Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

August 11, 2022 11 Aug'22
Zero Day Initiative launches new bug disclosure timelines

The Trend Micro Zero Day Initiative's vulnerability disclosure policy will now mandate shorter disclosure windows for flaws believed to result from bypassed security patches.
August 11, 2022 11 Aug'22
Google researchers dissect Android spyware, zero days

Researchers with Google's Threat Analysis Group say the ecosystem of surveillance vendors is far larger than just NSO Group, and some vendors are sharing or trading exploits.
August 08, 2022 08 Aug'22
Guide to the latest Black Hat 2022 Conference news

This Black Hat 2022 guide offers readers breaking news, trending topics and technical expert insights from one of the leading cybersecurity conferences.
August 02, 2022 02 Aug'22
July another down month in ransomware attack disclosures

July saw a similar number of ransomware attack disclosures as June, previously the sparsest month for disclosures this year, according to SearchSecurity's data.

Bring yourself up to speed with our introductory content

Is ethical hacking legal? And more ethical hacking advice

Is ethical hacking legal? Learn about the legality of ethical hacking, why it's important, its benefits and what organizations should look for when hiring an ethical hacker. Continue Reading
Ethical hacking: How to conduct a Sticky Keys hack

Physical security is often overlooked by cybersecurity teams. Learn about physical cybersecurity attacks in step-by-step instruction on how to conduct a Windows Sticky Keys hack. Continue Reading
NFT wash trading explained

NFT popularity grew with the rise of cryptocurrency. But scams -- such as wash trading -- also increased, presenting new problems for businesses and consumers. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

10 top open source security testing tools

From Kali Linux to Mimikatz to Metasploit, learn about 10 open source penetration testing tools organizations can use to determine how secure their network is. Continue Reading
Importance of enterprise endpoint security during a pandemic

Enterprises often focus greatly on communications security and less on endpoint security. Review the importance of enterprise endpoint security and best practices to implement it. Continue Reading
Cybersecurity lessons learned from COVID-19 pandemic

Cybersecurity lessons companies learn from the COVID-19 pandemic include having work-from-home preparations and developing disaster recovery and business continuity plans. Continue Reading

Learn to apply best practices and optimize your operations.

How to prevent a data breach: 10 best practices and tactics

When it comes to data breach prevention, the stakes are high. While it's impossible to eliminate the risk, organizations can minimize it by following these best practices. Continue Reading
How to improve cyber attack detection using social media

Social media has cybersecurity pros and cons. One benefit is that it can help improve cyber attack detection. These four real-world examples show how. Continue Reading
How to counter insider threats in the software supply chain

Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

A guide to MSP patch management best practices

As software patch management challenges mount, industry experts offer advice to MSPs on prioritizing system risk levels, selecting proper tools and testing patches internally. Continue Reading
3 threats dirty data poses to the enterprise

The Information Security Forum predicted dirty data will pose three threats to the enterprise. Learn about these threats, and get tips on how to protect your organization from them. Continue Reading
8 ways to avoid NFT scams

People and businesses are turning to NFTs to make money, trade collectibles and use as promotions. But scams are also trying to trick people and businesses out of money. Continue Reading