New & Notable
News
Microsoft enhanced Recall security, but will it be enough?
Microsoft's controversial Recall feature began rolling out to certain Windows Insiders with Copilot+ PCs in November, with more expected to participate this month.
News
Attackers exploit vulnerability in Cleo file transfer software
Cleo disclosed and patched the remote code execution vulnerability in late October, but managed file transfer products have proved to be popular targets for threat actors.
News
Ultralytics YOLO AI model compromised in supply chain attack
While Ultralytics has not released an official security advisory, the company pulled two recent versions of its YOLO11 AI model after reports said they contained a cryptominer.
Evaluate
2025 identity security and data security predictions
From securing nonhuman identities to post-quantum cryptography to DSPM and DLP combining, here's what's in store for identity and data security in 2025.
Trending Topics
-
Data Security & Privacy Evaluate
2025 identity security and data security predictions
From securing nonhuman identities to post-quantum cryptography to DSPM and DLP combining, here's what's in store for identity and data security in 2025.
-
Threats & Vulnerabilities News
Attackers exploit vulnerability in Cleo file transfer software
Cleo disclosed and patched the remote code execution vulnerability in late October, but managed file transfer products have proved to be popular targets for threat actors.
-
IAM News
FBI: Criminals using AI to commit fraud 'on a larger scale'
As AI technology becomes more widely adopted, attackers are abusing it for their scams, which the FBI says are becoming increasingly more difficult to detect.
-
Analytics & Automation News
AWS launches automated service for incident response
AWS Security Incident Response, which launched ahead of the re:Invent 2024 conference this week, can automatically triage and remediate events detected in Amazon GuardDuty.
-
Network Security Problem Solve
How to recover from a DDoS attack
Learn how to recover from a DDoS attack and get operations back online quickly, while minimizing impact on customers and brand reputation.
-
Operations & Management Evaluate
User provisioning and deprovisioning: Why it matters for IAM
Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary.
Sponsored Sites
-
Cloud Workloads
VMware vSphere Foundation and VMware Cloud Foundation powered by Intel technology results in a unified software-defined Data Center platform for running and managing private cloud, multi-cloud, and edge containerized workloads. Built-in inferencing enables customers to efficiently turn data into insight on a flexible hybrid cloud environment.
-
Cybersecurity
Kaspersky Next: Cybersecurity Redefined
-
Servers
Server Buying Considerations 2023
This site focusses on key server buying considerations for IT decision makers in 2023 and beyond, with an emphasis on innovations in server design, security, sustainability, automation, and financing flexibility from Dell Technologies and IntelĀ®.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
2025 identity security and data security predictions
From securing nonhuman identities to post-quantum cryptography to DSPM and DLP combining, here's what's in store for identity and data security in 2025.
-
How AI is reshaping threat intelligence
-
U.S. data privacy protection laws: 2025 guide
-
User provisioning and deprovisioning: Why it matters for IAM
-
-
Problem Solve
How to protect against malware as a service
Malware operators are further monetizing their malicious software by selling it to other attackers on a subscription basis. Learn how to detect and mitigate the threat.
-
How to recover from a DDoS attack
-
Biometric privacy and security challenges to know
-
How to identify and prevent insecure output handling
-
-
Manage
8 best practices for a bulletproof IAM strategy
IAM systems help to enable secure access to applications and resources. But to benefit from IAM -- and avoid a security failure -- teams must be ready to meet the challenges.
-
How to build an effective third-party risk assessment framework
-
What CISOs need to know to build an OT cybersecurity program
-
How to create an enterprise cloud security budget
-
Information Security Basics
-
Get Started
What is a session key?
A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.
-
Get Started
What is cipher block chaining (CBC)?
Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.
-
Get Started
What is obfuscation and how does it work?
Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program.
Multimedia
-
News
View All -
Threats and vulnerabilities
Attackers exploit vulnerability in Cleo file transfer software
Cleo disclosed and patched the remote code execution vulnerability in late October, but managed file transfer products have proved to be popular targets for threat actors.
-
Threats and vulnerabilities
Ultralytics YOLO AI model compromised in supply chain attack
While Ultralytics has not released an official security advisory, the company pulled two recent versions of its YOLO11 AI model after reports said they contained a cryptominer.
-
Threat detection and response
Police bust cybercrime marketplace, phishing network
As part of Europol's announcement of the cybercriminal marketplace's disruption, the agency included an image of a takedown notice referencing the 'Manson Market.'
Search Security Definitions
- What is a session key?
- What is cipher block chaining (CBC)?
- What is obfuscation and how does it work?
- What is Extensible Authentication Protocol (EAP)?
- What is IPsec (Internet Protocol Security)?
- What is endpoint detection and response (EDR)?
- What is Common Vulnerabilities and Exposures (CVE)?
- What is a spam trap?