Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

May 24, 2022 24 May'22
Verizon DBIR: Ransomware dominated threat landscape in 2021

Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected.
May 23, 2022 23 May'22
Veeam data protection aids users with secure restores

From 'nothing worked' to 'it just worked': How Veeam Software helped a Florida city out of a troublesome predicament with its legacy data backup platform.
May 23, 2022 23 May'22
AdvIntel: Conti rebranding as several new ransomware groups

According to AdvIntel's research, the Conti ransomware group's attack on the Costa Rican government was part of a rebranding effort, as the gang's ransom payments had dried up.
May 19, 2022 19 May'22
QNAP devices hit by DeadBolt ransomware again

DeadBolt ransomware is once again targeting QNAP's NAS devices, and the vendor is urging customers to patch immediately.

Bring yourself up to speed with our introductory content

8 cybersecurity conferences to attend in 2022

Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way learn about these trends for the best defense. Continue Reading
How to conduct a cyber-war gaming exercise

A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
man in the browser (MitB)

Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

How cryptocurrencies enable attackers and defenders

Threat actors use cryptocurrencies for their anonymity, but they're not as impenetrable as once thought. Discover how cryptocurrencies can help attackers and defenders alike. Continue Reading
Compare zero trust vs. the principle of least privilege

Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
Russia-Ukraine war prompts security best practices refresher

The Russia-Ukraine war hasn't led to major cyber attacks affecting MSPs, but IT services providers should review cybersecurity best practices, including hardening and response. Continue Reading

Learn to apply best practices and optimize your operations.

How to counter insider threats in the software supply chain

Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading
How to implement an attack surface management program

Keeping attackers away from corporate assets means keeping a constant vigilance over the organization's attack surface. An attack surface management program can help. Continue Reading
Why companies should focus on preventing privilege escalation

If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
Tips for using a threat profile to prevent nation-state attacks

Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading
Top 7 enterprise cybersecurity challenges in 2022

Security teams faced unprecedented challenges in 2021. The year ahead appears no less daunting. Here are the cybersecurity trends and safeguards to take into account in 2022. Continue Reading