Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
-
News
14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack
While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
-
News
05 Feb 2020
Threat actors combining data exposure with ransomware attacks
New Cisco Talos research shows an increase in ransomware attacks that double the pressure on victims by threatening them with the exposure of their sensitive data. Continue Reading
-
Feature
03 Feb 2020
CISOs face a range of cybersecurity challenges in 2020
Every company is unique, of course, but certain challenges are widely shared. Learn what security concerns other CISOs and security leaders are focused on in 2020. Continue Reading
- 03 Feb 2020
-
Opinion
03 Feb 2020
Fresh thinking on cybersecurity threats for 2020
It's a good time to take a clear-eyed view of the likely security threats facing your organization. But then what? Experts suggest getting creative with your threat responses. Continue Reading
- E-Zine 03 Feb 2020
-
News
28 Jan 2020
'CacheOut': Researchers unveil new attack on Intel chips
Researchers unveiled a new speculative execution attack that leaks data from most Intel microprocessors and gives attackers greater control over what data is leaked. Continue Reading
-
News
28 Jan 2020
3 Magecart suspects arrested in Interpol operation
Three alleged cybercriminals suspected of being associated with Magecart were arrested in Indonesia via an Interpol-assisted operation called Operation Night Fury. Continue Reading
-
Feature
28 Jan 2020
'Computer Security Fundamentals:' Quantum security to certifications
New topics, from security engineering to quantum computing, are covered in 'Computer Security Fundamentals,' but the book's author suggests readers review some basic topics, too. Continue Reading
-
Tip
27 Jan 2020
Protect against evolving data security threats
As data security threats evolve, knowing how to protect your data is more important than ever. Learn about the latest security threats and how to ward them off. Continue Reading
-
Tip
27 Jan 2020
How does antimalware software work and what are the detection types?
Virus detection techniques used by antimalware tools can be a huge boost to enterprise cybersecurity programs. Learn how antimalware software works and its benefits in this tip. Continue Reading
-
News
24 Jan 2020
Proofpoint: Ransomware payments made in half of U.S. attacks
According to Proofpoint's 2020 'State of the Phish' report, 51% of U.S. organizations surveyed opted to pay threat actors after being hit with a successful ransomware attack. Continue Reading
-
News
08 Jan 2020
Experts weigh in on risk of Iranian cyberattacks against U.S.
Cybersecurity experts weigh in on the risks of potential nation-state cyberattacks from Iran following a DHS warning and heightened tensions between the country and the U.S. Continue Reading
-
News
07 Jan 2020
Pulse Secure VPN vulnerability targeted with ransomware
Threat actors appear to be exploiting vulnerable Pulse Secure VPN servers to hit enterprises with ransomware attacks, even though a patch has been available since April 2019. Continue Reading
-
News
19 Dec 2019
Two attacks on Maze ransomware list confirmed
Another confirmed ransomware attack, this time against Busch's Fresh Food Markets, was added to the Maze gang's ransomware shaming list after the company refused to pay the ransom. Continue Reading
-
News
17 Dec 2019
Maze gang outs ransomware victims in shame campaign
The threat actors behind Maze ransomware started a campaign to pressure victims into paying ransom by publicly listing successful attacks and threatening to leak data. Continue Reading
-
News
16 Dec 2019
Latest city ransomware attack: New Orleans
The city of New Orleans declared a state of emergency as the government tries to get systems back online following a ransomware attack Friday morning. Continue Reading
-
News
10 Dec 2019
Ryuk ransomware change breaks decryption tool
The threat actors behind Ryuk ransomware made changes to their code that have made the official decryption tool unreliable, according to security researchers. Continue Reading
-
News
19 Nov 2019
Louisiana ransomware attack hits government systems
A ransomware attack on Louisiana government systems has been contained, according to Governor John Bel Edwards, and experts are praising the state's response. Continue Reading
-
Feature
19 Nov 2019
Rise in ransomware attacks prompts new prevention priorities
Officials predict that already widespread ransomware attacks will only grow in scale and influence, while urging organizations to act now to guard against them. Continue Reading
-
News
12 Nov 2019
Application Guard to block malicious attachments in Office 365
Microsoft is bringing the Application Guard security container to Office 365 ProPlus this year, which could limit the threat of malicious Office documents for subscribers. Continue Reading
-
News
08 Nov 2019
ConnectWise ransomware attacks affecting Automate customers
ConnectWise warned that ransomware attacks are targeting open ports for its Automate on-premises application, but the company has offered few details about the nature of the attacks. Continue Reading
-
News
07 Nov 2019
Trend Micro insider threat steals, sells customer data
A Trend Micro employee stole and sold customer support data, which was used by a malicious third-party actor to scam consumer customers of the cybersecurity company. Continue Reading
-
Quiz
04 Nov 2019
Test your grasp of AI threats, privacy regulations and more
Test your grasp of current security topics like AI in cybersecurity and what privacy regulations require. Then receive CPE credit by passing this quiz. Continue Reading
-
Opinion
01 Nov 2019
When cyberthreats are nebulous, how can you plan?
Security planning is tough when you're short-staffed and hackers have smart tech too. You'll need solid skills and, most of all, a willingness to use your imagination. Continue Reading
- 01 Nov 2019
- E-Zine 01 Nov 2019
-
News
21 Oct 2019
Malware detection methods struggle to keep up with evolving threats
Experts discuss the increasingly complex methods of malware detection needed when dealing with everything from low-level attackers to advanced persistent threat groups. Continue Reading
-
News
16 Oct 2019
Exposed Docker hosts open the door for cryptojacking
Security researchers discovered a new Docker worm that has been targeting exposed hosts in order to spread cryptojacking malware to other containers. Continue Reading
-
News
08 Oct 2019
Experts expect hospital ransomware attacks to continue
One week after being hit by a ransomware attack, hospitals in Alabama are turning away patients while working on recovery, and experts warn of similar attacks in the future. Continue Reading
-
Podcast
04 Oct 2019
Risk & Repeat: Trump takes aim at DNC hack and CrowdStrike
This week's Risk & Repeat podcast looks at President Trump's recent comments about CrowdStrike and the DNC 'server' and the misinformation around Russian election interference. Continue Reading
-
News
02 Oct 2019
Hospital ransomware attacks lead to patients being turned away
Ransomware attacks hit seven hospitals in Australia and three in Alabama, with the Alabaman hospitals being forced to turn away patients because of the attacks. Continue Reading
-
News
25 Sep 2019
Trump pushes debunked DNC hack conspiracy in call with Ukraine
In a call with the Ukrainian president that is now the focus of an impeachment inquiry, President Trump discussed CrowdStrike and asked for help with finding a 'server.' Continue Reading
-
Tip
23 Sep 2019
How to shore up your third-party risk management program
A third-party risk management program has to go beyond questionnaires and poorly designed policies. Learn what you should do to protect yourself against vendor security flaws and core risks. Continue Reading
-
News
20 Sep 2019
Broken WannaCry variants continuing to spread
Researchers are still seeing surprisingly high WannaCry detection rates and they worry this points to high risks because systems still aren't being patched against threats. Continue Reading
-
News
18 Sep 2019
Global cryptomining attacks use NSA exploits to earn Monero
Security researchers tracked a very active threat group launching cryptomining attacks around the world against organizations in banking, IT services, healthcare and more. Continue Reading
-
Feature
18 Sep 2019
New evasive spear phishing attacks bypass email security measures
Researchers identified a new email security threat: evasive spear phishing attacks, which take months of investigation and social engineering to coordinate. Continue Reading
-
Tip
17 Sep 2019
RPA security best practices include access control, system integration
Robotic process automation can revolutionize enterprise workflows, but if RPA security risks aren't controlled, bots could end up doing more harm than good. Continue Reading
-
News
11 Sep 2019
FBI says $26B lost to business email compromise over last 3 years
On the same day that 281 suspects were arrested in business email compromise stings, the FBI said worldwide losses from BEC attacks reached $26 billion over the last three years. Continue Reading
-
News
05 Sep 2019
Insecure Android provisioning could lead to phishing attacks
Researchers say many -- if not most -- Android smartphones are at risk of SMS-based phishing attacks that trick users into installing malicious OTA provisioning settings. Continue Reading
-
News
05 Sep 2019
Chronicle: Crimeware group takedowns 'increasingly ineffectual'
Law enforcement takedowns of cybercrime operations may not be producing the desired results, according to an extensive, five-year study from Alphabet Inc.'s Chronicle. Continue Reading
-
Answer
21 Aug 2019
The difference between zero-day vulnerability and zero-day exploit
A zero-day vulnerability isn't the same as a zero-day exploit. Learn the difference between these two zero-day terms, as well as why they should be high priority on any CISO's patching list. Continue Reading
-
News
20 Aug 2019
KNOB attack puts all Bluetooth devices at risk
Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to man-in-the-middle attacks and information leaks. Continue Reading
-
News
19 Aug 2019
2020 election security to face same vulnerabilities as in 2016
Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists. Continue Reading
-
News
14 Aug 2019
Microsoft discovers BlueKeep-like flaws in Remote Desktop Services
Microsoft disclosed four remote code execution flaws in Remote Desktop Services that are similar to BlueKeep, as well as other vulnerabilities in RDP. Continue Reading
-
Conference Coverage
14 Aug 2019
Latest news from the Black Hat 2019 conference
Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics. Continue Reading
-
News
09 Aug 2019
ICS security threats rising, targeting oil and gas facilities
In its latest report on industrial control system threats, Dragos said it believes the first major 'destructive' ICS attack will likely occur at an oil and gas facility. Continue Reading
-
News
08 Aug 2019
Check Point finds RDP vulnerability jeopardizes Microsoft's Hyper-V
Check Point revealed research at Black Hat that showed a previously disclosed vulnerability in Microsoft's remote desktop protocol affects the company's virtualization platform. Continue Reading
-
Feature
05 Aug 2019
5 email security appliance comparison criteria to consider
Identifying the best email security appliance on the market can be hard. This article discusses the criteria to consider when choosing one for your organization. Continue Reading
-
News
01 Aug 2019
SafeBreach launches new platform to prioritize, mitigate security gaps
SafeBreach has launched SafeBreach GRID, a breach and attack simulation application that helps security teams decide which security gaps to address first. Continue Reading
-
News
31 Jul 2019
Project Zero drops six iOS vulnerabilities ahead of Black Hat
Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction. Continue Reading
-
Feature
26 Jul 2019
Quantum computers mean cryptography needs to change, and soon
As quantum computing gains momentum with practical quantum computers due to come online as early as next year, concerns about post-quantum cryptography are pushed to the forefront. Continue Reading
-
News
25 Jul 2019
Immunity selling new BlueKeep exploit, defends decision
Immunity CEO Dave Aitel defended his company's decision to sell a full RCE BlueKeep exploit as part of a pen testing tool, saying the exploit is necessary to demonstrate risk. Continue Reading
-
News
23 Jul 2019
Slide deck brings BlueKeep exploit closer to the wild
After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch. Continue Reading
-
News
18 Jul 2019
New ransomware threat takes GandCrab's place
Researchers released GandCrab master decryption keys, and in the wake of GandCrab's shutdown, a new ransomware threat -- called Sodin or Sodinokibi -- has emerged. Continue Reading
-
Feature
18 Jul 2019
5 best practices to choose the right email security software
Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise. Continue Reading
-
Feature
10 Jul 2019
How does an island hopping attack work?
Hackers know better than to directly attack a well-defended target; learn how they use island hopping attack strategies to elude defenders -- and how best to repel them. Continue Reading
-
Opinion
08 Jul 2019
Who's to blame for ransomware attacks -- beyond the attackers?
Cyberattackers are to blame for ransomware attacks, but what about companies that release flawed software or don't install patches? Our expert looks at where the buck stops. Continue Reading
-
Tip
08 Jul 2019
Office 365 security challenges and how to solve them
To understand the Office 365 threat landscape, take stock of the application features and programs available based on the organization's license level of the subscription. Continue Reading
-
News
03 Jul 2019
U.S. Cybercom warns Outlook vulnerability under attack
U.S. Cybercom issued an alert about active exploitation of a 2-year-old Microsoft Outlook flaw, and experts say an Iranian threat group is behind the attacks. Continue Reading
-
News
02 Jul 2019
Phishing-as-a-service threats abusing cloud services
According to new research, phishing kit providers are increasingly using popular cloud services to host their malicious links in an effort to conceal them from detection. Continue Reading
-
Tip
28 Jun 2019
How to beef up Office 365 email security features
Companies looking to fortify their Office 365 email security can assess options from a variety of third-party vendors. Find out which features are the most important. Continue Reading
-
News
28 Jun 2019
AI-enabled malware is coming, Malwarebytes warns
AI-driven threats may not be here yet, but a new report from Malwarebytes predicts they will be here soon and could potentially change the cybersecurity game for good. Continue Reading
-
News
26 Jun 2019
Stellar Cyber launches Starlight 3.1 for AI threat detection
Stellar Cyber, a security analytics vendor, launched Starlight 3.1 as its first unified security analytics platform, using AI and machine learning to detect and thwart attacks. Continue Reading
-
News
24 Jun 2019
DHS warns of increased Iranian cyberattacks on enterprises
The cyberthreat warning from Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, follows escalating tension between Iran and the U.S. Continue Reading
-
Tip
24 Jun 2019
4 steps to critical infrastructure protection readiness
Government and private industry share responsibility for critical infrastructure and key resources protection. Follow four steps to understand and know who you're gonna call to protect CIKR. Continue Reading
-
News
18 Jun 2019
GandCrab decryption tool helps victims recover data
The No More Ransom initiative released one last GandCrab decryption tool to help victims recover data after the ransomware was allegedly shut down by its authors. Continue Reading
-
News
14 Jun 2019
Dragos: Xenotime threat group targeting U.S. electric companies
Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions. Continue Reading
-
News
13 Jun 2019
RAMBleed: New Rowhammer attack can steal data from memory
Security researchers developed a Rowhammer attack variant, called RAMBleed, that can steal data from memory and works even if systems are patched against Rowhammer. Continue Reading
-
Answer
13 Jun 2019
What is subdomain takeover and why does it matter?
Subdomain takeover exposure can happen when cloud-hosted web services are incompletely decommissioned, but configuration best practices can reduce the risks. Continue Reading
-
News
12 Jun 2019
Election security threats increasing pressure on state governments
As local and state governments continue to tackle the evolving threat landscape, experts share tips on how to improve security posture and highlight the resources available for help. Continue Reading
-
News
10 Jun 2019
Google: Triada backdoors were pre-installed on Android devices
Google detailed the discovery and process of removing Triada malware after a supply chain attack led to backdoors being preinstalled on budget phones in overseas markets. Continue Reading
-
Answer
10 Jun 2019
What is MTA-STS and how will it improve email security?
Discover how the MTA-STS specification will improve email security by encrypting messages and enabling secure, authenticated email transfers between SMTP servers. Continue Reading
-
News
06 Jun 2019
NSA issues BlueKeep warning as new PoC exploit demos
The NSA issued a rare warning for users to patch against the BlueKeep vulnerability on the same day a security researcher demoed an exploit leading to a full system takeover. Continue Reading
-
News
04 Jun 2019
Microsoft issues second BlueKeep warning urging users to patch
Microsoft again urged users to patch against the BlueKeep vulnerability as more potential exploits surface and one researcher discovered almost 1 million vulnerable systems. Continue Reading
-
News
31 May 2019
Ransomware attacks on local and state governments increasing
State and local governments are experiencing a rise in ransomware attacks. Experts sound off on what's triggering this trend and offer best practices for defense. Continue Reading
-
Tip
28 May 2019
How to find an MSP to protect you from outsourcing IT risks
Check out what questions to ask MSPs to make sure they have the right security systems in place to protect your organization against outsourcing IT risks. Continue Reading
-
News
23 May 2019
'BlueKeep' Windows Remote Desktop flaw gets PoC exploits
Multiple researchers created proof-of-concept exploits, including remote code execution attacks, targeting the recently patched Windows Remote Desktop flaw called BlueKeep. Continue Reading
-
News
16 May 2019
ZombieLoad: More side channel attacks put Intel chips at risk
Another set of side channel vulnerabilities were discovered in Intel chips. Security researchers explain the risks posed by the flaws and offer advice on mitigation steps. Continue Reading
-
Feature
16 May 2019
Words to go: GPS tracking security
GPS and location-based services may be some of the most significant recent technological advancements, but they can also put personal privacy in jeopardy. Continue Reading
-
News
14 May 2019
Verizon DBIR: Ransomware still a major threat, despite reports
The 2019 Verizon Data Breach Investigations Report challenges the wisdom that cryptomining attacks replaced ransomware as the dominant malware threat last year. Continue Reading
-
News
14 May 2019
Zero-day WhatsApp vulnerability could lead to spyware infection
A zero-day vulnerability in WhatsApp was used in targeted attacks that involved installing spyware on mobile devices, which may be the work of an advanced threat actor. Continue Reading
-
News
08 May 2019
2019 Verizon DBIR highlights cyberespionage, nation-state attacks
The 2019 Verizon Data Breach Investigations Report showed significant increases in cyberespionage and nation-state activity. It also painted a gloomy picture for email threats. Continue Reading
-
News
06 May 2019
Enterprise security threats rising, consumer attacks falling
Cybercriminals are increasingly taking aim at businesses, according to a recent Malwarebytes report. Security experts weigh in on best practices for defending against malware attacks. Continue Reading
-
Feature
01 May 2019
Huawei ban highlights 5G security issues CISOs must tackle
Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network. Continue Reading
- 01 May 2019
-
Feature
30 Apr 2019
Inside 'Master134': Propeller Ads connected to malvertising campaign
A SearchSecurity investigation determined ad network Propeller Ads played a significant role in the early stages of the Master134 malvertising campaign. Continue Reading
-
Feature
30 Apr 2019
Inside 'Master134': Ad networks' 'blind eye' threatens enterprises
Online ad networks linked to the Master134 malvertising campaign and other malicious activity often evade serious fallout and continue to operate unabated. Continue Reading
-
Feature
30 Apr 2019
'Master134' malvertising campaign raises questions for online ad firms
Malvertising and adware schemes are a growing concern for enterprises. Our deep investigation into one campaign reveals just how complicated threats can be to stop. Continue Reading
-
Feature
30 Apr 2019
Inside 'Master134': ExoClick tied to previous malvertising campaigns
Online ad network ExoClick denied any involvement in the Master134 campaign, but the company has ties to similar malvertising threats. Continue Reading
-
Feature
30 Apr 2019
Inside 'Master134': More ad networks tied to malvertising campaign
Check Point's report on the Master134 malvertising campaign implicated five ad networks, but a SearchSecurity investigation revealed more companies were involved. Continue Reading
-
Feature
30 Apr 2019
Inside 'Master134': Adsterra's history shows red flags, abuses
Adsterra denied it was involved in the Master134 malvertising campaign, but a review of the company's history reveals many red flags, including activity in a similar campaign. Continue Reading
-
Guide
29 Apr 2019
How to manage email security risks and threats
When faced with email security risks -- and who isn't? -- do you have the right tools, features, training and best practices in place to face down phishing attacks and manage other threats proactively? Start with this guide. Continue Reading
-
News
26 Apr 2019
FBI report says BEC attacks are increasing, evolving
According to the FBI's 2018 Internet Crime Report, business email compromise attacks are on the rise. Security experts highlight how BEC scams are evolving. Continue Reading
-
News
26 Apr 2019
Carbanak malware was recording video of victims' desktops
Researchers from FireEye spent hundreds of hours analyzing the Carbanak backdoor malware and its source code and were surprised by some of the features it contained. Continue Reading
-
Tip
25 Apr 2019
The top 3 email security threats and how to defuse them
Understanding the nature of the top 3 email security threats -- malware, phishing and spoofed domains -- can help reduce their impact. Continue Reading
-
News
24 Apr 2019
Flashpoint responds to evolving dark web threats
Cybersecurity firm Flashpoint updated its threat intelligence platform to better address evolving techniques and practices on the dark web, such as encrypted chat usage. Continue Reading
-
News
24 Apr 2019
Carbanak source code found on VirusTotal 2 years ago
The source code for the Carbanak backdoor was found in a VirusTotal archive two years ago, and security researchers are now sharing the analysis of the source code publicly. Continue Reading
-
News
19 Apr 2019
DNS hijacking campaign targets national security organizations
A DNS hijacking campaign targeting national security organizations and critical infrastructure may be part of a new trend, according to the researchers behind recent attacks. Continue Reading
-
News
11 Apr 2019
New Baldr information stealer could target businesses
Malwarebytes explains why the rapidly evolving info-stealer Baldr could spell trouble for businesses and consumers, and offers pointers on how to defend against such malware. Continue Reading
-
News
05 Apr 2019
Cybercrime groups continue to flourish on Facebook
Security researchers found cybercrime groups using Facebook out in the open for illegal activity and the findings are very similar to an issue Facebook had last year. Continue Reading
