Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

Tip 21 Apr 2025
Top 5 ransomware attack vectors and how to avoid them

Protecting your organization against ransomware attack entryways could mean the difference between staying safe or falling victim to a devastating breach. Continue Reading
By
- Ed Moyle, SecurityCurve
- Diana Kelley, SecurityCurve
Feature 18 Apr 2025
The history and evolution of ransomware attacks

Ransomware creators have become more innovative and savvier as organizations up their defenses. Continue Reading
By
- Sharon Shea, Executive Editor

Tip 17 Apr 2025
Tips to find cyber insurance coverage in 2025

Most businesses have a form of cyber insurance, either through cyber liability and data breach endorsements in traditional business policies or through standalone cyber policies. Continue Reading
By
- Kathleen Richards
Tip 15 Apr 2025
How to effectively respond to a ransomware attack

Does your organization know what to do if its systems are suddenly struck by a ransomware attack? To be ready, prepare your ransomware response well ahead of time. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 15 Apr 2025
How to ensure OT secure remote access and prevent attacks

OT systems face threats from attackers targeting their remote access capabilities. Segmenting networks is one important step. Learn other ways to safeguard your OT systems. Continue Reading
By
- Amanda Scheldt
Feature 15 Apr 2025
Ransomware trends, statistics and facts in 2025

Supply chain attacks, double extortion and RaaS are some of the ransomware trends that will continue to disrupt businesses in 2025. Is your industry a top target? Continue Reading
By
- Sean Michael Kerner
Conference Coverage 15 Apr 2025
RSA Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 14 Apr 2025
How to conduct ransomware awareness training for employees

As your organization's first line of defense, hold regular employee training on how to prevent, detect and respond to ransomware attacks. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 14 Apr 2025
8 types of ransomware, plus examples of attacks

There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work and review notable attacks and variants. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 11 Apr 2025
Ransomware negotiation: Does it work, and should you try it?

Negotiating with the criminals who are holding your data for ransom is a daunting and stressful endeavor. Experts weigh in on the risks and the potential outcomes. Continue Reading
By
- Mary K. Pratt
Tip 09 Apr 2025
How to prevent and protect against ransomware

Organizations sometimes learn difficult lessons about gaps in their cybersecurity defenses. Here's what to know about ransomware preparation, detection, response and recovery. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 09 Apr 2025
QR code phishing: 14 quishing prevention tips

Quishing is an offputting word for an on-the-rise attack method. Learn how to defend against it. Continue Reading
By
- Alissa Irei, Senior Site Editor
Tip 09 Apr 2025
Quantum-resistant algorithms: Why they matter

Quantum-resistant algorithms play a crucial role in post-quantum cryptography, which protects against threats on digital signatures and current encryption methods. Continue Reading
By
- Michael Nadeau
Tip 08 Apr 2025
Ransomware payments: Considerations before paying

To pay or not to pay -- that's the question after a ransomware attack. Law enforcement recommends against it, but that doesn't stop some companies from paying up. Continue Reading
By
- Kyle Johnson, Technology Editor
Answer 08 Apr 2025
How to report ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 07 Apr 2025
Explaining AI's impact on ransomware attacks and security

Experts say AI and LLMs will make ransomware attacks more dangerous, but those same tools could be turned against criminals by bolstering ransomware protections. Continue Reading
By
- Michael Nadeau
Tip 03 Apr 2025
How to detect and remove malware from an Android device

Mobile malware can come in many forms, but users might not know how to identify it. Understand the signs to be wary of on Android devices, as well as what to do to remove malware. Continue Reading
By
- Sean Michael Kerner
- Michael Goad, CDW
Feature 03 Apr 2025
4 ransomware detection techniques to catch an attack

While prevention is key, it's not enough to protect a company's systems from ransomware. Learn how early detection with these four methods helps reduce damage from attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 31 Mar 2025
Cybercrime-as-a-service explained: What you need to know

Cybercrime-as-a-service is quickly evolving, offering easy access to hacking tools for criminals. Learn how it works and steps to protect your organization from attacks. Continue Reading
By
- Sean Michael Kerner
Definition 31 Mar 2025
What is a hacker?

A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. Continue Reading
By
Tip 31 Mar 2025
How to prevent a data breach: 11 best practices and tactics

When it comes to data breach prevention, the stakes are high. While it's impossible to eliminate the risk, organizations can minimize it by following these best practices. Continue Reading
By
- Andrew Froehlich, West Gate Networks
News 28 Mar 2025
News brief: China-linked APTs and Russian access broker

Check out the latest security news from the Informa TechTarget team. Continue Reading
By
- SearchSecurity Staff
Definition 26 Mar 2025
What is a web application firewall (WAF)? WAF explained

A web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
Definition 20 Mar 2025
What is continuous monitoring?

Continuous monitoring constantly observes the performance and operation of IT assets to help reduce risk and improve uptime instead of taking a point-in-time snapshot of a device, network or application. Continue Reading
By
- Sean Michael Kerner
Opinion 20 Mar 2025
How to sideload iOS apps and why it's dangerous

IT professionals might think the hassle of jailbreaking a device deters users from sideloading iOS apps. Learn the other methods users turn to and why it's still dangerous. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Kyle Johnson, Technology Editor
Definition 18 Mar 2025
What is security automation?

Security automation uses technology to remove high-volume manual processes from security operations to detect cyberthreats, which saves time by integrating different workflows into repeatable processes. Continue Reading
By
- Sean Michael Kerner
Tip 17 Mar 2025
How to avoid and prevent social engineering attacks

Organizations and employees must both do their part to prevent and avoid social engineering attacks. A combination of security controls, policies, procedures and training is necessary. Continue Reading
By
- Paul Kirvan
Tip 14 Mar 2025
How to secure AI infrastructure: Best practices

AI tools are creating an even greater attack surface for malicious hackers to penetrate. But there are steps you can take to ensure your organization's AI foundation remains safe. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 14 Mar 2025
What is pharming?

Pharming is a scamming practice in which malicious code is installed on a PC or server, misdirecting users to fraudulent websites without their knowledge or consent. Continue Reading
By
- Nick Barney, Technology Writer
Definition 13 Mar 2025
What is a pass-the-hash attack?

A pass-the-hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network. Continue Reading
By
- Nick Barney, Technology Writer
- Madelyn Bacon, TechTarget
Tip 12 Mar 2025
How to deal with unmanaged devices in the enterprise

Unmanaged devices present numerous risks, but how did they gain access to the network without any management in place? IT should learn how this happens and what to do when it does. Continue Reading
By
- Brien Posey
Definition 11 Mar 2025
What is a rootkit?

A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and control over a computer or other system. Continue Reading
By
- Scott Robinson, New Era Technology
- Mary E. Shacklett, Transworld Data
- Linda Rosencrance
Definition 03 Mar 2025
What is cyberstalking and how to prevent it?

Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading
By
- Katie Terrell Hanna
- Rahul Awati
News 28 Feb 2025
Microsoft targets AI deepfake cybercrime network in lawsuit

Microsoft alleges that defendants used stolen Azure OpenAI API keys and special software to bypass content guardrails and generate illicit AI deepfakes for payment. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 28 Feb 2025
What is a watering hole attack?

A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Gavin Wright
- Madelyn Bacon, TechTarget
Definition 27 Feb 2025
What is domain generation algorithm (DGA)?

A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGAs provide malware with new domains to evade security countermeasures. Continue Reading
By
- Nick Barney, Technology Writer
- Alexander S. Gillis, Technical Writer and Editor
- Sharon Shea, Executive Editor
News 27 Feb 2025
CrowdStrike: China hacking has reached 'inflection point'

In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Feb 2025
NCC Group tracks alarming ransomware surge in January

NCC Group found ransomware activity in January surpassed previous monthly highs with 590 attacks, as one notorious gang experienced a notable resurgence. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Feb 2025
Black Basta ransomware leak sheds light on targets, tactics

VulnCheck found the ransomware gang targeted CVEs in popular enterprise products from Microsoft, Citrix, Cisco, Fortinet, Palo Alto Networks, Confluence Atlassian and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Feb 2025
Dragos: Ransomware attacks against industrial orgs up 87%

Ransomware attacks continue to be a major pain point for industrial organizations, as the sector has historically struggled with vulnerability management. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Feb 2025
Palo Alto Networks vulnerabilities exploited in chained attack

The cybersecurity vendor urges customers to take immediate action to mitigate recently disclosed vulnerabilities that are being actively exploited in the wild. Continue Reading
By
- Arielle Waldman, News Writer
Definition 21 Feb 2025
What is application allowlisting?

Application allowlisting, previously known as 'application whitelisting,' is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Brien Posey
- Peter Loshin, Former Senior Technology Editor
Podcast 20 Feb 2025
Risk & Repeat: Salt Typhoon hasn't stopped hacking

Although the Salt Typhoon telecom breaches from last year appear to have been remediated, the Chinese state-sponsored threat group continues to target critical organizations. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Feb 2025
CISA, FBI warn of Ghost/Cring ransomware attacks

Ghost is a China-based financially motivated ransomware group that has launched attacks against organizations in more than 70 countries -- including its own. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 20 Feb 2025
What is a checksum?

A checksum is a value that represents the number of bits in a transmission message. IT professionals use it to detect high-level errors within data transmissions. Continue Reading
By
- Rahul Awati
- Kinza Yasar, Technical Writer
- Laura Fitzgibbons
Definition 19 Feb 2025
What is an attack vector?

An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Continue Reading
By
- Scott Robinson, New Era Technology
- Mary E. Shacklett, Transworld Data
Definition 19 Feb 2025
What is email spoofing?

Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source. Continue Reading
By
- Scott Robinson, New Era Technology
- Peter Loshin, Former Senior Technology Editor
News 18 Feb 2025
Palo Alto Networks PAN-OS vulnerability exploited in the wild

Palo Alto Networks says threat actors used a publicly available PoC exploit in attack attempts against firewall customers with PAN-OS management interfaces exposed to the internet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 18 Feb 2025
What are social engineering attacks?

Social engineering is an attack vector that relies heavily on human interaction and often involves psychological manipulation of people into breaking normal security procedures and best practices to gain unauthorized access. Continue Reading
By
- Paul Kirvan
- Madelyn Bacon, TechTarget
Definition 18 Feb 2025
What is a botnet?

A botnet is a collection of internet-connected devices -- including PCs, servers, mobile devices and internet of things (IoT) devices -- infected and controlled by a common type of malware, often unbeknownst to their owners. Continue Reading
By
- Scott Robinson, New Era Technology
- Katie Terrell Hanna
- Ben Lutkevich, Site Editor
News 13 Feb 2025
Salt Typhoon compromises telecom providers' Cisco devices

Salt Typhoon's latest campaign exploits older vulnerabilities in Cisco edge devices to gain access to the networks of several telecom companies, including two based in the U.S. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 13 Feb 2025
What is a denial-of-service attack?

A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to access computer systems, networks, services or other IT resources. Continue Reading
By
- Scott Robinson, New Era Technology
- Kevin Ferguson
- Peter Loshin, Former Senior Technology Editor
News 12 Feb 2025
Fortinet discloses second authentication bypass vulnerability

Fortinet disclosed CVE-2025-24472 in an updated advisory that confused some in the infosec community because it stated that 'reports show this is being exploited in the wild.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 12 Feb 2025
What is cyber hijacking?

Cyber hijacking, or computer hijacking, is a type of network security attack in which the threat actor takes control of computer systems, software programs and network communications. Continue Reading
By
- Scott Robinson, New Era Technology
Definition 12 Feb 2025
What is antimalware?

Antimalware is a software program created to protect IT systems and individual computers from malicious software, or malware. Continue Reading
By
- Scott Robinson, New Era Technology
- Linda Rosencrance
News 11 Feb 2025
Apple zero day used in 'extremely sophisticated attack'

CVE-2025-24200 is a zero-day vulnerability that bypasses Apple's USB Restricted Mode in iPhones and iPads and was exploited in the wild against 'specific targeted individuals.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Feb 2025
Trimble Cityworks zero-day flaw under attack, patch now

CVE-2025-0994 is a high-severity deserialization vulnerability that enables remote code execution in unpatched versions of Cityworks enterprise asset management software. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Feb 2025
Ransomware hits healthcare, critical services in January

Ransomware attacks against healthcare organizations in January reflect an increasing need for threat actors to adapt and get aggressive as defenders improve. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 07 Feb 2025
What is physical security and how does it work?

Physical security protects personnel, hardware, software, networks, facilities and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Michael Cobb
News 06 Feb 2025
Unpatched.ai: Who runs the vulnerability discovery platform?

There is limited information on the AI-powered vulnerability discovery platform that emerged in December after it reported Microsoft vulnerabilities Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Feb 2025
What is a cyberthreat hunter (cybersecurity threat analyst)?

A cyberthreat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that might go undetected using automated security tools such as malware detectors and firewalls. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Katie Terrell Hanna
- John Moore, Industry Editor
News 05 Feb 2025
Zyxel won't patch end-of-life routers against zero-day attacks

Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Feb 2025
AMD, Google disclose Zen processor microcode vulnerability

AMD said CVE-2024-56161, which first leaked last month, requires an attacker to have local administrator privileges as well as developed and executed malicious microcode. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Feb 2025
WatchTowr warns abandoned S3 buckets pose supply chain risk

WatchTowr researchers found that they could reregister abandoned Amazon S3 buckets and detail alarming ways that threat actors could exploit the attack surface. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 30 Jan 2025
Risk & Repeat: DeepSeek security issues emerge

The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 29 Jan 2025
Google details adversarial AI activity on Gemini

Google identified APTs from more than 20 nations misusing its Gemini AI chatbot but noted that threat actors were unsuccessful in finding novel techniques or vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Jan 2025
DeepSeek claims 'malicious attacks' disrupting AI service

DeepSeek, which gained popularity recently for its AI platform, did not specify the cause of 'large-scale malicious attacks,' which continue to disrupt new account registrations. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Jan 2025
Apple zero-day vulnerability under attack on iOS devices

Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its CoreMedia framework and 'may have been actively exploited against versions of iOS before iOS 17.2.' Continue Reading
By
- Rob Wright, Senior News Director
Definition 28 Jan 2025
What is spyware?

Spyware is a type of malicious software (malware) that is installed on a computing device without the end user's knowledge. Continue Reading
By
- Katie Terrell Hanna
- Alexander S. Gillis, Technical Writer and Editor
- Kate Brush
News 27 Jan 2025
Former CSRB members largely silent on dismissal

The Cyber Safety Review Board was investigating recent attacks by Chinese state-sponsored threat actor Salt Typhoon when DHS terminated all advisory board memberships. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Jan 2025
AMD processor vulnerability inadvertently leaked early

The flaw was revealed when hardware manufacturer Asus published a patch for an 'AMD Microcode Signature Verification Vulnerability' to a gaming motherboard update page. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 23 Jan 2025
Zero-day vulnerability in SonicWall SMA series under attack

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Jan 2025
Eclypsium finds security issues in Palo Alto Networks NGFWs

Eclypsium researchers stressed how essential supply chain security is as threat actors increasingly target and exploit vulnerabilities in firewalls, VPNs and other edge devices. Continue Reading
By
- Arielle Waldman, News Writer
Definition 22 Jan 2025
What is hacktivism?

Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Continue Reading
By
- Katie Terrell Hanna
- Ben Lutkevich, Site Editor
- Madelyn Bacon, TechTarget
Tip 21 Jan 2025
How to prevent living-off-the-land attacks

Living-off-the-land attacks have been around since the dawn of modern computing, but they're drawing new attention from threat actors eager to find ways to penetrate defenses. Continue Reading
By
- Amanda Scheldt
News 16 Jan 2025
Threat actor publishes data of 15K hacked FortiGate firewalls

Although the threat actor published the alleged stolen Fortinet FortiGate firewall data this week, the data is apparently tied to older zero-day exploitation from 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Jan 2025
ESET details UEFI Secure Boot bypass vulnerability

ESET researchers last year discovered an unsigned binary in a third-party UEFI application that could have been abused to bypass the Secure Boot process. Continue Reading
By
- Arielle Waldman, News Writer
Definition 15 Jan 2025
What is password cracking?

Password cracking is the process of using an application program to identify an unknown or forgotten password that allows access to a computer or network resource. Continue Reading
By
- Rahul Awati
- Alexander S. Gillis, Technical Writer and Editor
News 14 Jan 2025
Attackers exploiting critical Fortinet zero-day vulnerability

Fortinet disclosed another zero-day vulnerability in its FortiOS and FortiProxy products days after Arctic Wolf detailed a threat campaign targeting the vendor's devices. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Jan 2025
CISA: BeyondTrust flaw CVE-2024-12686 exploited in the wild

BeyondTrust discovered the flaw last month while investigating breaches of a 'limited number' of SaaS customers at the hands of Chinese state-sponsored threat actors. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Jan 2025
Ivanti zero-day patching increases amid ongoing attacks

Recent scans conducted by the Shadowserver Foundation show many organizations have patched Ivanti instances vulnerable to CVE-2025-0282 over the last week. Continue Reading
By
- Arielle Waldman, News Writer
Feature 13 Jan 2025
Pig butchering scam explained: Everything you need to know

People wanting to make money on the cryptocurrency market are becoming targets for scammers. Scammers are even looking for their next victim through dating and social media apps. Continue Reading
By
- Amanda Hetler, Senior Editor
Feature 13 Jan 2025
9 secure email gateway options for 2025

Finding the best email security gateway is vital to protect companies from cyberattacks. Here's a look at some current market leaders and their standout features. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Report 10 Jan 2025
35 cybersecurity statistics to lose sleep over in 2025

Here are 35 eye-opening cybersecurity stats -- on cybercrime, vulnerabilities, costs, careers and other trends -- to consider while evaluating your 2025 security plan. Continue Reading
By
- Sean Michael Kerner
News 09 Jan 2025
Mandiant links Ivanti zero-day exploitation to Chinese hackers

Mandiant warned users to be prepared for widespread exploitation of CVE-2025-0282 as Ivanti products have become a popular target for attackers in recent years. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Jan 2025
December ransomware attacks slam healthcare, public services

In December, one victim organization paid a $1.5 million ransom to restore services, while another continued to experience disruptions for more than one month following an attack. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Jan 2025
Critical Ivanti Connect Secure zero-day flaw under attack

Although Ivanti has seen exploitation of CVE-2025-0282 in only Ivanti Connect Secure instances, Ivanti Policy Secure and ZTA gateways are also vulnerable to the flaw. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 08 Jan 2025
Top 15 email security best practices for 2025

Attackers exploit email every day to break into corporate networks, but the risk can be reduced by adhering to these 15 email security best practices. Continue Reading
By
- Sharon Shea, Executive Editor
- Peter Loshin, Former Senior Technology Editor
News 06 Jan 2025
Amit Yoran, Tenable CEO and cybersecurity advocate, dies at 54

Amit Yoran was a decades-long practitioner of cybersecurity and previously held key roles at the U.S. Department of Homeland Security, RSA Security and NetWitness. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Jan 2025
Dozens of Chrome extensions hacked in threat campaign

Although data security vendor Cyberhaven disclosed that its Chrome extension was compromised on Dec. 24, additional research suggests the broader campaign could be months older. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 02 Jan 2025
Top 7 enterprise cybersecurity challenges in 2025

Security teams faced unprecedented challenges in 2024. The year ahead appears no less daunting. Here are the cybersecurity trends and safeguards to consider in 2025. Continue Reading
By
- Sharon Shea, Executive Editor
News 30 Dec 2024
10 of the biggest ransomware attacks in 2024

Ransomware attacks against U.S. organizations in 2024 disrupted healthcare systems, supply chains and government services and led to tens of millions of dollars in ransom payments. Continue Reading
By
- Arielle Waldman, News Writer
Feature 30 Dec 2024
Navigate the 2025 threat landscape with expert insights

AI technology and company employees can serve as both gateways and buffers against cyberthreats. Learn more from expert thought leaders on how to protect your environment in 2025. Continue Reading
By
- Alicia Landsberg, Senior Managing Editor
Podcast 23 Dec 2024
Risk & Repeat: The state of ransomware in 2024

Ransomware made major headlines in 2024, from the massive Change Healthcare attack to the creative takedown of the notorious LockBit ransomware-as-a-service gang. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 19 Dec 2024
BeyondTrust SaaS instances breached in cyberattack

BeyondTrust, a privileged access management vendor, patched two vulnerabilities this week after attackers compromised SaaS instances for a 'limited number' of customers. Continue Reading
By
- Arielle Waldman, News Writer
Feature 19 Dec 2024
10 cybersecurity predictions for 2025

AI will still be a hot topic in 2025, but don't miss out on other trends, including initial access broker growth, the rise of vCISOs, tech rationalization and more. Continue Reading
By
- Kyle Johnson, Technology Editor
Answer 19 Dec 2024
How bad is generative AI data leakage and how can you stop it?

Mismanaged training data, weak models, prompt injection attacks can all lead to data leakage in GenAI, with serious costs for companies. The good news? Risks can be mitigated. Continue Reading
By
- Chris Tozzi
News 18 Dec 2024
CISA issues mobile security guidance following China hacks

Following the Salt Typhoon attacks, CISA offers advice to 'highly targeted' individuals, such as using end-to-end encryption and moving away from purely SMS-based MFA. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tutorial 18 Dec 2024
How to use the Hydra password-cracking tool

Ethical hackers: Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with this step-by-step tutorial and companion video. Continue Reading
By
- Ed Moyle, SecurityCurve
News 16 Dec 2024
Cleo zero-day vulnerability gets CVE as attacks continue

The new Cleo zero-day vulnerability, CVE-2024-55956, is separate from CVE-2024-50623 despite both vulnerabilities being used by threat actors to target the same endpoints. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 16 Dec 2024
How to mitigate wiper malware

A wiperware cyberattack can change the game for organizations because it causes complete destruction of data and systems. Find out how to protect your organization. Continue Reading
By
- Ravi Das, ML Tech Inc.
Podcast 13 Dec 2024
Risk & Repeat: Attacks ramp up on Cleo MFT software

Earlier this week, threat actors began exploiting a zero-day vulnerability in Cleo's managed file transfer products, but the details of the flaw remain unclear. Continue Reading
By
- Alexander Culafi, Senior News Writer