Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

Tip 19 May 2025
AI model theft: Risk and mitigation in the digital era

Enterprises are spending big bucks on developing and training proprietary AI models. But cybercriminals are also eyeing this valuable intellectual property. Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Conference Coverage 16 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor

Conference Coverage 16 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
Definition 16 May 2025
What is risk appetite?

Risk appetite is the amount of risk an organization or investor is willing to take in pursuit of objectives it deems have value. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 09 May 2025
News brief: AI security risks highlighted at RSAC 2025

Check out the latest security news from the Informa TechTarget team. Continue Reading
By
- Sharon Shea, Executive Editor
Video 09 May 2025
An explanation of cyberattacks and their different forms

Cyberattacks are malicious attempts to breach computer systems. Types include phishing, ransomware and SQL injection. Prevention requires training, monitoring and encryption. Continue Reading
By
- Tommy Everson, Assistant Editor
Feature 08 May 2025
How to spot and expose fraudulent North Korean IT workers

North Koreans have infiltrated countless U.S. companies as remote IT workers. That means your top developer could also work for one of the world's most notorious dictators. Continue Reading
By
- Alissa Irei, Senior Site Editor
News 02 May 2025

Salt Typhoon telecom hacks one of the most consequential campaigns against US ever, expert says

A prominent former member of a recently shuttered cyber-incident review panel said the board should be reconstituted with independent authority. Continue Reading
News 02 May 2025

Enterprises need to beware of these 5 threats

A panel of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider. Continue Reading
Tip 02 May 2025
15 of the biggest ransomware attacks in history

From attacks on private organizations and manufacturers to healthcare organizations and even entire countries, ransomware has done extensive damage in recent years. Continue Reading
By
- Mary K. Pratt
Feature 01 May 2025
4 lessons in the new era of AI-enabled cybercrime

Cyberattacks have evolved rapidly as GenAI use has become more widespread. An RSAC Conference 2025 panel shared what they've learned over the past two years. Continue Reading
By
- Sharon Shea, Executive Editor
News 01 May 2025

RSAC: Check Point warns of 'rocket and missile' game with AI

Also, Rubrik and Rackspace unveiled a new strategic partnership. Continue Reading
News 01 May 2025

Adversaries are toying with U.S. networks and D.C. is short on answers

While nation-state actors are demonstrating how easily they can infiltrate U.S. networks, government officials don't seem to have a clear vision for what comes next. Continue Reading
News 30 Apr 2025

TheWizards APT casts a spell on Asian gamblers with novel attack

A SLAAC-spoofing, adversary-in-the-middle campaign is hiding the WizardNet backdoor malware inside updates for legitimate software and popular applications. Continue Reading
News 30 Apr 2025

AI-fueled cybercrime at risk of outpacing traditional defenses, Check Point warns

The security firm said in a new report that defenders should begin using AI to counter cybercriminals' adoption of the technology. Continue Reading
Feature 30 Apr 2025
RSAC Conference 2025 video reports

We chatted on camera with attendees and presenters at RSAC 2025. Check out this video collection to get highlights from one of the world's major cybersecurity conferences. Continue Reading
By
- Brenda L. Horrigan, Executive Managing Editor
News 29 Apr 2025

RSAC: Fortinet's latest threat report, Google Cloud-Mandiant, more

Many vendors are showcasing their latest AI-powered cybersecurity capabilities. Continue Reading
News 29 Apr 2025

Hacking in space: Not as tough as you might think

Barbara Grofe, space asset security architect at Spartan Corp, discussed the realities of hacking in space, and the outlook is not pie-in-the-sky. Continue Reading
Definition 28 Apr 2025
What is a risk map (risk heat map)?

A risk map, or risk heat map, is a data visualization tool for communicating specific risks an organization faces. Continue Reading
By
- Mary K. Pratt
- Mekhala Roy
Tip 28 Apr 2025
7 stages of the ransomware lifecycle

It can be nearly impossible to predict if or how a ransomware group will target an organization, but there are knowable stages of a ransomware attack. Continue Reading
By
- Char Sample, ICF International
- Andrew Froehlich, West Gate Networks
Tip 24 Apr 2025
How to incorporate smishing into security awareness training

Smishing is a major threat on enterprise smartphones, but users might not know how it compares to traditional email phishing. IT can help block attacks with training and testing. Continue Reading
By
- Brien Posey
Feature 24 Apr 2025
Top 10 ransomware targets by industry

In any given year, certain industries seem to make more attractive targets for ransomware groups. But no single sector shoulders all -- or even most -- of the risk. Continue Reading
By
- Alissa Irei, Senior Site Editor
Feature 23 Apr 2025
Explore the impact of quantum computing on cryptography

When quantum computers become more widely available, lots of encryption types will be vulnerable. Learn why, plus solutions and how to navigate a post-quantum cryptography world. Continue Reading
By
- Ryan Arel, Former Associate Site Editor
Definition 23 Apr 2025
What is ransomware? Definition and complete guide

Ransomware is malware that locks and encrypts a victim's data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment. Continue Reading
By
- Sharon Shea, Executive Editor
- Alissa Irei, Senior Site Editor
Definition 22 Apr 2025
What is crypto ransomware? How cryptocurrency aids attackers

Crypto ransomware is a form of ransomware that uses cryptography to encrypt computer files so that the victim cannot access them. In exchange for the demanded ransom, the attacker claims it will tell the victimized business how to regain access to the stolen data. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Feature 22 Apr 2025
9 quantum computing challenges IT leaders should know

While the theory of quantum mechanics is complex, the technology might offer practical uses for organizations. Learn about the challenges and opportunities of quantum computing. Continue Reading
By
- George Lawton
Definition 21 Apr 2025
What is a brute-force attack?

A brute-force attack is a trial-and-error hacking method cybercriminals use to decode login information and encryption keys to gain unauthorized access to systems. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Katie Terrell Hanna
Tip 21 Apr 2025
Top 5 ransomware attack vectors and how to avoid them

Protecting your organization against ransomware attack entryways could mean the difference between staying safe or falling victim to a devastating breach. Continue Reading
By
- Ed Moyle, SecurityCurve
- Diana Kelley, SecurityCurve
Feature 18 Apr 2025
The history and evolution of ransomware attacks

Ransomware creators have become more innovative and savvier as organizations up their defenses. Continue Reading
By
- Sharon Shea, Executive Editor
Tip 17 Apr 2025
Tips to find cyber insurance coverage in 2025

Most businesses have a form of cyber insurance, either through cyber liability and data breach endorsements in traditional business policies or through standalone cyber policies. Continue Reading
By
- Kathleen Richards
Tip 15 Apr 2025
How to effectively respond to a ransomware attack

Does your organization know what to do if its systems are suddenly struck by a ransomware attack? To be ready, prepare your ransomware response well ahead of time. Continue Reading
By
- Dave Shackleford, Voodoo Security
Tip 15 Apr 2025
How to ensure OT secure remote access and prevent attacks

OT systems face threats from attackers targeting their remote access capabilities. Segmenting networks is one important step. Learn other ways to safeguard your OT systems. Continue Reading
By
- Amanda Scheldt
Feature 15 Apr 2025
Ransomware trends, statistics and facts in 2025

Supply chain attacks, double extortion and RaaS are some of the ransomware trends that will continue to disrupt businesses in 2025. Is your industry a top target? Continue Reading
By
- Sean Michael Kerner
Tip 14 Apr 2025
How to conduct ransomware awareness training for employees

As your organization's first line of defense, hold regular employee training on how to prevent, detect and respond to ransomware attacks. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 14 Apr 2025
8 types of ransomware, plus examples of attacks

There are eight main types of ransomware but hundreds of examples of ransomware strains. Learn how the ransomware types work and review notable attacks and variants. Continue Reading
By
- Sharon Shea, Executive Editor
Feature 11 Apr 2025
Ransomware negotiation: Does it work, and should you try it?

Negotiating with the criminals who are holding your data for ransom is a daunting and stressful endeavor. Experts weigh in on the risks and the potential outcomes. Continue Reading
By
- Mary K. Pratt
Tip 09 Apr 2025
How to prevent and protect against ransomware

Organizations sometimes learn difficult lessons about gaps in their cybersecurity defenses. Here's what to know about ransomware preparation, detection, response and recovery. Continue Reading
By
- Dave Shackleford, Voodoo Security
Feature 09 Apr 2025
QR code phishing: 14 quishing prevention tips

Quishing is an offputting word for an on-the-rise attack method. Learn how to defend against it. Continue Reading
By
- Alissa Irei, Senior Site Editor
Tip 09 Apr 2025
Quantum-resistant algorithms: Why they matter

Quantum-resistant algorithms play a crucial role in post-quantum cryptography, which protects against threats on digital signatures and current encryption methods. Continue Reading
By
- Michael Nadeau
Tip 08 Apr 2025
Ransomware payments: Considerations before paying

To pay or not to pay -- that's the question after a ransomware attack. Law enforcement recommends against it, but that doesn't stop some companies from paying up. Continue Reading
By
- Kyle Johnson, Technology Editor
Answer 08 Apr 2025
How to report ransomware attacks: Steps to take

The Cybersecurity and Infrastructure Security Agency and FBI recommend reporting ransomware attacks to the authorities as soon as possible. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 07 Apr 2025
Explaining AI's impact on ransomware attacks and security

Experts say AI and LLMs will make ransomware attacks more dangerous, but those same tools could be turned against criminals by bolstering ransomware protections. Continue Reading
By
- Michael Nadeau
Tip 03 Apr 2025
How to detect and remove malware from an Android device

Mobile malware can come in many forms, but users might not know how to identify it. Understand the signs to be wary of on Android devices, as well as what to do to remove malware. Continue Reading
By
- Sean Michael Kerner
- Michael Goad, CDW
Feature 03 Apr 2025
4 ransomware detection techniques to catch an attack

While prevention is key, it's not enough to protect a company's systems from ransomware. Learn how early detection with these four methods helps reduce damage from attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 31 Mar 2025
Cybercrime-as-a-service explained: What you need to know

Cybercrime-as-a-service is quickly evolving, offering easy access to hacking tools for criminals. Learn how it works and steps to protect your organization from attacks. Continue Reading
By
- Sean Michael Kerner
Tip 31 Mar 2025
How to prevent a data breach: 11 best practices and tactics

When it comes to data breach prevention, the stakes are high. While it's impossible to eliminate the risk, organizations can minimize it by following these best practices. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Definition 31 Mar 2025
What is a hacker?

A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. Continue Reading
By
News 28 Mar 2025
News brief: China-linked APTs and Russian access broker

Check out the latest security news from the Informa TechTarget team. Continue Reading
By
- SearchSecurity Staff
Definition 26 Mar 2025
What is a web application firewall (WAF)? WAF explained

A web application firewall (WAF) is a firewall that is meant to protect web applications against common web-based threats. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
- Kinza Yasar, Technical Writer
Definition 20 Mar 2025
What is continuous monitoring?

Continuous monitoring constantly observes the performance and operation of IT assets to help reduce risk and improve uptime instead of taking a point-in-time snapshot of a device, network or application. Continue Reading
By
- Sean Michael Kerner
Opinion 20 Mar 2025
How to sideload iOS apps and why it's dangerous

IT professionals might think the hassle of jailbreaking a device deters users from sideloading iOS apps. Learn the other methods users turn to and why it's still dangerous. Continue Reading
By
- Andrew Froehlich, West Gate Networks
- Kyle Johnson, Technology Editor
Definition 18 Mar 2025
What is security automation?

Security automation uses technology to remove high-volume manual processes from security operations to detect cyberthreats, which saves time by integrating different workflows into repeatable processes. Continue Reading
By
- Sean Michael Kerner
Tip 17 Mar 2025
How to avoid and prevent social engineering attacks

Organizations and employees must both do their part to prevent and avoid social engineering attacks. A combination of security controls, policies, procedures and training is necessary. Continue Reading
By
- Paul Kirvan
Tip 14 Mar 2025
How to secure AI infrastructure: Best practices

AI tools are creating an even greater attack surface for malicious hackers to penetrate. But there are steps you can take to ensure your organization's AI foundation remains safe. Continue Reading
By
- Jerald Murphy, Nemertes Research
Definition 14 Mar 2025
What is pharming?

Pharming is a scamming practice in which malicious code is installed on a PC or server, misdirecting users to fraudulent websites without their knowledge or consent. Continue Reading
By
- Nick Barney, Technology Writer
Definition 13 Mar 2025
What is a pass-the-hash attack?

A pass-the-hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network. Continue Reading
By
- Nick Barney, Technology Writer
- Madelyn Bacon, TechTarget
Tip 12 Mar 2025
How to deal with unmanaged devices in the enterprise

Unmanaged devices present numerous risks, but how did they gain access to the network without any management in place? IT should learn how this happens and what to do when it does. Continue Reading
By
- Brien Posey
Definition 11 Mar 2025
What is a rootkit?

A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and control over a computer or other system. Continue Reading
By
- Scott Robinson, New Era Technology
- Mary E. Shacklett, Transworld Data
- Linda Rosencrance
Definition 03 Mar 2025
What is cyberstalking and how to prevent it?

Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading
By
- Katie Terrell Hanna
- Rahul Awati
News 28 Feb 2025
Microsoft targets AI deepfake cybercrime network in lawsuit

Microsoft alleges that defendants used stolen Azure OpenAI API keys and special software to bypass content guardrails and generate illicit AI deepfakes for payment. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 28 Feb 2025
What is a watering hole attack?

A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Gavin Wright
- Madelyn Bacon, TechTarget
Definition 27 Feb 2025
What is domain generation algorithm (DGA)?

A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGAs provide malware with new domains to evade security countermeasures. Continue Reading
By
- Nick Barney, Technology Writer
- Alexander S. Gillis, Technical Writer and Editor
- Sharon Shea, Executive Editor
News 27 Feb 2025
CrowdStrike: China hacking has reached 'inflection point'

In its 2025 Global Threat Report, CrowdStrike observed an increase in China's cyber capabilities, with a focus on espionage and 'pre-positioning' itself in critical environments. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 26 Feb 2025
NCC Group tracks alarming ransomware surge in January

NCC Group found ransomware activity in January surpassed previous monthly highs with 590 attacks, as one notorious gang experienced a notable resurgence. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Feb 2025
Black Basta ransomware leak sheds light on targets, tactics

VulnCheck found the ransomware gang targeted CVEs in popular enterprise products from Microsoft, Citrix, Cisco, Fortinet, Palo Alto Networks, Confluence Atlassian and more. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Feb 2025
Dragos: Ransomware attacks against industrial orgs up 87%

Ransomware attacks continue to be a major pain point for industrial organizations, as the sector has historically struggled with vulnerability management. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 21 Feb 2025
Palo Alto Networks vulnerabilities exploited in chained attack

The cybersecurity vendor urges customers to take immediate action to mitigate recently disclosed vulnerabilities that are being actively exploited in the wild. Continue Reading
By
- Arielle Waldman, News Writer
Definition 21 Feb 2025
What is application allowlisting?

Application allowlisting, previously known as 'application whitelisting,' is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Brien Posey
- Peter Loshin, Former Senior Technology Editor
Podcast 20 Feb 2025
Risk & Repeat: Salt Typhoon hasn't stopped hacking

Although the Salt Typhoon telecom breaches from last year appear to have been remediated, the Chinese state-sponsored threat group continues to target critical organizations. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Feb 2025
CISA, FBI warn of Ghost/Cring ransomware attacks

Ghost is a China-based financially motivated ransomware group that has launched attacks against organizations in more than 70 countries -- including its own. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 20 Feb 2025
What is a checksum?

A checksum is a value that represents the number of bits in a transmission message. IT professionals use it to detect high-level errors within data transmissions. Continue Reading
By
- Rahul Awati
- Kinza Yasar, Technical Writer
- Laura Fitzgibbons
Definition 19 Feb 2025
What is an attack vector?

An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server to deliver a payload or malicious outcome. Continue Reading
By
- Scott Robinson, New Era Technology
- Mary E. Shacklett, Transworld Data
Definition 19 Feb 2025
What is email spoofing?

Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source. Continue Reading
By
- Scott Robinson, New Era Technology
- Peter Loshin, Former Senior Technology Editor
News 18 Feb 2025
Palo Alto Networks PAN-OS vulnerability exploited in the wild

Palo Alto Networks says threat actors used a publicly available PoC exploit in attack attempts against firewall customers with PAN-OS management interfaces exposed to the internet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 18 Feb 2025
What are social engineering attacks?

Social engineering is an attack vector that relies heavily on human interaction and often involves psychological manipulation of people into breaking normal security procedures and best practices to gain unauthorized access. Continue Reading
By
- Paul Kirvan
- Madelyn Bacon, TechTarget
Definition 18 Feb 2025
What is a botnet?

A botnet is a collection of internet-connected devices -- including PCs, servers, mobile devices and internet of things (IoT) devices -- infected and controlled by a common type of malware, often unbeknownst to their owners. Continue Reading
By
- Scott Robinson, New Era Technology
- Katie Terrell Hanna
- Ben Lutkevich, Site Editor
News 13 Feb 2025
Salt Typhoon compromises telecom providers' Cisco devices

Salt Typhoon's latest campaign exploits older vulnerabilities in Cisco edge devices to gain access to the networks of several telecom companies, including two based in the U.S. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 13 Feb 2025
What is a denial-of-service attack?

A denial-of-service (DoS) attack is a security threat that occurs when an attacker makes it impossible for legitimate users to access computer systems, networks, services or other IT resources. Continue Reading
By
- Scott Robinson, New Era Technology
- Kevin Ferguson
- Peter Loshin, Former Senior Technology Editor
News 12 Feb 2025
Fortinet discloses second authentication bypass vulnerability

Fortinet disclosed CVE-2025-24472 in an updated advisory that confused some in the infosec community because it stated that 'reports show this is being exploited in the wild.' Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 12 Feb 2025
What is cyber hijacking?

Cyber hijacking, or computer hijacking, is a type of network security attack in which the threat actor takes control of computer systems, software programs and network communications. Continue Reading
By
- Scott Robinson, New Era Technology
Definition 12 Feb 2025
What is antimalware?

Antimalware is a software program created to protect IT systems and individual computers from malicious software, or malware. Continue Reading
By
- Scott Robinson, New Era Technology
- Linda Rosencrance
News 11 Feb 2025
Apple zero day used in 'extremely sophisticated attack'

CVE-2025-24200 is a zero-day vulnerability that bypasses Apple's USB Restricted Mode in iPhones and iPads and was exploited in the wild against 'specific targeted individuals.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 10 Feb 2025
Trimble Cityworks zero-day flaw under attack, patch now

CVE-2025-0994 is a high-severity deserialization vulnerability that enables remote code execution in unpatched versions of Cityworks enterprise asset management software. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 07 Feb 2025
Ransomware hits healthcare, critical services in January

Ransomware attacks against healthcare organizations in January reflect an increasing need for threat actors to adapt and get aggressive as defenders improve. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 07 Feb 2025
What is physical security and how does it work?

Physical security protects personnel, hardware, software, networks, facilities and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Michael Cobb
News 06 Feb 2025
Unpatched.ai: Who runs the vulnerability discovery platform?

There is limited information on the AI-powered vulnerability discovery platform that emerged in December after it reported Microsoft vulnerabilities Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Feb 2025
What is a cyberthreat hunter (cybersecurity threat analyst)?

A cyberthreat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that might go undetected using automated security tools such as malware detectors and firewalls. Continue Reading
By
- Mary E. Shacklett, Transworld Data
- Katie Terrell Hanna
- John Moore, Industry Editor
News 05 Feb 2025
Zyxel won't patch end-of-life routers against zero-day attacks

Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Feb 2025
AMD, Google disclose Zen processor microcode vulnerability

AMD said CVE-2024-56161, which first leaked last month, requires an attacker to have local administrator privileges as well as developed and executed malicious microcode. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 04 Feb 2025
WatchTowr warns abandoned S3 buckets pose supply chain risk

WatchTowr researchers found that they could reregister abandoned Amazon S3 buckets and detail alarming ways that threat actors could exploit the attack surface. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 30 Jan 2025
Risk & Repeat: DeepSeek security issues emerge

The introduction of DeepSeek's new generative AI models has been met with fervor, but security issues have created apparent challenges for the Chinese startup. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 29 Jan 2025
Google details adversarial AI activity on Gemini

Google identified APTs from more than 20 nations misusing its Gemini AI chatbot but noted that threat actors were unsuccessful in finding novel techniques or vulnerabilities. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Jan 2025
DeepSeek claims 'malicious attacks' disrupting AI service

DeepSeek, which gained popularity recently for its AI platform, did not specify the cause of 'large-scale malicious attacks,' which continue to disrupt new account registrations. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Jan 2025
Apple zero-day vulnerability under attack on iOS devices

Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its CoreMedia framework and 'may have been actively exploited against versions of iOS before iOS 17.2.' Continue Reading
By
- Rob Wright, Senior News Director
Definition 28 Jan 2025
What is spyware?

Spyware is a type of malicious software (malware) that is installed on a computing device without the end user's knowledge. Continue Reading
By
- Katie Terrell Hanna
- Alexander S. Gillis, Technical Writer and Editor
- Kate Brush
News 27 Jan 2025
Former CSRB members largely silent on dismissal

The Cyber Safety Review Board was investigating recent attacks by Chinese state-sponsored threat actor Salt Typhoon when DHS terminated all advisory board memberships. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Jan 2025
AMD processor vulnerability inadvertently leaked early

The flaw was revealed when hardware manufacturer Asus published a patch for an 'AMD Microcode Signature Verification Vulnerability' to a gaming motherboard update page. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 23 Jan 2025
Zero-day vulnerability in SonicWall SMA series under attack

SonicWall released a hotfix for a critical pre-authentication remote code execution vulnerability in Secure Mobile Access 1000 products amidst reports of zero-day exploitation. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Jan 2025
Eclypsium finds security issues in Palo Alto Networks NGFWs

Eclypsium researchers stressed how essential supply chain security is as threat actors increasingly target and exploit vulnerabilities in firewalls, VPNs and other edge devices. Continue Reading
By
- Arielle Waldman, News Writer
Definition 22 Jan 2025
What is hacktivism?

Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Continue Reading
By
- Katie Terrell Hanna
- Ben Lutkevich, Site Editor
- Madelyn Bacon, TechTarget
Tip 21 Jan 2025
How to prevent living-off-the-land attacks

Living-off-the-land attacks have been around since the dawn of modern computing, but they're drawing new attention from threat actors eager to find ways to penetrate defenses. Continue Reading
By
- Amanda Scheldt
News 16 Jan 2025
Threat actor publishes data of 15K hacked FortiGate firewalls

Although the threat actor published the alleged stolen Fortinet FortiGate firewall data this week, the data is apparently tied to older zero-day exploitation from 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer