Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

News 28 Feb 2025
Microsoft targets AI deepfake cybercrime network in lawsuit

Microsoft alleges that defendants used stolen Azure OpenAI API keys and special software to bypass content guardrails and generate illicit AI deepfakes for payment. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 27 Feb 2025
CrowdStrike: China hacking has reached 'inflection point'

In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments. Continue Reading
By
- Alexander Culafi, Senior News Writer

News 03 Jan 2023
Many Exchange servers still vulnerable to ProxyNotShell flaw

A new exploit chain using one of the ProxyNotShell vulnerabilities has bypassed Microsoft's URL Rewrite mitigations from September and put Exchange servers at risk. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 29 Dec 2022
credential theft

Credential theft is a type of cybercrime that involves stealing a victim's proof of identity. Continue Reading
By
- Corinne Bernstein
Tip 27 Dec 2022
How to prevent and mitigate process injection

Process injection is a defense evasion technique that helps attackers hide from enterprise security systems. Learn how it works and how to mitigate it. Continue Reading
By
- Rob Shapland
News 21 Dec 2022
Play ransomware actors bypass ProxyNotShell mitigations

CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Dec 2022
Malicious Python package in PyPI poses as SentinelOne SDK

No attacks resulting from the malicious Python package have been recorded to date. However, according to PyPI, more than 1,000 users had downloaded it before it was taken down. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 20 Dec 2022
What enumeration attacks are and how to prevent them

Web applications may be vulnerable to user enumeration attacks. Learn how these brute-forcing attacks work and how to prevent them. Continue Reading
By
- Ravi Das, ML Tech Inc.
Feature 20 Dec 2022
20 companies affected by major ransomware attacks in 2021

Between hefty ransom demands, major disruptions and leaked data, 2021 saw major ransomware activity across companies and industries. Continue Reading
By
- Arielle Waldman, News Writer
Feature 19 Dec 2022
11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 16 Dec 2022
GPS jamming

GPS jamming is the act of using a frequency transmitting device to block or interfere with radio communications. Continue Reading
By
- Sarah Lewis
News 15 Dec 2022
Check Point classifies Azov as wiper, not ransomware

While Azov was initially considered ransomware, Check Point researchers warned the polymorphic malware is designed to inflict maximum damage to targeted systems. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Dec 2022
Cybereason warns of rapid increase in Royal ransomware

Enterprises need to be aware of the group's partial encryption technique because the less data it encrypts, the less chance the activity will be detected by a security product. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Dec 2022
Microsoft addresses two zero days in December Patch Tuesday

December's Patch Tuesday features fixes for 48 new bugs, including several critical vulnerabilities and two zero days, one of which is currently being exploited in the wild. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Dec 2022
Citrix ADC and Gateway zero day under active exploitation

The NSA said that APT5, a suspected Chinese nation-state threat group, is actively exploiting the Citrix zero-day flaw, which affects the vendor's ADC and Gateway products. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 13 Dec 2022
12 types of wireless network attacks and how to prevent them

From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
- Sharon Shea, Executive Editor
News 12 Dec 2022
Fortinet confirms VPN vulnerability exploited in the wild

In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
Feature 07 Dec 2022
Understanding malware analysis and its challenges

Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 07 Dec 2022
Why is malware analysis important?

Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
News 06 Dec 2022
MegaRAC flaws, IP leak impact multiple server brands

MegaRAC BMC software from American Megatrends, Inc. have a trio of serious security vulnerabilities that were discovered following an intellectual property leak. Continue Reading
By
- Shaun Nichols
News 05 Dec 2022
Education sector hit by Hive ransomware in November

The education sector remained a popular target last month, particularly from Hive, a ransomware-a-as-a-service group, that even warranted a government alert in late November. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Dec 2022
Evil Corp

Evil Corp is an international cybercrime network that uses malicious software to steal money from victims' bank accounts and to mount ransomware attacks. Continue Reading
By
- Ben Lutkevich, Site Editor
Definition 02 Dec 2022
Trojan horse

In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Continue Reading
By
- Casey Clark, TechTarget
- Michael Cobb
News 01 Dec 2022
Archive files become preferred format for malware delivery

The team at HP Wolf Security found that cybercriminals are using archive files as the preferred method for spreading malware, beating Microsoft Office for the first time. Continue Reading
By
- Shaun Nichols
News 30 Nov 2022
Exchange Server bugs caused years of security turmoil

The four high-profile sets of security vulnerabilities in Microsoft Exchange Server, disclosed by researcher Orange Tsai, are set to remain a major concern for organizations. Continue Reading
By
- Shaun Nichols
Podcast 30 Nov 2022
Risk & Repeat: Twitter, Elon Musk and security concerns

This podcast episode discusses Twitter's security concerns following Elon Musk's acquisition last month, as well as a possible data breach from 2021 that came to light recently. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Nov 2022
Tenable: 72% of organizations remain vulnerable to Log4Shell

New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Nov 2022
Infosec researcher reports possible 'massive' Twitter breach

The alleged Twitter breach involves a data set from late 2021 and includes the phone numbers and personal information of millions of users in the U.S. and Europe. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Nov 2022
Small open source projects pose significant security risks

Open source security initiatives might prevent large-scale vulnerabilities such as Log4j, but smaller projects pose risks without more maintainer support, industry experts say. Continue Reading
By
- Stephanie Glen, News Writer
News 23 Nov 2022
Cybereason warns of fast-moving Black Basta campaign

Threat actors with the Black Basta ransomware-as-a-service group are compromising networks in as little as one hour and stealing sensitive data before disabling DNS services. Continue Reading
By
- Arielle Waldman, News Writer
Definition 22 Nov 2022
buffer underflow

A buffer underflow, also known as a buffer underrun or a buffer underwrite, is when the buffer -- the temporary holding space during data transfer -- is fed data at a lower rate than it is being read from. Continue Reading
By
- Sarah Lewis
Opinion 21 Nov 2022
Ransomware preparedness: The long road ahead

Is your organization ready for ransomware? A recent survey shows that businesses in a variety of industries are all struggling with ransomware prevention and recovery. Continue Reading
By
- Christophe Bertrand
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 17 Nov 2022
Magecart malware menaces Magento merchants

Sansec researchers say as many as 38% of commercial customers running the Adobe Commerce and Magento platforms could be infected with Magecart's TrojanOrders malware. Continue Reading
By
- Shaun Nichols
Tip 17 Nov 2022
Top 5 vulnerability scanning tools for security teams

Use these five vulnerability scanning tools to find weaknesses and potential exploits in web applications, IT and cloud infrastructure, IoT devices and more. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Podcast 16 Nov 2022
Risk & Repeat: Researchers criticize HackerOne

This podcast episode discusses a recent TechTarget Security article about bug bounty platform HackerOne in which researchers aired several complaints about the company. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Nov 2022
Rapid7 discloses more F5 BIG-IP vulnerabilities

While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 Nov 2022
Dissect open source ransomware code to understand an attack

To protect your organization from ransomware, it's helpful to know what goes on behind the scenes. Unpack this ransomware code example to understand and defend against attacks. Continue Reading
By
- Matt Grasberger, Red Guava
News 10 Nov 2022
Flashpoint launches new 'ransomware prediction model'

Flashpoint's new model assigns a 'ransomware likelihood' rating for vulnerabilities contained in the VulnDB database, which contains more than 300,000 flaws. Continue Reading
By
- Arielle Waldman, News Writer
Tip 10 Nov 2022
Common lateral movement techniques and how to prevent them

Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
By
- Ravi Das, ML Tech Inc.
Tip 08 Nov 2022
Types of vulnerability scanning and when to use each

Vulnerability scanning gives companies a key weapon when looking for security weaknesses. Discovery, assessment and threat prioritization are just a few of its benefits. Continue Reading
By
- Paul Kirvan
Feature 08 Nov 2022
How to build a shadow IT policy to reduce risks, with template

With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
By
- Paul Kirvan
News 07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing

Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Nov 2022
Yanluowang ransomware gang goes dark after leaks

The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks. Continue Reading
By
- Shaun Nichols
News 03 Nov 2022
Ransomware on the rise, hitting schools and healthcare

October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Nov 2022
Adobe Flash

Adobe Flash is a software platform used to create rich digital content containing animation, graphic effects, streaming video and other interactive elements to deliver engaging user experiences over many platforms, including desktops and mobile devices. Continue Reading
By
- Rahul Awati
News 01 Nov 2022
OpenSSL vulnerabilities get high-priority patches

The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Continue Reading
By
- Shaun Nichols
Guest Post 28 Oct 2022
It's time to rethink security certification for OT devices

Security certifications don't protect OT devices from vulnerable processes and insecure-by-design practices. It's time to update security certs for the connected OT age. Continue Reading
By
- Daniel dos Santos
Feature 28 Oct 2022
Enterprise ransomware preparedness improving but still lacking

An Enterprise Strategy Group survey found enterprises are making strides in ransomware preparedness, but work remains to prevent and mitigate attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
Opinion 27 Oct 2022
How Sheltered Harbor helps banks navigate cyber-recovery

Banks must be able to recover quickly from a cyber attack -- a difficult task, given the volume and sophistication of attacks. The not-for-profit Sheltered Harbor aims to help. Continue Reading
By
- Vinny Choinski, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 27 Oct 2022
Types of cloud malware and how to defend against them

Cloud malware isn't going away anytime soon, but organizations have a growing number of tools at their disposal to combat the threat. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 26 Oct 2022
Cisco, CISA warn 2 AnyConnect flaws are under attack

CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Oct 2022
Researchers criticize HackerOne over triage, mediation woes

HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Oct 2022
Apple patches actively exploited zero-day iOS bug

The iOS zero-day was joined by a slew of other vulnerabilities in Apple's Oct. 24 security update. The iOS 16 update contained patches for 13 arbitrary code execution flaws. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Oct 2022
CISA warns of ransomware attacks on healthcare providers

A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
By
- Shaun Nichols
Definition 21 Oct 2022
command-and-control server (C&C server)

A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware. Continue Reading
By
- Kinza Yasar, Technical Writer
Tip 21 Oct 2022
The top 5 ethical hacker tools to learn

Ethical hackers have a wealth of tools at their disposal that search for vulnerabilities in systems. Learn about five such tools that should be part of any hacker's tool set. Continue Reading
By
- Rob Shapland
Definition 21 Oct 2022
burner phone

A burner phone, or 'burner,' is an inexpensive mobile phone designed for temporary, sometimes anonymous, use, after which it may be discarded. Continue Reading
By
- Katie Terrell Hanna
- Ivy Wigmore
News 21 Oct 2022
BlackByte ransomware using custom data exfiltration tool

Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools. Continue Reading
By
- Shaun Nichols
Definition 20 Oct 2022
RAT (remote access Trojan)

A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer. Continue Reading
By
- Kinza Yasar, Technical Writer
News 19 Oct 2022
ProxyLogon researcher details new Exchange Server flaws

After testing Microsoft's mitigations for ProxyLogon, security researcher Orange Tsai discovered new Exchange Server bugs, including one flaw that took more than a year to fix. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Oct 2022
Azure vulnerability opens door to remote takeover attacks

Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes. Continue Reading
By
- Shaun Nichols
News 18 Oct 2022
Python vulnerability highlights open source security woes

A 15-year-old unpatched vulnerability in a tarfile module for the Python programming language prompted researchers from cybersecurity vendor Trellix to take action. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Oct 2022
Compare vulnerability assessment vs. vulnerability management

Vulnerability assessments and vulnerability management are different but similar-sounding security terms. Discover their similarities and differences. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 18 Oct 2022
supply chain attack

A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 13 Oct 2022
NPM API flaw exposes secret packages

A flaw in the API for NPM could potentially allow a threat actor to see the internal packages for corporate users -- a possible first step for a supply chain attack. Continue Reading
By
- Shaun Nichols
News 13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022

LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
By
- Shaun Nichols
Feature 13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By
- Kyle Johnson, Technology Editor
Tip 12 Oct 2022
An overview of the CISA Zero Trust Maturity Model

A zero-trust framework blocks all attempts to access internal infrastructure without authentication. The CISA Zero Trust Maturity Model is a roadmap to get there. Continue Reading
By
- Paul Kirvan
Feature 12 Oct 2022
7 steps for implementing zero trust, with real-life examples

More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
By
- Alissa Irei, Senior Site Editor
- Johna Till Johnson, Nemertes Research
News 11 Oct 2022
NPM malware attack goes unnoticed for a year

A cybercriminal crew known as "LofyGang" poisoned software supply chains with bad NPM packages for more than a year, according to Checkmarx researchers. Continue Reading
By
- Shaun Nichols
News 11 Oct 2022
BlackByte ransomware uses new EDR evasion technique

Attackers deploying the BlackByte ransomware strain are using vulnerable drivers to target a part of the operating system that many security products rely on for protection. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Oct 2022
Critical Fortinet vulnerability under active exploitation

Fortinet said the critical vulnerability affects three of its services -- FortiOS, FortiProxy and FortiSwitch Manager -- and urged customers to take immediate action. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 11 Oct 2022
How to choose the best ZTNA vendor for your organization

In a sea of options, finding the best ZTNA vendor for your organization can pose a major challenge. Weed through the marketing hype with advice from the experts. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 07 Oct 2022
CISA lists top vulnerabilities exploited by Chinese hackers

The U.S. government published a list of the most commonly exploited vulnerabilities exploited by Chinese state-sponsored actors, including Log4Shell and the ProxyLogon bugs. Continue Reading
By
- Shaun Nichols
Definition 06 Oct 2022
filter (computing)

The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 03 Oct 2022
spambot

A spambot is an automated system that sends unwanted, unsolicited messages to users, known as spam. Continue Reading
By
- Sean Michael Kerner
News 30 Sep 2022
Microsoft Exchange Server targeted with zero-day vulnerabilities

Microsoft warned that two unpatched zero-day vulnerabilities are being exploited against Exchange Server, a problem that's causing déjà vu for some researchers. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Sep 2022
Cobalt Strike malware campaign targets job seekers

Cisco Talos researchers spotted a new wave of phishing attacks that target job seekers in the U.S. and New Zealand, infecting them with Cobalt Strike beacons. Continue Reading
By
- Shaun Nichols
News 29 Sep 2022
Unit 42 finds polyglot files delivering IcedID malware

Palo Alto Networks' Unit 42 says attackers are using decoy Microsoft Compiled HTML Help files containing multiple file formats to infect systems with information-stealing malware. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 29 Sep 2022
Solve ICS security issues with ICS and IT team convergence

It's predicted that threat actors will weaponize industrial control systems to harm or kill humans by 2025. Prepare by learning how to balance ICS and security convergence. Continue Reading
By
- Steve Durbin
News 28 Sep 2022
NCC Group: IceFire ransomware gang ramping up attacks

While the ransomware group was first observed in March, IceFire emerged on NCC Group's radar last month when attacks against English-speaking organizations soared. Continue Reading
By
- Arielle Waldman, News Writer
Answer 28 Sep 2022
Compare zero trust vs. the principle of least privilege

Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 26 Sep 2022
Critical Sophos Firewall bug under active exploitation

Sophos said the exploitation of the critical firewall vulnerability has, at this time, affected "an extremely small subset of organizations" predominantly located in South Asia. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 26 Sep 2022
Does AI-powered malware exist in the wild? Not yet

AI sending out malware attacks may invoke images of movielike, futuristic technology, but it may not be too far from reality. Read up on the future of AI-powered malware. Continue Reading
By
- Isabella Harford, TechTarget
News 23 Sep 2022
Malicious NPM package discovered in supply chain attack

Threat actors are circulating a look-alike version of the Material Tailwind NPM package to infect developers for supply chain malware attacks, according to ReversingLabs. Continue Reading
By
- Shaun Nichols
News 23 Sep 2022
Microsoft focuses on remote security with Windows 11 update

Microsoft's Windows 11 2022 Update includes features for protecting sensitive corporate data and helping remote workers avoid malware and phishing attacks. Continue Reading
By
- Antone Gonsalves, Editor at Large
News 22 Sep 2022
15-year-old Python vulnerability poses supply chain threat

Trellix researchers issued a call for help to patch a vulnerable software module, which was found in more than 300,000 open source GitHub repositories. Continue Reading
By
- Arielle Waldman, News Writer
News 21 Sep 2022
Cobalt Strike gets emergency patch

The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite. Continue Reading
By
- Shaun Nichols
Definition 19 Sep 2022
cryptojacking

Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
By
- Nick Barney, Technology Writer
Tip 16 Sep 2022
Discover the benefits and challenges of bug bounty programs

Bug bounty programs have a number of benefits and challenges. Before adopting such a program at your organization, read up on the pros and cons to decide if it would be a good fit. Continue Reading
By
- Rob Shapland
Tip 15 Sep 2022
Use shadow IT discovery to find unauthorized devices and apps

Shadow IT may be convenient for users, but it isn't for IT -- especially where security is concerned. Shadow IT discovery finds unmanaged devices and apps. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
News 15 Sep 2022
Transparency, disclosure key to fighting ransomware

Current and former CISA members say the best methods for curbing ransomware attacks are organizations reporting attacks and assisting in investigations. Continue Reading
By
- Tim McCarthy, News Writer
News 14 Sep 2022
U.S. drops the hammer on Iranian ransomware outfit

The departments of Justice and the Treasury announced criminal charges and sanctions against a group of Iranian nationals accused of running an international ransomware operation. Continue Reading
By
- Shaun Nichols
News 13 Sep 2022
Secureworks reveals Azure Active Directory flaws

Secureworks published details of what it claims are significant security flaws in Azure's authentication system, but Microsoft has dismissed them as non-issues. Continue Reading
By
- Shaun Nichols
Definition 13 Sep 2022
computer worm

A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. Continue Reading
By
- Crystal Bedell
- Peter Loshin, Former Senior Technology Editor
- Katie Terrell Hanna
News 13 Sep 2022
CrowdStrike threat report: Intrusions up, breakout time down

According to a new report by CrowdStrike's threat hunting team, Falcon OverWatch, attempted intrusions against the healthcare sector doubled year over year. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 13 Sep 2022
air gap (air gapping)

An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 08 Sep 2022
Cisco Talos traps new Lazarus Group RAT

The North Korean-backed Lazarus Group has deployed a new type of remote access Trojan that has already been turned against foreign government networks and private energy companies. Continue Reading
By
- Shaun Nichols
News 07 Sep 2022
Google: Former Conti ransomware members attacking Ukraine

Google said former members of the Conti ransomware gang are operating as part of threat group UAC-0098, which is conducting attacks of both political and financial nature. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 Sep 2022
Healthcare and education remain common ransomware targets

August disclosures showed ransomware attacks against education and healthcare entities resulted in slow recovery times and the potential loss of highly sensitive information. Continue Reading
By
- Arielle Waldman, News Writer
Opinion 01 Sep 2022
How to start developing a plan for SASE implementation

From prioritizing business problems to identifying future initiatives to assessing critical tool gaps, learn how to create a realistic SASE implementation roadmap. Continue Reading
By
- John Grady, Principal Analyst
News 01 Sep 2022
Microsoft discloses 'high-severity' TikTok vulnerability

The flaw in TikTok's Android app is the latest security concern for the social media company, which was criticized last month for having keylogging functionality in its iOS app. Continue Reading
By
- Arielle Waldman, News Writer