Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

News 15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack

Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Nov 2024
Infoblox: 800,000 domains vulnerable to hijacking attack

While the 'Sitting Ducks' attack vector continues to pose a problem, Infoblox says domain registrars, DNS providers and government bodies remain inactive. Continue Reading
By
- Arielle Waldman, News Writer

Guest Post 02 Aug 2024
How to prepare for a secure post-quantum future

Quantum computing is expected to arrive within the next decade and break current cryptographic algorithms. SANS' Andy Smith explains how to start securing your company now. Continue Reading
By
- Andy Smith, SANS Institute instructor
News 30 Jul 2024
Microsoft: Ransomware gangs exploiting VMware ESXi flaw

VMware ESXi has proven to be a popular target for ransomware threat actors and a challenge for enterprises to patch. Continue Reading
By
- Arielle Waldman, News Writer
Tip 29 Jul 2024
Evolving ZeroFont phishing attacks target Outlook users

Threat actors are using a new twist on a longtime phishing tactic to compel corporate end users to open malicious emails. Learn how ZeroFont attacks work and how to prevent them. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Video 29 Jul 2024
An explanation of romance scams (pig butchering)

Pig butchering is a scam that exploits virtual relationships to deceive and steal money. Continue Reading
By
- Tommy Everson, Assistant Editor
Definition 26 Jul 2024
What is a computer exploit?

A computer exploit, or exploit, is a program or piece of code developed to take advantage of a vulnerability in a computer or network system. Continue Reading
By
- Brien Posey
Definition 26 Jul 2024
What is malware? Prevention, detection and how attacks work

Malware, or malicious software, is any program or file that's intentionally harmful to a computer, network or server. Continue Reading
By
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
Video 25 Jul 2024
An explanation of Flipper Zero

Flipper Zero is both a tool for pen testers and a learning device for new hackers. Continue Reading
By
- Tommy Everson, Assistant Editor
Feature 24 Jul 2024
10 social media scams and how to avoid them

Discover how fraudsters are using social media platforms to steal personal and financial information from unsuspecting users. Continue Reading
By
- Samantha Poutre, Former Editorial Assistant
Tip 24 Jul 2024
How to implement an attack surface management program

Keeping attackers away from corporate assets means keeping constant vigilance over the organization's attack surface. An attack surface management program can help. Continue Reading
By
- Michael Cobb
News 23 Jul 2024
Dragos: New ICS malware FrostyGoop abuses Modbus

Dragos published research Tuesday unveiling an industrial control systems-focused malware it dubbed FrostyGoop that targets Modbus to disrupt critical infrastructure. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 23 Jul 2024
The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
By
- Craig Stedman, Industry Editor
Definition 22 Jul 2024
What is exposure management?

Exposure management is a cybersecurity approach to protecting exploitable IT assets. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 22 Jul 2024
Cloud detection and response: CDR vs. EDR vs. NDR vs. XDR

Cloud detection and response is the latest detection and response tool. Explore how it differs from endpoint, network and extended detection and response tools. Continue Reading
By
- Dave Shackleford, Voodoo Security
Opinion 19 Jul 2024
CrowdStrike chaos casts a long shadow on cybersecurity

As organizations recover from today’s outages, the cybersecurity industry will need to develop new security software evaluation criteria and requirements and learn to parlay risks. Continue Reading
By
- Dave Gruber, Principal Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Opinion 19 Jul 2024
Is today's CrowdStrike outage a sign of the new normal?

A CrowdStrike update with a faulty sensor file has global implications for Windows systems. But competitors need to limit the finger-pointing in case it happens to them. Continue Reading
By
- Gabe Knuth, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Answer 19 Jul 2024
How to protect port 139 from SMB attacks

Keeping port 139 open is perfectly normal -- but only for good reason. Without the proper protections, it can present a major security risk. Continue Reading
By
- Michael Cobb
News 18 Jul 2024
Fin7 helps ransomware gangs with EDR bypass

SentinelOne found the Russia-based cybercriminal group is helping other threat actors, including ransomware gangs, to evade detection with a custom tool named AvNeutralizer. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Jul 2024
What dangling pointers are and how to avoid them

Plenty of legacy systems are vulnerable to attackers looking for dangling pointers to gain unauthorized access. Learn how to identify dangling pointers and protect your network. Continue Reading
By
- Michael Cobb
News 17 Jul 2024
NullBulge threat actor targets software supply chain, AI tech

SentinelOne published new research detailing NullBulge, an emerging ransomware actor that recently claimed to have stolen data from Disney's internal Slack channels. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 17 Jul 2024
The CDK Global outage: Explaining how it happened

CDK Global was hit with a ransomware attack affecting thousands of U.S. auto dealerships. Keep reading to learn more about this attack and how it affected the industry. Continue Reading
By
- Sean Michael Kerner
Podcast 16 Jul 2024
Risk & Repeat: AT&T's Snowflake database breached

AT&T disclosed a breach in which threat actors compromised the company's Snowflake instance and stole call and text records from 'nearly all' the company's cellular customers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Jul 2024
Experts weigh in on Snowflake database MFA features

In response to a wave of recent attacks on customers, Snowflake introduces new authentication offerings that enable administrators to require MFA for all user accounts. Continue Reading
By
- Alexander Culafi, Senior News Writer
Video 12 Jul 2024
An explanation of Trojan horse

Trojan horses are a type of malware that can take control of your computer and even access your camera. Continue Reading
By
- Tommy Everson, Assistant Editor
News 11 Jul 2024
Ransomware gangs increasingly exploiting vulnerabilities

New research from Cisco Talos highlighted three of the most popular known vulnerabilities that were exploited by ransomware gangs for initial access during 2023 and 2024. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Jul 2024
Check Point sheds light on Windows MSHTML zero-day flaw

A Check Point Software Technologies researcher who discovered CVE-2024-38112 said the Windows spoofing vulnerability may have been exploited as far back at January 2023. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 09 Jul 2024
Microsoft fixes 2 zero-days in massive July Patch Tuesday

Microsoft disclosed and patched a whopping 142 vulnerabilities in a busy Patch Tuesday that included two zero-day flaws under active exploitation in the wild. Continue Reading
By
- Rob Wright, Senior News Director
News 09 Jul 2024
Governments issue warning on China's APT40 attacks

Government agencies say APT40 continues to pose significant risk to organizations across the globe by exploiting vulnerabilities in public-facing applications. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 09 Jul 2024
Risk & Repeat: Hacks, lies and LockBit

Months after an international law enforcement effort disrupted the notorious ransomware-as-a-service operation, LockBit falsely claimed that it breached the U.S. Federal Reserve. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 09 Jul 2024
Use these 6 user authentication types to secure networks

One layer of security that all networks and applications need is authentication. Read up on six authentication types, from 2FA to biometrics to certificates. Continue Reading
By
- Kyle Johnson, Technology Editor
News 08 Jul 2024
Ransomware hits CDK Global, public sector targets in June

The prevalent threat continued to cause disruptions last month as city halls were forced to close and auto dealerships faced downstream effects after an attack against CDK Global. Continue Reading
By
- Arielle Waldman, News Writer
Tip 08 Jul 2024
How API attacks work, plus 5 common types

A growing number of API attacks put enterprises at risk of serious data breaches. Learn how these attacks work, and explore some API security best practices. Continue Reading
By
- Rob Shapland
Definition 05 Jul 2024
What is a cyber attack? How they work and how to stop them

A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
Tip 05 Jul 2024
16 common types of cyberattacks and how to prevent them

To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks and what to do to prevent them. Continue Reading
By
- Michael Cobb
Feature 03 Jul 2024
RSA security conference video roundup: 2024 perspectives

We chatted on camera with attendees and presenters at RSAC 2024. To get the highlights of one of the world's major cybersecurity conferences, check out this video collection. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
News 01 Jul 2024
Critical OpenSSH vulnerability could affect millions of servers

Exploitation against CVE-2024-6387, which Qualys nicknamed 'regreSSHion,' could let attackers bypass security measures and gain root access to vulnerable servers. Continue Reading
By
- Arielle Waldman, News Writer
News 27 Jun 2024
Supply chain attacks conducted through Polyfill.io service

In February, a Chinese company named Funnell bought the Polyfill.io domain, which sparked concerns in the infosec community about potential supply chain threats. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Jun 2024
LockBit claim about hacking U.S. Federal Reserve fizzles

Evolve Bank & Trust confirmed that it was affected by a cybersecurity-related incident, but has not yet said whether the LockBit ransomware gang was responsible. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Jun 2024
MoveIt Transfer vulnerability targeted amid disclosure drama

Progress Software's MoveIt Transfer is under attack again, just one year after a Clop ransomware actor exploited a different zero-day MoveIt flaw against thousands of customers. Continue Reading
By
- Arielle Waldman, News Writer
Tip 26 Jun 2024
12 common types of malware attacks and how to prevent them

The umbrella term malware is one of the greatest cybersecurity threats enterprises face. Learn about 12 common types of malware and how to prevent them. Continue Reading
By
- Sharon Shea, Executive Editor
- Isabella Harford, TechTarget
Tip 25 Jun 2024
Best practices for protection from ransomware in cloud storage

Cybercriminals are getting smarter and evolving their enterprise attacks. Be proactive -- get out in front of ransomware in cloud storage before the attack occurs. Continue Reading
By
- Julia Borgini, Spacebarpress Media
News 25 Jun 2024
CISA discloses breach of Chemical Security Assessment Tool

The breach, which CISA first disclosed in March, stemmed from Ivanti zero-day vulnerabilities that a Chinese nation-state threat actor first exploited in January. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 25 Jun 2024
EDR vs. antivirus: What's the difference?

Endpoint detection and response and antivirus tools both protect enterprise networks, and both have distinct advantages. Which is better for your organization? Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 25 Jun 2024
What is security information and event management (SIEM)?

Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Linda Rosencrance
News 21 Jun 2024
Biden administration bans Kaspersky Lab products in US

The Biden administration announced a ban on Kaspersky Lab products inside the United States due to the antivirus vendor's ties with the Russian government. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
SolarWinds Serv-U vulnerability under attack

The Centre for Cybersecurity Belgium observed exploitation against CVE-2024-28995, a high-severity vulnerability in SolarWind's Serv-U file transfer product. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jun 2024
Phoenix SecureCore UEFI firmware bug affects Intel processors

Multiple Intel processors and hundreds of PC models are potentially vulnerable to a recently disclosed vulnerability in Phoenix SecureCore UEFI firmware. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Jun 2024
How Amazon's decision to ditch Active Directory paid off

Amazon's decision to build its own identity and access management system was an expensive one, but an infamous supply chain attack validated the move. Continue Reading
By
- Rob Wright, Senior News Director
Definition 20 Jun 2024
zero-day vulnerability

A zero-day vulnerability is a security loophole in software, hardware or firmware that threat actors exploit before the vendors can identify and patch it. Continue Reading
By
- Kinza Yasar, Technical Writer
- Brien Posey
- Sharon Shea, Executive Editor
Tip 17 Jun 2024
How deepfakes threaten biometric security controls

Biometric security controls are under attack by deepfakes -- convincing images, videos and audio created by generative AI. But all is not lost. Learn how to mitigate the risk. Continue Reading
By
- Jerald Murphy, Nemertes Research
News 12 Jun 2024
Black Basta might have exploited Microsoft flaw as zero-day

While investigating a ransomware attack, Symantec found evidence that suggests Black Basta threat actors exploited a Microsoft vulnerability as a zero-day. Continue Reading
By
- Arielle Waldman, News Writer
Answer 12 Jun 2024
Zero trust vs. defense in depth: What are the differences?

Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 11 Jun 2024
Hacking vs. spoofing: What's the difference?

While email, text and phone enable instant communication in a technology-driven world, they also expose individuals and companies to cyberattacks such as hacking and spoofing. Continue Reading
By
- Ava DePasquale
Definition 10 Jun 2024
communications intelligence (COMINT)

Communications intelligence (COMINT) is information gathered from the communications between individuals or groups of individuals, including telephone conversations, text messages, email conversations, radio calls and online interactions. Continue Reading
By
- Rahul Awati
Definition 07 Jun 2024
electronic intelligence (ELINT)

Electronic intelligence (ELINT) is intelligence gathered using electronic sensors, usually used in military applications. Continue Reading
By
- Rahul Awati
News 06 Jun 2024
Critical Progress Telerik vulnerability under attack

Threat actors are targeting vulnerable Progress Telerik Report Server systems just days after a proof of concept was published detailing a vulnerability exploit chain. Continue Reading
By
- Arielle Waldman, News Writer
News 06 Jun 2024
Ransomware ravaged schools and cities in May

The public sector took the brunt of ransomware in May, while another damaging attack against a healthcare company disrupted patient access to pharmacy services. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 05 Jun 2024
Risk & Repeat: Sorting out Snowflake's security mess

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached. Continue Reading
By
- Alexander Culafi, Senior News Writer
Answer 05 Jun 2024
Reporting ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. This expert advice outlines the process. Continue Reading
By
- Kyle Johnson, Technology Editor
News 04 Jun 2024
Tenable warns of vulnerability in Azure service tags

Microsoft disagreed with Tenable's assessment, saying the security issue in Azure service tags is not a vulnerability and that additional authentication layers are required. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 04 Jun 2024
ChatGPT plugin flaws introduce enterprise security risks

Insecure plugin design -- one of the top 10 LLM vulnerabilities, according to OWASP -- opens enterprises to attacks. Explore ChatGPT plugin security risks and how to mitigate them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 30 May 2024
Law enforcement conducts 'largest ever' botnet takedown

An international law enforcement effort called 'Operation Endgame' disrupted several infamous malware loaders and botnets used by ransomware gangs and other cybercriminals. Continue Reading
By
- Arielle Waldman, News Writer
Answer 30 May 2024
What is extortionware? How does it differ from ransomware?

Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Feature 29 May 2024
Why healthcare data is often the target of ransomware attacks

The healthcare industry relies heavily on IT systems. Sensitive patient data is valuable to hackers, leading to ransomware attacks that disrupt operations and endanger lives. Continue Reading
By
- Sean Michael Kerner
News 29 May 2024
Check Point discovers vulnerability tied to VPN attacks

While Check Point identified CVE-2024-24919 as the root cause behind recent attack attempts on its VPN products, it's unclear if threat actors gained access to customer networks. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
Tip 23 May 2024
What role does an initial access broker play in the RaaS model?

Initial access brokers play an increasingly vital role in the ransomware ecosystem, establishing entry points from which RaaS groups can facilitate attacks against organizations. Continue Reading
By
- Amanda Scheldt
News 23 May 2024
93% of vulnerabilities unanalyzed by NVD since February

New research from VulnCheck shows the NIST's National Vulnerability Database has struggled to manage a growing number of reported vulnerabilities this year. Continue Reading
By
- Arielle Waldman, News Writer
News 21 May 2024
Critical bug discovered in open source utility Fluent Bit

Tenable researchers discovered a critical vulnerability, dubbed 'Linguistic Lumberjack,' in Fluent Bit, an open source logging utility widely used by major cloud providers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 May 2024
Rapid7 warns of alarming zero-day vulnerability trends

The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days. Continue Reading
By
- Arielle Waldman, News Writer
Definition 20 May 2024
ATM jackpotting

ATM jackpotting is the exploitation of physical and software vulnerabilities in automated banking machines that result in the machines dispensing cash. Continue Reading
By
- Rahul Awati
Podcast 15 May 2024
Risk & Repeat: Recapping RSA Conference 2024

Artificial intelligence was center stage at RSA Conference 2024, but the show also focused on secure-by-design principles, the ransomware landscape and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 15 May 2024
Common Vulnerability Scoring System (CVSS)

The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems. Continue Reading
By
- Kinza Yasar, Technical Writer
- Alexander S. Gillis, Technical Writer and Editor
- Madelyn Bacon, TechTarget
News 14 May 2024
Google discloses 2 zero-day vulnerabilities in less than a week

Google released fixed versions to address the two vulnerabilities in its Chrome web browser, but the updates will roll out in stages with no specific dates available. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 May 2024
Cloud vulnerability management: A complete guide

Your security strategy might not grapple directly with cloud vulnerability management. Is it time to consider the possible benefits and challenges of this emerging product class? Continue Reading
By
- Ed Scannell, Freelancer
Tip 14 May 2024
RSAC panel debates confidence in post-quantum cryptography

The Cryptographers' Panel at RSAC offered opinions on their confidence in PQC following the release of a paper questioning lattice-based encryption's viability. Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 14 May 2024
bug bounty program

A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals like ethical hackers and security researchers for discovering and reporting vulnerabilities and bugs in software. Continue Reading
By
- Rahul Awati
Definition 10 May 2024
SD-WAN security

SD-WAN security refers to the practices, protocols and technologies protecting data and resources transmitted across software-defined wide area network infrastructure. Continue Reading
By
- Andy Patrizio
Definition 10 May 2024
virtual machine escape

A virtual machine escape is an exploit in which an attacker runs code on a VM that lets the operating system (OS) running within it break out and interact directly with the hypervisor. Continue Reading
By
- Rahul Awati
News 09 May 2024
Dell 'security incident' might affect millions

Dell notified customers that a company portal connected to customer data exposed orders, names and addresses, while reports indicate the data is now up for sale on the dark web. Continue Reading
By
- Tim McCarthy, News Writer
Definition 09 May 2024
threat actor

A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that affects -- or has the potential to affect -- an organization's security. Continue Reading
By
- Rahul Awati
- Ivy Wigmore
Feature 09 May 2024
Build a resilient network: What I learned from 5 thought leaders

At the 2024 'Strategies for a Resilient Network' summit, five thought leaders shared best practices to help you achieve optimal network resiliency. Learn more. Continue Reading
By
- Natasha Carter, Director of Partnerships and Event Content
News 08 May 2024
National Security Agency warns against paying ransoms

Rob Joyce and David Luber, former and current directors of cybersecurity at the NSA, discuss how the ransomware attack on Change Healthcare exemplified the cons of paying ransoms. Continue Reading
By
- Arielle Waldman, News Writer
Tip 08 May 2024
Patch management vs. vulnerability management: Key differences

Although patch and vulnerability management are intertwined, they differ in critical ways. It's important to have distinct tools and processes to execute both effectively. Continue Reading
By
- Esther Shein
Tip 08 May 2024
VM security in cloud computing explained

Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up. Continue Reading
By
- Char Sample, ICF International
News 08 May 2024
White House: Threats to critical infrastructure are 'severe'

While the White House released the new National Cybersecurity Strategy last year to help combat threats to critical infrastructure organizations, attacks have continued. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
SentinelOne: Ransomware actors are adapting to EDR

At RSA Conference 2024, SentinelOne's Alex Stamos discussed ongoing global threats such as ransomware and how threat actors are changing their techniques. Continue Reading
By
- Arielle Waldman, News Writer
News 07 May 2024
U.S. agencies continue to observe Volt Typhoon intrusions

A panel of experts at RSA Conference 2024 discussed Volt Typhoon and warned the Chinese nation-state threat group is still targeting and compromising U.S. organizations. Continue Reading
By
- Arielle Waldman, News Writer
Tip 07 May 2024
How to detect deepfakes manually and using AI

Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 06 May 2024
Recorded Future observes 'concerning' hacktivism shift

At RSA Conference 2024, Recorded Future detailed alarming trends as nation-state attackers operate under the guise of hacktivism to cover real threats to organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 06 May 2024
IBM study shows security for GenAI projects is an afterthought

IBM's survey of C-suite executives finds that 82% say trustworthy and secure AI are essential, but only 24% have a security component included in their GenAI projects. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 02 May 2024
What is a potentially unwanted program (PUP)?

A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 01 May 2024
U.S. warns of pro-Russian hacktivist attacks against OT systems

CISA calls on OT device manufacturers to implement more effective security protocols as attacks against critical infrastructure organizations continue. Continue Reading
By
- Arielle Waldman, News Writer
News 01 May 2024
Verizon DBIR: Vulnerability exploitation in breaches up 180%

Verizon said it examined approximately twice as many breaches for the 2024 Data Breach Investigations Report -- 10,626 out of 30,458 total tracked incidents. Continue Reading
By
- Alexander Culafi, Senior News Writer
Conference Coverage 01 May 2024
RSA Conference 2024 focuses on collaboration, resilience

Follow TechTarget Security's RSAC 2024 guide for pre-conference insights and the most pressing presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
News 25 Apr 2024
Risk & Repeat: Change Healthcare's bad ransomware bet

This Risk & Repeat podcast discusses Change Healthcare's ransomware attack and the apparent further spread of sensitive data despite the company paying a ransom. Continue Reading
By
- Alexander Culafi, Senior News Writer
- Rob Wright, Senior News Director
News 25 Apr 2024
Cisco zero-day flaws in ASA, FTD software under attack

Cisco revealed that a nation-state threat campaign dubbed 'ArcaneDoor' exploited two zero-day vulnerabilities in its Adaptive Security Appliance and Firepower Threat Defense products. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Apr 2024
Critical CrushFTP zero-day vulnerability under attack

While a patch is now available, a critical CrushFTP vulnerability came under attack as a zero-day and could allow attackers to exfiltrate all files on the server. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Apr 2024
Coalition: Insurance claims for Cisco ASA users spiked in 2023

Coalition urged enterprises to be cautious when using Cisco and Fortinet network boundary devices as attackers can leverage the attack vectors to gain initial access. Continue Reading
By
- Arielle Waldman, News Writer
News 24 Apr 2024
GitHub vulnerability leaks sensitive security reports

The vulnerability is triggered when GitHub users correct code or other mistakes they discover on repositories. But GitHub does not believe it warrants a fix. Continue Reading
By
- Arielle Waldman, News Writer
Tip 24 Apr 2024
Traditional MFA isn't enough, phishing-resistant MFA is key

Not every MFA technique is effective in combating phishing attacks. Enterprises need to consider new approaches to protect end users from fraudulent emails. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
News 23 Apr 2024
U.S. cracks down on commercial spyware with visa restrictions

The move marks the latest effort by the U.S. government to curb the spread of commercial spyware, which has been used to target journalists, politicians and human rights activists. Continue Reading
By
- Alexander Culafi, Senior News Writer