New & Notable
News
ScamClub spreads fake McAfee alerts to ESPN, AP, CBS sites
Malwarebytes said the malicious affiliate behind the fake virus alerts and other malvertising attacks has been flagged many times over the years, but McAfee has yet to take action.
News
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year.
News
Europol, Ukraine police arrest alleged ransomware ringleader
Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group.
News
Threat actors targeting critical OwnCloud vulnerability
Researchers observed exploitation attempts against a vulnerability affecting OwnCloud's Graph API app, highlighting threat actors' continued focus on file-sharing products.
Trending Topics
-
Data Security & Privacy News
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years.
-
Threats & Vulnerabilities News
Threat actors targeting critical OwnCloud vulnerability
Researchers observed exploitation attempts against a vulnerability affecting OwnCloud's Graph API app, highlighting threat actors' continued focus on file-sharing products.
-
IAM Evaluate
How passwordless authentication aids identity security
Enterprise Strategy Group's Jack Poller discusses survey results on user authentication practices and explains the security benefits of passwordless methods.
-
Analytics & Automation News
JPMorgan Chase CISO explains why he's an 'AI optimist'
Pat Opet, CISO at JPMorgan Chase & Co., discussed how the financial services giant invests in cybersecurity and where generative AI could provide game-changing benefits.
-
Network Security News
Europol, Ukraine police arrest alleged ransomware ringleader
Europol and Ukraine's National Police arrested the alleged leader of a ransomware gang last week, along with four accomplices, dismantling the cybercrime group.
-
Operations & Management Evaluate
Cybersecurity budgets lose momentum in uncertain economy
Organizations' increasing prioritization of cybersecurity has protected most programs from major budget cuts. Even so, many CISOs are feeling the pinch.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
How passwordless authentication aids identity security
Enterprise Strategy Group's Jack Poller discusses survey results on user authentication practices and explains the security benefits of passwordless methods.
-
Cybersecurity budgets lose momentum in uncertain economy
-
Security continues to lag behind cloud app dev cycles
-
4 tips to find cyber insurance coverage in 2024
-
-
Problem Solve
8 ways to cope with cybersecurity budget cuts
In times of economic uncertainty, cybersecurity budget cuts can make the security team's job even more challenging. Here are eight ways to minimize risk with minimal resources.
-
Top 7 cloud misconfigurations and best practices to avoid them
-
Top 10 tips for employees to prevent phishing attacks
-
Enterprise cybersecurity hygiene checklist for 2024
-
-
Manage
15 benefits of outsourcing your cybersecurity operations
For companies battling data breaches and cyber attacks, MSSPs can offer lower costs, better reliability, broader experience, more skills and other benefits.
-
AI in risk management: Top benefits and challenges explained
-
How to protect your organization from IoT malware
-
7 useful hardware pen testing tools
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
timing attack
A timing attack is a type of side-channel attack that exploits the amount of time a computer process runs to gain knowledge about or access a system.
-
Get Started
privileged identity management (PIM)
Privileged identity management (PIM) is the monitoring and protection of superuser accounts that hold expanded access to an organization's IT environments.
-
Get Started
possession factor
The possession factor, in a security context, is a category of user authentication credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with a software ...
Multimedia
-
News
View All -
Data security and privacy
Black Basta ransomware payments exceed $100M since 2022
Insurance provider Corvus and blockchain analytics vendor Elliptic partnered to examine how much damage the Black Basta ransomware group has caused in less than two years.
-
Application and platform security
ScamClub spreads fake McAfee alerts to ESPN, AP, CBS sites
Malwarebytes said the malicious affiliate behind the fake virus alerts and other malvertising attacks has been flagged many times over the years, but McAfee has yet to take action.
-
Data security and privacy
Okta: Support system breach affected all customers
Okta warned customers that they face an 'increased risk of phishing and social engineering attacks' after new details emerged from a breach that occurred earlier this year.
Security Definitions
- timing attack
- privileged identity management (PIM)
- possession factor
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- What is cyber hygiene and why is it important?
- cardholder data environment (CDE)
- mandatory access control (MAC)
- threat detection and response (TDR)