New & Notable
News
Verizon 2023 DBIR: Ransomware remains steady but complicated
Chris Novak, managing director of cybersecurity consulting at Verizon Business, said 2023 was a "retooling year" for ransomware threat actors adapted to improved defenses.
News
Ransomware actors exploiting MoveIt Transfer vulnerability
Microsoft said the recently disclosed zero-day flaw in Progress Software's managed file transfer product is being exploited by threat actors connected to the Clop ransomware gang.
Manage
Attack surface reduction rules for Microsoft productivity apps
Attack surface reduction rules in Microsoft Defender for Endpoint help prevent apps from launching executable files and scripts, running suspicious scripts and more.
Manage
Manage security posture with Microsoft Defender for Endpoint
Organizations need to implement security posture management to ensure their cybersecurity strategy can address malicious actions inside and out.
Trending Topics
-
Data Security & Privacy News
Risk & Repeat: A troubling trend of poor breach disclosures
This Risk & Repeat episode covers three data breach disclosures from Dish Network, Gentex Corporation and Clarke County Hospital and the troubling trends that connect all three.
-
Threats & Vulnerabilities News
Verizon 2023 DBIR: Ransomware remains steady but complicated
Chris Novak, managing director of cybersecurity consulting at Verizon Business, said 2023 was a "retooling year" for ransomware threat actors adapted to improved defenses.
-
IAM News
Google rolls out passkeys in service of passwordless future
Google referred to its new passkey option, which features facial recognition, fingerprint and PIN-based authentication, as 'the beginning of the end of the password.'
-
Analytics & Automation Evaluate
2023 RSA Conference insights: Generative AI and more
Generative AI was the talk of RSA Conference 2023, along with zero trust, identity security and more. Enterprise Strategy Group analyst Jack Poller offers his takeaways.
-
Network Security News
Ransomware takes down multiple municipalities in May
City and local governments experienced severe disruptions to public services due to ransomware attacks in May, particularly from the Royal ransomware group.
-
Operations & Management News
Vendors: Threat actor taxonomies are confusing but essential
Despite concern about the proliferation of naming taxonomies used to identify threat groups, vendors say they are crucial their understanding and visibility into threat activity.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Find Solutions For Your Project
-
Evaluate
Low-code/no-code use cases for security
Low-code/no-code development approaches have their fair share of security issues, but that doesn't mean they can't be used to benefit the security industry, too.
-
Top breach and attack simulation use cases
-
The potential danger of the new Google .zip top-level domain
-
Closing the book on RSA Conference 2023
-
-
Problem Solve
Protect against current and future threats with encryption
Current and future cyber threats, such as ransomware, generative AI, quantum computing and an increase in surveillance, are driving the need to secure all data with encryption.
-
How to reduce risk with cloud attack surface management
-
Addressing the confusion around shift-left cloud security
-
7 ways to mitigate CISO liability and risk
-
-
Manage
Attack surface reduction rules for Microsoft productivity apps
Attack surface reduction rules in Microsoft Defender for Endpoint help prevent apps from launching executable files and scripts, running suspicious scripts and more.
-
Manage security posture with Microsoft Defender for Endpoint
-
Smart contract benefits and best practices for security
-
9 smart contract vulnerabilities and how to mitigate them
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
security analytics
Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.
-
Get Started
NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.
-
Get Started
Smart contract benefits and best practices for security
While smart contracts promise enormous benefits in the enterprise, they also present opportunities for cybercriminals. Explore best practices to keep them secure.
Multimedia
-
News
View All -
Network security
Ransomware takes down multiple municipalities in May
City and local governments experienced severe disruptions to public services due to ransomware attacks in May, particularly from the Royal ransomware group.
-
Threats and vulnerabilities
Verizon 2023 DBIR: Ransomware remains steady but complicated
Chris Novak, managing director of cybersecurity consulting at Verizon Business, said 2023 was a "retooling year" for ransomware threat actors adapted to improved defenses.
-
Threats and vulnerabilities
Ransomware actors exploiting MoveIt Transfer vulnerability
Microsoft said the recently disclosed zero-day flaw in Progress Software's managed file transfer product is being exploited by threat actors connected to the Clop ransomware gang.
Security Definitions
- security analytics
- NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
- application blacklisting (application blocklisting)
- juice jacking
- hypervisor security
- claims-based identity
- Certified Cloud Security Professional (CCSP)
- password manager