysis observed a stark uptick in April that led to a steady decline in May and June, but illicit addresses and DeFi platforms have kept mixers busy so far this year. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 15 Jul 2022
Risk & Repeat: Ransomware in 2022 so far

This podcast episode discusses ransomware in 2022, including an apparent decrease in attacks, the evolution of cybercrime operations and the lack of visibility into the threat. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 15 Jul 2022
Pen testing vs. vulnerability scanning: What’s the difference?

Confused by the differences between pen tests and vulnerability scans? You're not alone. Learn the key differences between the two and when each should be used. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 14 Jul 2022
Cryptocurrency crash triggers crisis for dark web exchanges

Cybersixgill says dark web exchanges that help cybercriminals launder their funds are facing a crisis as users are cashing out amid a cryptocurrency price crash. Continue Reading
By
- Shaun Nichols
News 14 Jul 2022
Catalogic adds to ransomware detection trend with GuardMode

Catalogic has joined the ranks of data backup vendors that are providing ransomware detection and recovery tools to the backup admin. Continue Reading
By
- Nicole Laskowski, Senior News Director
News 13 Jul 2022
Researcher develops Hive ransomware decryption tool

Despite being only a year old, Hive ransomware has grown into a prominent ransomware-as-a-service operator. The decryptor tackles Hive's newer, better-encrypted version. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Jul 2022
Supreme Court justices doxxed on dark web

Five conservative Supreme Court justices were reportedly doxxed by threat actors that claim to have obtained credit card numbers, addresses and other information. Continue Reading
By
- Shaun Nichols
News 07 Jul 2022
Early detection crucial in stopping BEC scams

Cofense Intelligence studied hundreds of business email compromise attacks and found that most scams attempt to establish trust with targeted employees over multiple emails. Continue Reading
By
- Shaun Nichols
News 07 Jul 2022
Public sector still facing ransomware attacks amid decline

While ransomware activity has reportedly decreased worldwide in recent months, several public sector organizations in the U.S. suffered attacks in June. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 05 Jul 2022
Ransomware in 2022: Evolving threats, slow progress

Experts say trends involving new forms of leverage, increasing numbers of affiliates and the evolving cyber insurance market are shaping the ransomware landscape in 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Jun 2022
SANS Institute: Human error remains the top security issue

The SANS Institute's annual report on security awareness found that human risk is still the biggest source of data breaches and security issues for enterprises. Continue Reading
By
- Shaun Nichols
News 28 Jun 2022
Ransomware gangs using Log4Shell to attack VMware instances

Ransomware groups are exploiting the Log4Shell flaw in VMware Horizon and using DLL sideloading techniques to exfiltrate and encrypt data, according to Trend Micro. Continue Reading
By
- Shaun Nichols
News 24 Jun 2022
Researchers criticize Oracle's vulnerability disclosure process

While the critical flaws were reported in April, it took the vendor nearly half a year to issue patches, exceeding the standard responsible coordinated disclosure policy. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Jun 2022
Chinese HUI Loader malware ups the ante on espionage attacks

A state-sponsored piece of malware may become a favorite weapon for Beijing-backed hacking crews looking to lift intellectual property from foreign firms. Continue Reading
By
- Shaun Nichols
News 22 Jun 2022
Ongoing PowerShell security threats prompt a call to action

Although PowerShell poses an ongoing risk to enterprise security as a post-exploitation tool, authorities strongly advise against disabling it completely. Continue Reading
By
- Arielle Waldman, News Writer
Feature 22 Jun 2022
Publicly disclosed U.S. ransomware attacks database

Each day SearchSecurity looks for every publicly available instance of a ransomware attack in the U.S. and compiles this data into a list to keep readers updated on recent threats. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Podcast 16 Jun 2022
Risk & Repeat: Recapping RSA Conference 2022

This Risk & Repeat episode discusses RSA Conference 2022 and major themes, such as the evolving ransomware landscape and the government's strategy to address nation-state threats. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Jun 2022
Critical Atlassian Confluence flaw remains under attack

Researchers say a critical flaw in the Atlassian Confluence Data Center and Server is now being used to spread ransomware in the wild, making updates a top priority. Continue Reading
By
- Shaun Nichols
News 14 Jun 2022
How Russian sanctions may be helping US cybersecurity

Federal government officials say Russian sanctions decreased cyber attacks on the U.S. over the past few months but could potentially lead to significant threats down the road. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 09 Jun 2022
Rob Joyce: China represents biggest long-term cyberthreat

NSA director of cybersecurity Rob Joyce spoke at RSA Conference 2022 about the cyberthreat landscape for nation-state attacks from Russia and China. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 09 Jun 2022
Mandiant: Cyberextortion schemes increasing pressure to pay

At RSA Conference 2022, Mandiant executives discussed how attackers are pulling out all the stops to pressure victims to pay, from DDoS attacks to harassing victims' customers. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Jun 2022
SANS lists bad backups, cloud abuse as top cyberthreats

A panel of experts from the SANS Institute took the stage at RSA Conference 2022 to weigh in on some of the biggest threats and risks facing security teams. Continue Reading
By
- Shaun Nichols
News 08 Jun 2022
CISA director promotes collaboration and trust at RSAC 2022

Jen Easterly said there's growing momentum for stronger collaboration and communication between government agencies like CISA and private-sector cybersecurity companies. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Jun 2022
Cisco Talos: Destructive malware, supply chain attacks rising

At RSA Conference 2022, Cisco Talos discussed how adversaries have evolved and changed their tactics, leading to major shifts in the threat landscape. Continue Reading
By
- Arielle Waldman, News Writer
News 07 Jun 2022
Ransomware Task Force calls for better incident reporting

Michael Phillips, co-chair of the Ransomware Task Force and chief claims officer at Resilience, pointed to a 'data gap' that prohibits a complete picture of the ransomware problem. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Jun 2022
Cybereason: Paying ransoms leads to more ransomware attacks

Cybereason found that the majority of organizations that pay threat actors to decrypt data are attacked again -- usually within a month and at the hands of the same attackers. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Jun 2022
Major DDoS attacks increasing after invasion of Ukraine

DDoS attacks are a growing threat to both government and commercial entities across the globe, as Russia's invasion of Ukraine has increased the rate of attacks in 2022. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 02 Jun 2022
VMware launches 'threat intelligence cloud' Contexa

The Contexa threat intelligence service is integrated into all VMware security products and will be available to all new and existing customers at no additional cost. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 01 Jun 2022
How ransomware kill chains help detect attacks

Reconstructing cyber attacks is a key step in incident response. Learn how ransomware kill chains can help security teams detect and mitigate the consequences of an attack. Continue Reading
By
- Isabella Harford, TechTarget
Feature 01 Jun 2022
How to improve cyber attack detection using social media

Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how. Continue Reading
By
- Isabella Harford, TechTarget
- Packt Publishing
Feature 01 Jun 2022
How to design architecture for enterprise wireless security

Learn about a five-phase design methodology that will help your company plan for and create an enterprise wireless security architecture. Continue Reading
By
- Kyle Johnson, Technology Editor
- Wiley Publishing
Tip 31 May 2022
How to get started with multi-cloud threat hunting

More clouds mean a bigger attack surface. It also complicates how companies can accurately hunt for potential threats. But there are steps to take that can reduce the risk. Continue Reading
By
- Ed Moyle, SecurityCurve
News 26 May 2022
U.S. Senate report calls out lack of ransomware reporting

The Senate Committee on Homeland Security published a report that points to a lack of ransomware reporting as a major issue in defending the U.S. from cyber attacks. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Tip 25 May 2022
Prepare for deepfake phishing attacks in the enterprise

Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 24 May 2022
Developers targeted by poisoned Python library

A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances. Continue Reading
By
- Shaun Nichols
News 19 May 2022
QNAP devices hit by DeadBolt ransomware again

DeadBolt ransomware is once again targeting QNAP's NAS devices, and the vendor is urging customers to patch immediately. Continue Reading
By
- Arielle Waldman, News Writer
Tip 19 May 2022
How to conduct a cyber-war gaming exercise

A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
By
- Johna Till Johnson, Nemertes Research
News 19 May 2022
Small businesses under fire from password stealers

Kaspersky researchers tracked notable increases in password-stealing Trojans, RDP attacks and other cyberthreats against small businesses in various countries. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 17 May 2022
Cardiologist charged with creating Thanos, Jigsaw ransomware

Moises Luis Zagala Gonzalez, 55, faces up to five years in prison for each of the two charges connected to his alleged role in creating Thanos and Jigsaw ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 16 May 2022
How cryptocurrencies enable attackers and defenders

Threat actors use cryptocurrencies for their anonymity, but they're not as impenetrable as once thought. Discover how cryptocurrencies can help attackers and defenders alike. Continue Reading
By
- Josh Davies
News 16 May 2022
Critical bug in Zyxel firewalls, VPNs exploited in the wild

Initially discovered by Rapid7, the vulnerability poses a critical risk to enterprise networks and could allow attackers to gain remote access to Zyxel security products. Continue Reading
By
- Arielle Waldman, News Writer
News 12 May 2022
Iranian APT Cobalt Mirage launching ransomware attacks

Secureworks researchers said a new Iranian state-sponsored threat group is melding government and financial interests by targeting U.S. organizations with ransomware attacks. Continue Reading
By
- Shaun Nichols
News 12 May 2022
Vendors, governments make ransomware decryptors more common

Ransomware decryption tools are increasingly common today, thanks to cybersecurity vendors and law enforcement agencies working on cracking past and present ransomware threats. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 10 May 2022
New clues point to REvil ransomware gang's return

New research from Secureworks' Counter Threat Unit provides further evidence that the REvil ransomware group, once thought to be defunct, is indeed back on the scene. Continue Reading
By
- Shaun Nichols
News 10 May 2022
US, EU attribute Viasat hack to Russia

The U.S. and U.K. governments, along with the EU, confirmed the suspicions around the attack that disrupted satellite services for customers in Ukraine as Russia invaded the country. Continue Reading
By
- Arielle Waldman, News Writer
Definition 10 May 2022
Top 10 spyware threats

The top 10 spyware list describes the 10 common spyware threats behind famous spyware attacks and is frequently identified by Webroot's Spy Audit, a free spyware scanner tool. Continue Reading
By
- Andrew Zola
News 09 May 2022
Victims of Horizon Actuarial data breach exceed 1M

Five months after the data breach was discovered, the number of Horizon Actuarial Services customers and individuals affected by the attack has climbed significantly. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 09 May 2022
US offers $10M bounty for Conti ransomware information

The bounty follows a recent Conti ransomware attack that Costa Rica suffered in April. The country's new president, Rodrigo Chaves, declared a national emergency Sunday. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 09 May 2022
parameter tampering

Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization. Continue Reading
By
- Rahul Awati
News 06 May 2022
Cryptocurrency mixer sanctioned over Lazarus Group ties

North Korea's Lazarus Group is accused of stealing more than $600 million in the Axie Infinity hack and laundering a chunk through the Blender.io mixing service. Continue Reading
By
- Shaun Nichols
News 05 May 2022
SentinelOne finds high-severity flaws in Avast, AVG

The Avast and AVG vulnerabilities, which have been patched, went undiscovered for 10 years and potentially impact millions of devices, according to SentinelOne. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 May 2022
Coveware: Double-extortion ransomware attacks fell in Q1

Coveware said double-extortion ransomware may be replaced with 'big shame ransomware,' in which an attacker threatens to leak sensitive data without encrypting it. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 04 May 2022
SYN flood attack

A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. Continue Reading
By
- Ben Lutkevich, Site Editor
News 04 May 2022
Winnti threat group rides again with IP theft campaign

A Chinese cyberespionage campaign, dubbed 'Operation CuckooBees' by Cybereason, went unnoticed for years as spies siphoned off intellectual property from companies. Continue Reading
By
- Shaun Nichols
News 03 May 2022
Trend Micro discovers AvosLocker can disable antivirus software

AvosLocker operators are using legitimate tools and previously disclosed vulnerabilities to disable antivirus software and evade detection on infected machines. Continue Reading
By
- Arielle Waldman, News Writer
News 03 May 2022
April ransomware attacks slam US universities

April's ransomware attacks were highlighted by several universities and colleges in the U.S. reporting attacks, plus a possible data breach at one of the world's largest beverage companies. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 02 May 2022
Cyberespionage group exploiting network and IoT blind spots

Researchers with Mandiant have uncovered a new espionage-focused hacking operation that takes advantage of IoT and networking gear that security tools don't cover. Continue Reading
By
- Shaun Nichols
Feature 02 May 2022
Do phishing simulations work? Sometimes

Phishing simulations are becoming increasingly popular to pinpoint which employees fall victim to scams, but their effectiveness and morality have been called into question. Continue Reading
By
- Isabella Harford, TechTarget
News 28 Apr 2022
Lapsus$ targeting SharePoint, VPNs and virtual machines

From social engineering attacks to admin tools, a recent NCC Group report examined the tactics used by Lapsus$ to breach companies like Microsoft, Nvidia and Samsung. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 28 Apr 2022
Check Point: Ransomware attacks lasted 9.9 days in 2021

Check Point Research and Kovrr found ransomware attack victims paid out 89% of the ransom demand on average in 2019. The figure dropped to 27% in 2020 before rising to 49% in 2021. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 28 Apr 2022
Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
By
- Isabella Harford, TechTarget
- No Starch Press
Feature 28 Apr 2022
Tips for using a threat profile to prevent nation-state attacks

Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading
By
- Isabella Harford, TechTarget
Feature 27 Apr 2022
How to conduct Linux privilege escalations

Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
News 27 Apr 2022
Five Eyes reveals 15 most exploited vulnerabilities of 2021

Law enforcement agencies from five countries share the top flaws they've observed being exploited this year, some of which were disclosed as early as 2018. Continue Reading
By
- Arielle Waldman, News Writer
News 27 Apr 2022
REvil ransomware attacks resume, but operators are unknown

The notorious REvil ransomware gang appears to be up and running once more, as new attacks and malware samples have been observed, but it's unclear who is behind the operation. Continue Reading
By
- Shaun Nichols
News 27 Apr 2022
Sophos: 66% of organizations hit by ransomware in 2021

Forty-four percent of organizations surveyed by Sophos said they used multiple approaches to recover data following a ransomware attack, including paying ransoms and using backups. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 27 Apr 2022
Best practices for creating an insider threat program

A thorough insider threat program includes plan preparation, threat assessment, and plan review and renewal. Learn how to implement this three-step model to protect your company. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 26 Apr 2022
HYCU Protege updates focus on ransomware recovery

HYCU sharpens its emphasis on WORM storage with more support and 'cloud dedupe.' The ransomware-focused product updates follow the recent release of a ransomware assessment tool. Continue Reading
By
- Paul Crocetti, Executive Editor
News 21 Apr 2022
Zero-day vulnerability exploitation soaring, experts say

Researchers with Mandiant and Google Project Zero say they observed significant increases in exploitation of zero-day vulnerabilities over the past year. Continue Reading
By
- Shaun Nichols
News 21 Apr 2022
FBI warns of 'timed' ransomware attacks on agriculture sector

In a recent alert, the FBI warned that food and agriculture businesses could become a target of ransomware attacks at the sector's busiest times of the year. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 20 Apr 2022
U.S. warns of 'increased' threats from Russian hacking groups

The U.S. government and its Five Eyes intelligence partners issued a joint advisory warning of the dangers posed by both state-sponsored hackers and cybercriminal crews in Russia. Continue Reading
By
- Shaun Nichols
News 20 Apr 2022
BlackCat emerges as one of the top ransomware threats

After several notable ransomware attacks against major enterprises, the BlackCat gang is drawing the attention of security researchers who have connected it to other groups. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 18 Apr 2022
Pegasus spyware discovered on U.K. government networks

Citizen Lab confirmed it spotted the notorious spyware running on systems within the U.K. prime minister's office, and it believes the United Arab Emirates is to blame. Continue Reading
By
- Shaun Nichols
News 18 Apr 2022
Attack on Beanstalk Farms results in $182M loss

High payouts and security weaknesses make cryptocurrency a growing target, which was highlighted even further in the latest attack involving virtual currency and a DeFi platform. Continue Reading
By
- Arielle Waldman, News Writer
News 15 Apr 2022
Corvus: Ransomware costs, ransom payments declining

Cyber insurance provider Corvus examined how the cost of ransomware attacks declined over the past year and a half and what it means for different industries moving forward. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Opinion 14 Apr 2022
Making sense of conflicting third-party security assessments

Third-party security assessments from different sources may not always agree, but that doesn't mean they can be ignored. Learn how Mitre ATT&CK can provide perspective. Continue Reading
By
- Dave Gruber, Principal Analyst