Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
New & Notable
Threats and vulnerabilities News
-
May 25, 2022
25
May'22
Verizon DBIR: Stolen credentials led to nearly 50% of attacks
The 2022 Verizon Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations.
-
May 24, 2022
24
May'22
Verizon DBIR: Ransomware dominated threat landscape in 2021
Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected.
-
May 23, 2022
23
May'22
Veeam data protection aids users with secure restores
From 'nothing worked' to 'it just worked': How Veeam Software helped a Florida city out of a troublesome predicament with its legacy data backup platform.
-
May 23, 2022
23
May'22
AdvIntel: Conti rebranding as several new ransomware groups
According to AdvIntel's research, the Conti ransomware group's attack on the Costa Rican government was part of a rebranding effort, as the gang's ransom payments had dried up.
Threats and vulnerabilities Get Started
Bring yourself up to speed with our introductory content
-
8 cybersecurity conferences to attend in 2022
Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way learn about these trends for the best defense. Continue Reading
-
How to conduct a cyber-war gaming exercise
A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
-
man in the browser (MitB)
Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions. Continue Reading
Evaluate Threats and vulnerabilities Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
Why using ransomware negotiation services is worth a try
If stakeholders decide to pay ransomware demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout. Continue Reading
-
How cryptocurrencies enable attackers and defenders
Threat actors use cryptocurrencies for their anonymity, but they're not as impenetrable as once thought. Discover how cryptocurrencies can help attackers and defenders alike. Continue Reading
-
Compare zero trust vs. the principle of least privilege
Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
Manage Threats and vulnerabilities
Learn to apply best practices and optimize your operations.
-
How to counter insider threats in the software supply chain
Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading
-
How to implement an attack surface management program
Keeping attackers away from corporate assets means keeping a constant vigilance over the organization's attack surface. An attack surface management program can help. Continue Reading
-
Why companies should focus on preventing privilege escalation
If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them. Continue Reading
Problem Solve Threats and vulnerabilities Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
Prepare for deepfake phishing attacks in the enterprise
Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
-
Case study: Why it's difficult to attribute nation-state attacks
If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
-
Tips for using a threat profile to prevent nation-state attacks
Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading