Data security and privacy
Secure data storage, data loss prevention and encryption are must-have components of any enterprise security strategy, especially as data threats and breaches become increasingly common. Get advice on these topics, along with the latest data security strategies, data backup and recovery info, and more.
Top Stories
-
Tip
06 Sep 2024
7 essential steps to create a contact center RFP
Successful contact center RFPs are built on collaboration, vendor research, countless questions and answers, scorecards, shortlists, trial runs, bakeoffs and the final decision. Continue Reading
By- Robin Gareiss, Metrigy
-
News
06 Sep 2024
Ransomware rocked healthcare, public services in August
Ransomware remained a highly disruptive threat last month, as notable attacks claimed victims in healthcare, technology, manufacturing and the public sector. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
15 Mar 2023
quantum supremacy
Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classical computers by performing calculations previously impossible at unmatched speeds. Continue Reading
By -
News
15 Mar 2023
Rubrik discloses data breach, blames Fortra zero-day
The cybersecurity vendor said it is investigating a data breach after attackers exploited a zero-day vulnerability in Fortra's GoAnywhere managed file transfer software. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
15 Mar 2023
antivirus software (antivirus program)
Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices. Continue Reading
By- Kinza Yasar, Technical Writer
- Linda Rosencrance
-
Podcast
15 Mar 2023
Hacker claims exposed database led to DC Health Link breach
This Risk & Repeat podcast episode covers the breach of health insurance exchange DC Health Link, as well as a hacker's claim that the breach was caused by an exposed database. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
14 Mar 2023
information security (infosec)
Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information. Continue Reading
By- Kinza Yasar, Technical Writer
- Gavin Wright
- Taina Teravainen
-
News
13 Mar 2023
DC Health Link confirms breach, but questions remain
While DC Health Link confirmed the breach, it is unknown how threat actors obtained the personal health data of more than 56,000 customers, including members of Congress. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
09 Mar 2023
Is ransomware declining? Not so fast, experts say
While some 2022 ransomware statistics indicate a possible 'decline' in activity, threat researchers warn there's more to the picture than the numbers suggest. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Mar 2023
New National Cybersecurity Strategy takes aim at ransomware
The Biden-Harris administration's 39-page National Cybersecurity Strategy covers multiple areas, including disrupting ransomware operations and addressing vulnerable software. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Mar 2023
Ransomware attacks ravaged big names in February
While ransomware incidents appear to be decreasing, several high-profile organizations, including Dole, Dish Network and the U.S. Marshals Service, suffered notable attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
02 Mar 2023
Accurately assessing the success of zero-trust initiatives
Zero-trust preparation can be difficult. Measuring how well the model provides security and business benefits after implementation is even more difficult. Continue Reading
By- John Grady, Principal Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
28 Feb 2023
LastPass breach tied to hack of engineer's home computer
LastPass said a threat actor hacked an employee's home computer to access a corporate password vault and steal decryption keys for its product backups and cloud storage resources. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
28 Feb 2023
Bitdefender releases decryptor for MortalKombat ransomware
MortalKombat ransomware was first spotted in January, but Bitdefender has already cracked the new variant and released a free decryptor to help victims recover data. Continue Reading
By- Rob Wright, Senior News Director
-
News
28 Feb 2023
U.S. Marshals Service suffers ransomware attack, data breach
Ransomware actors breached the U.S. Marshals Service earlier this month and stole sensitive information pertaining to agency investigations, though many questions remain. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Feb 2023
CrowdStrike: Threat actors shifting away from ransomware
CrowdStrike's '2023 Global Threat Report' showed a 20% increase in the number of threat actors using data theft and extortion tactics without deploying actual ransomware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Feb 2023
IBM: Ransomware defenders showing signs of improvement
According to IBM X-Force's Threat Intelligence Index report, a smaller percentage of threat actors executed a ransomware attack after gaining access in 2022 than in 2021. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
21 Feb 2023
GoDaddy's response to 'multi-year' breach criticized
GoDaddy took nearly three months to disclose that attackers breached the company in a multi-year campaign, and customers are still in the dark about the details of the attack. Continue Reading
By- Arielle Waldman, News Writer
-
News
16 Feb 2023
Google: Russia continues to set cyber sights on NATO nations
A new report from Google's Threat Analysis Group shed light on Russia's efforts to conduct malicious cyber campaigns not only against Ukraine but also NATO nations too. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
16 Feb 2023
E-Sign Act (Electronic Signatures in Global and National Commerce Act)
The E-Sign Act (Electronic Signatures in Global and National Commerce Act) is a U.S. federal law that specifies that, in the United States, the use of an electronic signature (e-signature) is as legally valid as a traditional signature written in ink on paper. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
News
16 Feb 2023
Ransomware actors increasingly weaponizing old vulnerabilities
A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws initially discovered between 2010 and 2019. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
16 Feb 2023
No relief in sight for ransomware attacks on hospitals
Despite being off limits for some hackers, hospitals continue to be lucrative targets for ransomware groups because of their valuable data and higher rate of paying ransoms. Continue Reading
By- Alexis Zacharakos, Student Co-op
-
Podcast
15 Feb 2023
ESXiArgs attack vector unclear as infections continue
This Risk & Repeat podcast episode discusses the recent developments involving ESXiArgs, the ransomware variant that has been infecting vulnerable VMware ESXi servers this month. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 Feb 2023
Veeam launches Data Platform, ransomware warranty
Veeam Data Platform features Backup & Replication v12 and other management capabilities. In addition, Object First released its appliance focused on storage for Veeam users. Continue Reading
By- Paul Crocetti, Executive Editor
-
News
14 Feb 2023
Dragos: ICS/OT ransomware attacks up 87%
Ransomware attacks against industrial organizations remains a growing problem, according to ICS/OT vendor Dragos' new 'Year in Review 2022' report. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
10 Feb 2023
New ESXi ransomware strain spreads, foils decryption tools
Since the onset of the widespread attacks last week, the ESXiArgs ransomware strain appears to have undergone updates that make it harder for enterprises to recover data. Continue Reading
By- Arielle Waldman, News Writer
-
News
09 Feb 2023
Thousands of victims apparently hit by ESXiArgs ransomware
A joint security advisory from CISA and the FBI said the ESXiArgs ransomware campaign has claimed over 3,800 servers globally since attacks first emerged last week. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
08 Feb 2023
CISA battles ESXiArgs ransomware campaign with recovery tool
The U.S. Cybersecurity and Infrastructure Security Agency published a decryptor script intended to assist VMware customers affected by ESXiArgs ransomware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
08 Feb 2023
reverse brute-force attack
A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple usernames in an attempt to gain access to a network. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
08 Feb 2023
SOC 3 (System and Organization Controls 3)
A System and Organization Controls 3 (SOC 3) report outlines information related to a service organization's internal controls for security, availability, processing integrity, confidentiality and privacy. Continue Reading
By- Nick Barney, Technology Writer
-
News
06 Feb 2023
Vastaamo hacking suspect arrested in France
The suspect in the infamous cyber attack, Julius Kivimäki, is a 25-year-old Finnish man who was arrested after being remanded in absentia in October 2022. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
06 Feb 2023
6 data security predictions for 2023
New tools are proliferating to secure data wherever it lives. Six data security trends -- ranging from AI washing to new data security platforms -- are in the forefront for 2023. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
06 Feb 2023
Widespread ransomware campaign targets VMware ESXi servers
The attacks exploited a two-year-old heap overflow vulnerability in VMware ESXi. Many questions remain about the scope of the campaign and the threat actor behind it. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
02 Feb 2023
Understanding the importance of data encryption
Encryption is a foundational element of cybersecurity. Organizations should implement encryption to counter the ever-growing threat of data breaches. Continue Reading
By- Jack Poller
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
02 Feb 2023
HeadCrab malware targets Redis to mine cryptocurrency
Aqua Security said the HeadCrab botnet has taken control of at least 1,200 servers via internet-facing instances of the opensource DBMS Redis and is using them for cryptomining. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Feb 2023
Ransomware attacks on public sector persist in January
Many of the attacks disclosed or reported in January occurred against the public sector, including multiple school districts that were hit within days of one another. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
31 Jan 2023
Risk & Repeat: The FBI's Hive ransomware takedown
This podcast episode discusses the law enforcement operation that led to the infiltration and takedown of the Hive network and what it could mean for other ransomware gangs. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
31 Jan 2023
Horizon3.ai releases POC exploit for VMware vulnerabilities
Penetration testing vendor Horizon3.ai published technical details and exploit code for three new CVEs in VMware vRealize Log Insight that can be chained for remote code execution. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
30 Jan 2023
Schools don't pay, but ransomware attacks still increasing
Ransomware gangs have increasingly focused their attacks on the K-12 education sector, even though most school districts do not pay the ransom. But how long will that last? Continue Reading
By- Alexis Zacharakos, Student Co-op
-
News
26 Jan 2023
FBI hacked into Hive ransomware gang, disrupted operations
The FBI infiltrated Hive's network in July 2022 and obtained decryption keys, which it distributed to victims to prevent $130 million in ransom payments, according to the DOJ. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
25 Jan 2023
Contractor error led to Baltimore schools ransomware attack
A security contractor for Baltimore County Public Schools mistakenly opened a suspicious phishing email attachment in an unsecure environment, leading to the ransomware attack. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
25 Jan 2023
10 best cybersecurity podcasts to check out
Cybersecurity podcasts are an excellent way to raise cybersecurity awareness. Discover the top 10 cybersecurity podcasts and learn how to select the best ones for your playlist. Continue Reading
By- Kinza Yasar, Technical Writer
-
Podcast
24 Jan 2023
Risk & Repeat: Another T-Mobile data breach disclosed
This podcast episode discusses the latest T-Mobile breach -- the third in less than three years -- in which a threat actor stole personal data from 37 million customer accounts. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
24 Jan 2023
Customer data, encryption key stolen in GoTo breach
GoTo's breach update follows the recent disclosure made by GoTo subsidiary LastPass, which similarly lost significant sensitive customer data in a breach last year. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
23 Jan 2023
Experts applaud expansion of Apple's E2E encryption
Amidst growing privacy concerns and data breach threats, Apple launched Advanced Data Protection for U.S. customers last month to secure almost all data stored in iCloud. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
20 Jan 2023
6 cybersecurity buzzwords to know in 2023
Enterprise Strategy Group research indicates many organizations will increase cybersecurity spending in 2023, and with that comes an evolving set of vendor buzzwords to sort out. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
20 Jan 2023
T-Mobile data breach affects 37M customers
T-Mobile said a threat actor first began using an API in November to obtain the personal data of 37 million customer accounts, though no financial data was affected. Continue Reading
By- Rob Wright, Senior News Director
-
Podcast
20 Jan 2023
Risk & Repeat: Breaking down the LastPass breach
This podcast episode discusses the fallout of the recent LastPass breach, in which a threat actor stole encrypted logins and unencrypted website URLs from the password manager. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
19 Jan 2023
Chainalysis: Ransomware payments down, fewer victims paying
Ransomware payments dropped significantly this past year, falling more than 40% from 2021, according to new research from blockchain analysis firm Chainalysis. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
18 Jan 2023
LastPass faces mounting criticism over recent breach
LastPass disclosed a breach last month in which a threat actor stole personal customer information, including billing addresses and encrypted website login details. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
10 Jan 2023
How to prevent and detect lateral movement attacks
Reduce the success of lateral movement attacks by performing these eight key cybersecurity activities at strategic, operational and proactive levels. Continue Reading
By- Charles Kolodgy, Security Mindsets
-
Tip
09 Jan 2023
What is Triple DES and why is it being disallowed?
Triple DES no longer provides the encryption strength it once did. Prepare now to transition away from its use to a more security alternative. Continue Reading
By -
Feature
05 Jan 2023
How to configure Windows privacy settings with Intune
To personalize UX, Windows devices aren't shy about collecting user data. This isn't ideal for enterprise security. Discover how to lock down privacy settings with Intune. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Feature
05 Jan 2023
Windows security tips for the enterprise
Securing a Windows environment is no easy feat. Read up on low-hanging fruit to quickly address, as well as top tips from two security practitioners to get started. Continue Reading
By- Kyle Johnson, Technology Editor
-
Definition
05 Jan 2023
Google Chrome browser
Google Chrome browser is a free web browser used for accessing the internet and running web-based applications. Continue Reading
By- Nick Barney, Technology Writer
-
News
04 Jan 2023
December ransomware disclosures reveal high-profile victims
Cloud provider Rackspace was just one of several major enterprises to suffer a ransomware attack, according to public disclosures and reports in December. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
29 Dec 2022
credential theft
Credential theft is a type of cybercrime that involves stealing a victim's proof of identity. Continue Reading
-
Tip
27 Dec 2022
How to prevent and mitigate process injection
Process injection is a defense evasion technique that helps attackers hide from enterprise security systems. Learn how it works and how to mitigate it. Continue Reading
By- Rob Shapland, Falanx Cyber
-
Definition
22 Dec 2022
Firefox
Firefox is a free, open source web browser developed by the Mozilla Foundation and Mozilla Corporation in 2004. Continue Reading
By- Nick Barney, Technology Writer
-
Definition
20 Dec 2022
surveillance capitalism
Surveillance capitalism is an economic theory proposed by Harvard Business School Professor Emerita Shoshana Zuboff in 2014 that describes the modern, mass monetization of individuals' raw personal data in order to predict and modify their behavior. Continue Reading
By- Nick Barney, Technology Writer
- Ivy Wigmore
-
Tip
20 Dec 2022
What enumeration attacks are and how to prevent them
Web applications may be vulnerable to user enumeration attacks. Learn how these brute-forcing attacks work and how to prevent them. Continue Reading
By- Ravi Das, RaviDas.Tech Inc.
-
Definition
19 Dec 2022
cyberbullying
Cyberbullying is a type of bullying in which one or more individuals use digital technologies to intentionally and repeatedly cause harm to another person. Continue Reading
-
Feature
19 Dec 2022
11 cybersecurity predictions for 2023
Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By- Kyle Johnson, Technology Editor
-
Feature
16 Dec 2022
Explore 5 secure data storage best practices
From access control to air gapping and beyond, IT administrators should employ several technologies and procedures to help ensure they have secure data storage. Continue Reading
By- Paul Crocetti, Executive Editor
-
Definition
14 Dec 2022
default
In computer technology, a default is a pre-designed value or setting that is used by a computer program when a value or setting is not specified by the program user. Continue Reading
-
Definition
12 Dec 2022
checksum
A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions. Continue Reading
By- Kinza Yasar, Technical Writer
- Laura Fitzgibbons
-
Podcast
08 Dec 2022
Risk & Repeat: Breaking down Rackspace ransomware attack
This Risk & Repeat podcast episode discusses the recent ransomware attack against cloud provider Rackspace, as well as the major service outage affecting its customers. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Dec 2022
Vice Society ransomware 'persistent threat' to education sector
New research from Palo Alto Networks supports recent government warnings that Vice Society poses an increased risk to K-12 schools and higher education. Continue Reading
By- Arielle Waldman, News Writer
-
News
06 Dec 2022
Rackspace confirms ransomware attack after Exchange outages
The cloud service provider said that because the investigation of the ransomware attack is in the early stages, it is unknown what, if any, customer data was stolen. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
02 Dec 2022
Trojan horse
In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Continue Reading
By- Casey Clark, TechTarget
- Michael Cobb
-
News
01 Dec 2022
Mozilla, Microsoft drop Trustcor as root certificate authority
Mozilla and Microsoft removed support for TrustCor certificates after a Washington Post report revealed the company's ties to government contractors specializing in spyware. Continue Reading
By- Rob Wright, Senior News Director
-
News
01 Dec 2022
LastPass warns some customer data accessed in new breach
LastPass disclosed a new breach, related to the previously disclosed attack in August, that resulted in a threat actor obtaining access to some customer data. Continue Reading
By- Arielle Waldman, News Writer
-
News
30 Nov 2022
Lockbit 3.0 has BlackMatter ransomware code, wormable traits
LockBit 3.0 or 'LockBit Black' includes anti-debugging capabilities, the ability to delete Volume Shadow Copy files and the potential ability to self-spread via legitimate tools. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
30 Nov 2022
quantum key distribution (QKD)
Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Podcast
30 Nov 2022
Risk & Repeat: Twitter, Elon Musk and security concerns
This podcast episode discusses Twitter's security concerns following Elon Musk's acquisition last month, as well as a possible data breach from 2021 that came to light recently. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
28 Nov 2022
Infosec researcher reports possible 'massive' Twitter breach
The alleged Twitter breach involves a data set from late 2021 and includes the phone numbers and personal information of millions of users in the U.S. and Europe. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
23 Nov 2022
Bitly
Bitly is a URL shortener service that enables users to truncate webpage links. Continue Reading
-
Guest Post
18 Nov 2022
Track evolution in storage security standards, technologies
It's going to take a layered approach to handle all the security threats that storage administrators face. Strategies such as zero-trust architecture and encryption can help. Continue Reading
By- Eric Hibbard and Thomas Rivera
-
Definition
18 Nov 2022
pen testing (penetration testing)
A penetration test, also called a pen test or ethical hacking, is a cybersecurity technique that organizations use to identify, test and highlight vulnerabilities in their security posture. Continue Reading
By- Kinza Yasar, Technical Writer
- Puneet Mehta, SDG
-
Guest Post
17 Nov 2022
Do companies need cyber insurance?
As cyber insurance costs rise, companies must determine whether they truly need cyber insurance to tackle their increased risk of cyber attacks. Continue Reading
By- Mark Brown
-
News
15 Nov 2022
Cohesity launches Data Security Alliance for customers
Cohesity has formed a Data Security Alliance of 12 companies and will launch its DataHawk security service in early 2023. Both are aimed at consolidating offerings for customers. Continue Reading
By- Max Bowen, News Writer
-
News
14 Nov 2022
Moreno Valley school system shores up ransomware defenses
Moreno Valley Unified School District officials discuss the steps they've taken to better protect sensitive data and critical applications against the growing threat of ransomware. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Nov 2022
TrustCor under fire over certificate authority concerns
TrustCor Systems, a certificate authority registered in Panama, is in hot water after a Washington Post report raised questions about its apparent connections to a spyware vendor. Continue Reading
-
Tip
10 Nov 2022
Common lateral movement techniques and how to prevent them
Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
By- Ravi Das, RaviDas.Tech Inc.
-
Feature
08 Nov 2022
5 ways to overcome multifactor authentication vulnerabilities
Improve the resiliency of multifactor authentication by giving users more information, making default settings more secure, hiding secrets and more. Continue Reading
By- Kyle Johnson, Technology Editor
-
Feature
08 Nov 2022
How to build a shadow IT policy to reduce risks, with template
With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
By -
News
04 Nov 2022
Yanluowang ransomware gang goes dark after leaks
The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks. Continue Reading
-
News
03 Nov 2022
Ransomware on the rise, hitting schools and healthcare
October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
31 Oct 2022
Consider ethical technology issues with data center growth
Authors Harry Lewis and Ken Ledeen discuss ethical issues organizations should consider when expanding data center, data collection and technological capabilities. Continue Reading
By- Ryan Arel, Former Associate Site Editor
- Pearson Education
-
Podcast
28 Oct 2022
Risk & Repeat: Microsoft, SOCRadar spar over data leak
This podcast episode discusses threat intelligence vendor SOCRadar's disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
27 Oct 2022
How Sheltered Harbor helps banks navigate cyber-recovery
Banks must be able to recover quickly from a cyber attack -- a difficult task, given the volume and sophistication of attacks. The not-for-profit Sheltered Harbor aims to help. Continue Reading
By- Vinny Choinski, Senior Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
25 Oct 2022
Apple patches actively exploited zero-day iOS bug
The iOS zero-day was joined by a slew of other vulnerabilities in Apple's Oct. 24 security update. The iOS 16 update contained patches for 13 arbitrary code execution flaws. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
21 Oct 2022
Balancing remote work privacy vs. productivity monitoring
Weighing employee productivity monitoring against remote workers' privacy is a serious issue that requires protecting personal and corporate data and setting the right policies. Continue Reading
By -
News
21 Oct 2022
BlackByte ransomware using custom data exfiltration tool
Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools. Continue Reading
-
News
20 Oct 2022
Brazil arrests alleged Lapsus$ hacker
Federal police in Brazil arrested a person accused of being a key member of the Lapsus$ hacking group on charges related to the takedown of government websites. Continue Reading
-
News
20 Oct 2022
Microsoft confirms data leak caused by misconfiguration
Microsoft criticized SOCRadar's reporting of the data leak, saying the threat intelligence vendor "greatly exaggerated" its claim that 65,000-plus entities had data exposed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
20 Oct 2022
What is the zero-trust security model?
The zero-trust security model is a cybersecurity approach that denies access to an enterprise's digital resources by default and grants authenticated users and devices tailored, siloed access to only the applications, data, services and systems they need to do their jobs. Continue Reading
By- Alissa Irei, Senior Site Editor
- Sharon Shea, Executive Editor
-
Tip
19 Oct 2022
How to manage and reduce secret sprawl
Secret sprawl plagues companies, making them vulnerable to data breaches. Discover what causes secret sprawl and how to better protect secrets. Continue Reading
By- Charles Kolodgy, Security Mindsets
-
Feature
19 Oct 2022
Top 10 pen testing interview questions with answers
Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
By- Isabella Harford, TechTarget
- Packt Publishing
-
Feature
19 Oct 2022
Top IT security manager interview questions
Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
By- Isabella Harford, TechTarget
-
Guest Post
19 Oct 2022
3 cloud security posture questions CISOs should answer
As cloud adoption continues to accelerate, CISOs must help IT and cybersecurity teams keep pace with evolving cloud markets, especially when it comes to cloud security posture. Continue Reading
By- Kristopher Carr
-
Definition
19 Oct 2022
pegged cryptocurrency
A pegged cryptocurrency is a cryptocurrency whose value is linked to a specific bank-issued currency, financial instrument or tradable commodity. Continue Reading