Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

May 25, 2022 25 May'22
Verizon DBIR: Stolen credentials led to nearly 50% of attacks

The 2022 Verizon Data Breach Investigations Report revealed enterprises' ongoing struggle with securing credentials and avoiding common mistakes such as misconfigurations.
May 24, 2022 24 May'22
Verizon DBIR: Ransomware dominated threat landscape in 2021

Though ransomware became an increasingly large threat to enterprises last year, Verizon's Data Breach Investigations Report found the model may not be as profitable as expected.
May 23, 2022 23 May'22
Veeam data protection aids users with secure restores

From 'nothing worked' to 'it just worked': How Veeam Software helped a Florida city out of a troublesome predicament with its legacy data backup platform.
May 23, 2022 23 May'22
AdvIntel: Conti rebranding as several new ransomware groups

According to AdvIntel's research, the Conti ransomware group's attack on the Costa Rican government was part of a rebranding effort, as the gang's ransom payments had dried up.

Bring yourself up to speed with our introductory content

8 cybersecurity conferences to attend in 2022

Cybercriminals create new ways to steal information regularly, creating cybersecurity challenges. Attending conferences is one way learn about these trends for the best defense. Continue Reading
How to conduct a cyber-war gaming exercise

A successful cyber-war game can help organizations find weaknesses in their system but only if the right participants are involved and an after-action review is completed. Continue Reading
man in the browser (MitB)

Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Why using ransomware negotiation services is worth a try

If stakeholders decide to pay ransomware demands, using a ransomware negotiation service could improve the situation's outcome and lower the payout. Continue Reading
How cryptocurrencies enable attackers and defenders

Threat actors use cryptocurrencies for their anonymity, but they're not as impenetrable as once thought. Discover how cryptocurrencies can help attackers and defenders alike. Continue Reading
Compare zero trust vs. the principle of least privilege

Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading

Learn to apply best practices and optimize your operations.

How to counter insider threats in the software supply chain

Insider threats extend beyond employees within your company to include people working at partners and third parties. Learn about these insider threats in the software supply chain. Continue Reading
How to implement an attack surface management program

Keeping attackers away from corporate assets means keeping a constant vigilance over the organization's attack surface. An attack surface management program can help. Continue Reading
Why companies should focus on preventing privilege escalation

If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Prepare for deepfake phishing attacks in the enterprise

Deepfake phishing has already cost at least one company $243,000. Learn how cybersecurity leaders can train users to recognize this emerging attack vector. Continue Reading
Case study: Why it's difficult to attribute nation-state attacks

If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware. Continue Reading
Tips for using a threat profile to prevent nation-state attacks

Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile. Continue Reading