News, Insight and Analysis

News

• How hackers exploited RCE vulnerabilities in Atlassian, Azure

  Barracuda researchers examined exploitation activity and attack patterns for two remote code execution vulnerabilities affecting Atlassian's Confluence and Microsoft's Azure. Continue Reading

• Researchers hack Apple Pay, Visa 'Express Transit' mode

  Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode. Continue Reading

• Telegram bots allowing hackers to steal OTP codes

  A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading

• Spurned researcher posts trio of iOS zero days

  An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform. Continue Reading

• Symantec: Staging activity observed on Exchange servers

  Threat actors appear to be targeting Microsoft Exchange servers with pre-ransomware activity, including one attempt to exfiltrate data. Continue Reading

Get Started

• How to secure your home Wi-Fi network in 7 steps

  When securing your home Wi-Fi, update devices regularly, change passwords consistently, turn off unused services and inspect outdoor network equipment. Continue Reading

• Endpoint security quiz: Test your knowledge

  Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading

• What are the top secure data transmission methods?

  Safe information transfer is a must for modern organizations, but not all secure data transmission methods are equal. Explore your secure data transfer options in this tip. Continue Reading

• 7 remote data backup terms for protection during a pandemic

  In this glossary, you'll find important background information on remote backup. It's crucial to think about everything from network connections to backup devices and sites. Continue Reading

• Ownership scenario should dictate mobile device policies

  The policies organizations should deploy for BYOD devices compared to kiosk devices are very different. Learn how organizations should approach these policy decisions. Continue Reading

Evaluate

• Experts debate XDR market maturity and outlook

  Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go. Continue Reading

• Why zero-trust models should replace legacy VPNs

  Many organizations use legacy VPNs to secure their networks, especially in the work-from-home era. Expert Pranav Kumar explains why zero-trust models are a safer option. Continue Reading

• A deep dive into Fortinet's SASE platform

  Despite its strong security foundation, Fortinet's SASE platform lacks a cloud-native strategy and requires teams to stitch the architecture together. Continue Reading

• Corral superuser access via SDP, privileged access management

  Keeping control of superusers is an ongoing challenge. Employing SDP and privileged access management can make the job easier. But can SDP replace PAM? Continue Reading

• RSA Conference 2021: 3 hot cybersecurity trends explained

  In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading

Manage

• 5 steps to secure the hybrid workforce as offices reopen

  Companies must now face the security challenges of overseeing a hybrid workforce as employees return to the office. Continue Reading

• Unify on-premises and cloud access control with SDP

  One security framework available to organizations struggling with on-premises and cloud access control issues is a software-defined perimeter. Learn how SDP can help. Continue Reading

• Why endpoint security is important and how it works

  Organizations and IT admins must understand the fundamental approaches that endpoint security platforms take to secure endpoints and defend against common threats. Continue Reading

• 2021 IT priorities require security considerations

  AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading

• 6 remote workforce cybersecurity strategies for 2021

  Remote worker data security has quickly evolved into a top concern for IT security. Here are six strategies to ensure remote workforce cybersecurity in 2021. Continue Reading

Problem Solve

• 6 persistent enterprise authentication security issues

  Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading

• 3 must-ask post-pandemic questions for CISOs

  The worldwide health pandemic has created multiple challenges for today's CISOs and their security teams. Ask these three questions to stay safe in a post-pandemic workplace. Continue Reading

• How security teams can prevent island-hopping cyberattacks

  Learn how to prevent island-hopping cyberattacks to keep hackers from gaining the confidence of a phishing victim who could then accidentally commit corporate financial fraud. Continue Reading

• Top 2 post-COVID-19 CISO priorities changing in 2020

  CISO priorities for 2020 were upended when the COVID-19 pandemic hit. Learn two ways forward-thinking CISOs are planning to deal with the new normal. Continue Reading

• How to balance secure remote working with on-site employees

  Post-pandemic, organizations must strike the right balance between on-site and remote work security. Here's how to make sure your cybersecurity program is prepared. Continue Reading