Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
Tip
06 Sep 2024
Threat hunting frameworks, techniques and methodologies
Threat hunting's proactive approach plays a vital role in defending against cyberattacks. Learn about the frameworks, methodologies and techniques that make it so effective. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
06 Sep 2024
Ransomware rocked healthcare, public services in August
Ransomware remained a highly disruptive threat last month, as notable attacks claimed victims in healthcare, technology, manufacturing and the public sector. Continue Reading
By- Arielle Waldman, News Writer
-
News
14 Sep 2021
Apple patches zero-day, zero-click NSO Group exploit
The Citizen Lab said that it found the Apple zero-day vulnerability when it was 'analyzing the phone of a Saudi activist infected with NSO Group's Pegasus spyware.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
13 Sep 2021
Hackers port Cobalt Strike attack tool to Linux
An unknown group of cybercriminals has created a version of the Windows-only Cobalt Strike Beacon tool that works against Linux machines, which has been used in recent attacks. Continue Reading
-
Feature
10 Sep 2021
17 ransomware removal tools to protect enterprise networks
Check out this list of ransomware removal platforms to detect possible security threats, block attacks, and erase any malware lingering on devices and enterprise networks. Continue Reading
By -
Definition
09 Sep 2021
macro virus
A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word. Continue Reading
-
News
02 Sep 2021
Autodesk targeted in SolarWinds hack
Autodesk said in its 10-Q filing released Wednesday that it believes 'no customer operations or Autodesk products were disrupted' in the SolarWinds supply chain attack. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
30 Aug 2021
Malware analysis for beginners: Getting started
With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst. Continue Reading
By- Kyle Johnson, Technology Editor
-
Feature
30 Aug 2021
Top static malware analysis techniques for beginners
Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Definition
30 Aug 2021
logic bomb
A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met. Continue Reading
-
News
26 Aug 2021
Private sectors pledge big for cyberdefense
Tech giants have invested billions to address cybersecurity threats such as supply chain security and attacks on critical infrastructures. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Aug 2021
4 emerging ransomware groups take center stage
Four ransomware operations -- AvosLocker, Hive, HelloKitty and LockBit 2.0 -- have popped up on the radar of researchers with Palo Alto Network's Unit 42 team. Continue Reading
-
Definition
23 Aug 2021
spear phishing
Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information. Continue Reading
By- Mary E. Shacklett, Transworld Data
- Crystal Bedell
-
Definition
23 Aug 2021
ILOVEYOU virus
The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book. Continue Reading
By -
News
11 Aug 2021
Hackers selling access to breached networks for $10,000
Network access is a closely-guarded commodity in underground hacker forums, with some sellers not even revealing the names of their victims until money has changed hands. Continue Reading
-
Definition
05 Aug 2021
cyberstalking
Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading
By -
News
04 Aug 2021
Matt Tait warns of 'stolen' zero-day vulnerabilities
During Black Hat 2021, the COO of Corellium discussed three main threats that have ramped up: stolen zero days, zero days being exploited in the wild and supply chain attacks. Continue Reading
By- Arielle Waldman, News Writer
-
News
04 Aug 2021
Supply chain attacks, IoT threats on tap for Black Hat 2021
Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference. Continue Reading
-
News
02 Aug 2021
Hospitals at risk from security flaws in pneumatic tube systems
Researchers at IoT security vendor Armis said the nine critical vulnerabilities affect the pneumatic tube systems used by many hospitals in North America. Continue Reading
-
News
29 Jul 2021
Kaspersky tracks Windows zero days to 'Moses' exploit author
In its second-quarter threat report, Kaspersky Lab found a rise in the use of exploits and zero-day vulnerabilities, several of which were traced to a single threat actor. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Jul 2021
New 'BlackMatter' ransomware gang has echoes of REvil
Although connections are being made between ransomware groups REvil and BlackMatter, the jury is still out on whether they have threat actors in common. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
26 Jul 2021
Coveware: Median ransomware payment down 40% in Q2 2021
Coveware CEO Bill Siegel said that the efficacy of using data leak threats to obtain ransomware payments has gone down because 'you don't get anything in return when you pay.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Guest Post
19 Jul 2021
Balancing the benefits with the risks of emerging technology
Emerging technologies enable companies to maintain a competitive edge through their various benefits but can come with high risks. A balancing act is required. Continue Reading
By- Jacob Young
-
News
19 Jul 2021
US charges members of APT40, Chinese state-sponsored group
The Department of Justice accused four Chinese nationals of hacking into a variety of businesses between 2011 and 2018 to steal trade secrets and other valuable data. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Jul 2021
US government formally names China in Exchange Server hack
Beyond the Exchange Server hack, the White House's statement condemned China for its malicious cyber behavior and accused the country of government-affiliated ransomware attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
15 Jul 2021
SonicWall warns of 'imminent' SMA 100/SRA ransomware attacks
SonicWall said that those who fail to update or disconnect their vulnerable SMA 100 and SRA devices are 'at imminent risk of a targeted ransomware attack.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
14 Jul 2021
Risk & Repeat: Breaking down the Kaseya ransomware attacks
Nearly two weeks after REvil ransomware hit hundreds of companies, Kaseya and its managed service providers are still assessing the damage from the supply chain attack. Continue Reading
By- Rob Wright, Senior News Director
-
News
14 Jul 2021
Microsoft: Chinese threat actor exploited SolarWinds zero-day
Microsoft has observed DEV-0322, the threat actor exploiting the SolarWinds Serv-U zero-day, 'targeting entities in the U.S. Defense Industrial Base Sector and software companies.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
13 Jul 2021
spyware
Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Kate Brush
- Taina Teravainen
-
News
07 Jul 2021
Microsoft posts emergency 'PrintNightmare' patch
The out-of-band patch release addresses a critical flaw that allowed threat actors to gain remote code execution on vulnerable Windows and Windows Server systems. Continue Reading
-
News
06 Jul 2021
Kaseya ransomware attacks: What we know so far
REvil ransomware threat actors exploited a zero-day vulnerability to issue ransomware payloads disguised as legitimate software updates from Kaseya. Continue Reading
-
News
06 Jul 2021
Kaseya: 1,500 organizations affected by REvil attacks
Approximately 50 managed service providers and up to 1,500 of their customers were compromised via a devastating supply chain attack on Kaseya by REvil ransomware actors. Continue Reading
By- Rob Wright, Senior News Director
-
News
02 Jul 2021
Russia using Kubernetes cluster for brute-force attacks
The NSA warned that Russian state-sponsored hackers launched a new container-based campaign aimed at breaching networks and stealing essential data from multiple industries. Continue Reading
-
Definition
02 Jul 2021
domain generation algorithm (DGA)
A domain generation algorithm (DGA) is a program that generates a large list of domain names. DGA provides malware with new domains in order to evade security countermeasures. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Sharon Shea, Executive Editor
-
News
30 Jun 2021
European police lay siege to hacker haven DoubleVPN
An international law enforcement operation shut down DoubleVPN, a Dutch-hosted service that had provided low-cost, underground anonymizing services to cybercriminals. Continue Reading
-
News
29 Jun 2021
End users in the dark about latest cyberthreats, attacks
A study from IoT security vendor Armis shows many outside the IT community are unaware of growing threats, leaving a major gap in knowledge of basic security practices. Continue Reading
-
News
28 Jun 2021
SolarWinds hackers compromised Microsoft support agent
After placing information-stealing malware on a customer support agent's system, the Nobelium threat actors gained access to three Microsoft clients. Continue Reading
By- Arielle Waldman, News Writer
-
News
28 Jun 2021
DarkSide ransomware funded by cybercriminal 'investors'
New ransomware gangs, such as DarkSide, are receiving cryptocurrency investments from their peers and are poised to make life difficult for enterprises and law enforcement alike. Continue Reading
-
News
24 Jun 2021
Namecheap refines strategy to fight malicious domains
Security researchers this month noted drastic improvements in the domain registrar's effort to respond to and mitigate reports of malicious and fraudulent sites. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
23 Jun 2021
Risk & Repeat: US opens door for hacking back
This episode of the Risk & Repeat podcast discusses the growing pressure on the U.S. to respond to cyber attacks and if hacking back will be part of the plan. Continue Reading
By- Rob Wright, Senior News Director
-
News
22 Jun 2021
COVID, gift cards and phony acquisitions top BEC attack trends
New research from Cisco Talos shows cybercriminals are still using the COVID-19 pandemic for BEC attacks to steal millions, but in slightly different ways. Continue Reading
-
News
16 Jun 2021
Repeat ransomware attacks hit 80% of victims who paid ransoms
New research from Cybereason offers troubling findings for organizations that pay ransoms, from repeat attacks to corrupted data and faulty decryption tools. Continue Reading
By- Arielle Waldman, News Writer
-
News
11 Jun 2021
Slilpp marketplace goes dark following government takedown
Slilpp, a massive dark web emporium for buying and selling stolen credentials, has been pulled offline by an international law enforcement takedown. Continue Reading
-
News
11 Jun 2021
Cisco Talos: Exchange Server flaws accounted for 35% of attacks
More than one third of incidents recorded by Cisco Talos in the past three months were related to four Microsoft Exchange Server zero-days first revealed in March. Continue Reading
-
News
03 Jun 2021
White House issues ransomware directive for businesses
The Biden administration aims to stem parade of ransomware infections, data thefts and massive payouts to cybercriminal groups with a list of security best practices. Continue Reading
-
Definition
03 Jun 2021
social engineering
Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain. Continue Reading
By- Linda Rosencrance
- Madelyn Bacon, TechTarget
-
Feature
28 May 2021
Network reconnaissance techniques for beginners
In this excerpt of 'How Cybersecurity Really Works,' author Sam Grubb breaks down common network reconnaissance techniques used by adversaries to attack wired networks. Continue Reading
By- Katie Donegan, Social Media Manager
- No Starch Press
-
Definition
28 May 2021
password cracking
Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Guest Post
27 May 2021
3 steps to zero-day threat protection
Don't let a zero-day threat bring down your networks. Follow these three steps to prepare for the unknown and minimize potential damage. Continue Reading
By- Rohit Dhamankar
-
News
26 May 2021
Rowhammer reach extended for new attack method
Google researchers discovered a bit-flipping hardware trick can now be carried out across extra rows of transistors, circumventing protections against the attack technique. Continue Reading
-
News
25 May 2021
Operational technology is the new low-hanging fruit for hackers
FireEye researchers say exposed and poorly guarded industrial systems are being increasingly compromised by low-skill hackers using entry-level exploit techniques. Continue Reading
-
Definition
21 May 2021
hacktivism
Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Continue Reading
By- Ben Lutkevich, Site Editor
- Madelyn Bacon, TechTarget
-
News
20 May 2021
U.S. officials discuss 2020 election security, misinformation
During an RSA Conference 2021 panel, the CISO for Maricopa County, Ariz., said misinformation posed a bigger challenge for election officials than actual cyberattacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 May 2021
Infosec experts: Threat landscape is worst in 60 years
Between an increasing sophistication seen in nation-state groups and a rise in ransomware that's affecting everyone, the threat landscape may be reaching a historic peak. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 May 2021
SentinelOne: More supply chain attacks are coming
At RSA Conference 2021, SentinelOne threat researcher Marco Figueroa discussed the implications of the SolarWinds attacks, which he called one of the biggest hacks ever. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 May 2021
SolarWinds CEO: Supply chain attack began in January 2019
SolarWinds CEO Sudhakar Ramakrishna clarified earlier remarks from the company and said the massive supply chain attack was not the result of an intern's mistake. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 May 2021
Hackers turn Comcast voice remotes into eavesdropping tool
Guardicore researchers at RSA Conference 2021 manipulated the Xfinity XR11 voice controller to covertly record household conversations, raising concerns about IoT devices. Continue Reading
-
News
12 May 2021
Hacker makes short work of Apple AirTag jailbreak
A security researcher discovered a jailbreaking method for Apple's new mobile locating tracking devices, which were introduced just last month. Continue Reading
By- Shaun Nichols
-
News
12 May 2021
Senate hearing raises questions about SolarWinds backdoors
U.S. Department of Commerce CISO Ryan Higgins said in a Senate committee hearing Tuesday that his department was one of first agencies to detect the systemic compromise. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
12 May 2021
DarkSide: The ransomware gang that took down a pipeline
DarkSide may be best known for the Colonial Pipeline ransomware attack, but the gang has hit dozens of organizations since last summer, presenting itself as a Robin Hood-type group. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
12 May 2021
hacker
A hacker is an individual who uses computer, networking or other skills to overcome a technical problem. Continue Reading
-
News
10 May 2021
Colonial Pipeline runs dry following ransomware attack
A vital U.S. oil supply was shut down to prevent a ransomware infection from spreading from corporate IT systems to more crucial operational technology systems. Continue Reading
By- Shaun Nichols
-
News
06 May 2021
US defense contractor BlueForce apparently hit by ransomware
The Conti ransomware operators demanded nearly $1 million in bitcoin during ransomware negotiations and threatened to publish the defense contractor's data on its leak site. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 May 2021
Dell patches high-severity flaws in firmware update driver
SentinelOne discovered the flaws in Dell's firmware update driver in December. There's no evidence that hackers have exploited the 12-year-old vulnerabilities. Continue Reading
By- Antone Gonsalves, News Director
-
News
05 May 2021
Twilio discloses breach caused by Codecov supply chain hack
Twilio utilizes Codecov tools including the previously compromised Bash Uploader script. It said that a "small number" of customer emails were potentially exposed. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
05 May 2021
Researchers use PyInstaller to create stealth malware
Academic researchers say the application builder could be used to create undetectable attack bundles that bypass many widely used antimalware programs. Continue Reading
By- Shaun Nichols
-
News
04 May 2021
Qualys finds 21 vulnerabilities in Exim mail software
Qualys, which discovered the '21Nails' vulnerabilities, said that it did not see evidence of exploitation, but many vulnerabilities are 17 years old and at risk of being exploited. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
03 May 2021
Apple hurries out fixes for WebKit zero-days
Mac and iOS users are urged to patch their devices immediately for Apple WebKit flaws following reports of active exploits in the wild. Continue Reading
By- Shaun Nichols
-
Definition
30 Apr 2021
pass the hash attack
A pass the hash attack is an exploit in which an attacker steals a hashed user credential and -- without cracking it -- reuses it to trick an authentication system into creating a new authenticated session on the same network. Continue Reading
By- TechTarget Contributor
- Madelyn Bacon, TechTarget
-
Feature
29 Apr 2021
SolarWinds puts national cybersecurity strategy on display
Biden imposed economic sanctions on Russia for its role in the SolarWinds cyber attack. Experts see the response as just one part of a larger national cybersecurity strategy. Continue Reading
By- Makenzie Holland, Senior News Writer
-
Definition
28 Apr 2021
watering hole attack
A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. Continue Reading
By- Gavin Wright
- Madelyn Bacon, TechTarget
-
News
26 Apr 2021
Remaining Emotet infections uninstalled by German police
A German federal police action led to all infections of Emotet malware being uninstalled Sunday, following an international police takeover of Emotet infrastructure in January. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
23 Apr 2021
computer cracker
A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security. Continue Reading
By- Sharon Shea, Executive Editor
- Ben Lutkevich, Site Editor
-
Definition
23 Apr 2021
pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent. Continue Reading
-
News
22 Apr 2021
DOJ creates ransomware task force to combat digital extortion
An internal memo from the DOJ said the task force will 'bring the full authorities and resources of the Department' in order to confront the growing threat of ransomware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Apr 2021
The wide web of nation-state hackers attacking the U.S.
Cybersecurity experts weigh in on what it means to be a nation-state hacker, as well as the activities and motivations of the 'big four' countries attacking the U.S. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
15 Apr 2021
Nation-state hacker indictments: Do they help or hinder?
While there are some benefits to filing criminal charges against nation-state actors, infosec experts say thus far, indictments haven't reduced cyber attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
13 Apr 2021
attack vector
An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Continue Reading
By- Mary E. Shacklett, Transworld Data
-
Tip
09 Apr 2021
12 Microsoft Exchange Server security best practices
Exchange security has come under increased scrutiny since the recent exploitation of critical vulnerabilities. Review this list of activities to best protect your enterprise. Continue Reading
By -
News
07 Apr 2021
Cisco: Threat actors abusing Slack, Discord to hide malware
The threat intelligence vendor released a new report on how threat actors are increasingly abusing popular collaboration applications like Slack and Discord during the pandemic. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
06 Apr 2021
Risk & Repeat: Recapping the Exchange Server attacks
This week's Risk & Repeat episode looks back at the Microsoft Exchange Server attacks, plus the questions and mysteries surrounding the ongoing threat. Continue Reading
By- Rob Wright, Senior News Director
-
Definition
06 Apr 2021
side-channel attack
A side-channel attack is a security exploit that aims to gather information from or influence the program execution of a system by measuring or exploiting indirect effects of the system or its hardware -- rather than targeting the program or its code directly. Continue Reading
By- Gavin Wright
- Alexander S. Gillis, Technical Writer and Editor
-
Definition
06 Apr 2021
dumpster diving
Dumpster diving is looking for treasure in someone else's trash. Continue Reading
By -
News
05 Apr 2021
CISA: APTs exploiting Fortinet FortiOS vulnerabilities
Three Fortinet FortiOS vulnerabilities that have been fully patched since last summer are being exploited by advanced persistent threat actors, according to the FBI and CISA. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
05 Apr 2021
cyber hijacking
Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications. Continue Reading
-
Definition
31 Mar 2021
antimalware (anti-malware)
Antimalware is a type of software program created to protect IT systems and individual computers from malicious software, or malware. Continue Reading
-
News
30 Mar 2021
Mysterious Hades ransomware striking 'big game' enterprises
CrowdStrike reported Hades is tied to Evil Corp, but Awake Labs discovered a possible connection to Hafnium, a Chinese nation-state group behind initial Exchange Server attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
30 Mar 2021
botnet
A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner. Continue Reading
By- Katie Terrell Hanna
- Ben Lutkevich, Site Editor
- Rob Wright, Senior News Director
-
News
24 Mar 2021
Nearly 100,000 web shells detected on Exchange servers
Although Microsoft reported a decrease in the number of vulnerable Exchange servers, new research shows a large amount of malicious web shells hiding inside networks. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
23 Mar 2021
email spoofing
Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
19 Mar 2021
Acer hit by apparent attack from REvil ransomware group
Acer told SearchSecurity in a statement that it has 'reported recent abnormal situations observed to the relevant law enforcement.' However, it did not confirm a ransomware attack. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Mar 2021
SolarWinds hackers stole Mimecast source code
The investigation into a stolen Mimecast-issued digital certificate is now complete, and the vendor said the initial intrusion was Sunburst malware in the SolarWinds Orion platform. Continue Reading
By- Arielle Waldman, News Writer
-
Quiz
15 Mar 2021
Information security quizzes to test your cybersecurity smarts
Test your knowledge of everything cybersecurity, from network security to regulatory compliance, with our collection of information security quizzes. Continue Reading
-
News
12 Mar 2021
DearCry ransomware impacting Microsoft Exchange servers
While only a small number of DearCry ransomware victims have been reported at this time, the infections have hit organizations in the U.S., Canada, Australia and beyond. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
11 Mar 2021
After Oldsmar: How vulnerable is US critical infrastructure?
Following the highly publicized breach of a water treatment plant in Oldsmar, Fla., industrial security experts discuss the state of critical infrastructure risk in 2021. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
09 Mar 2021
Microsoft Exchange Server attacks: What we know so far
More details continue to emerge since last week's disclosure of zero-day vulnerabilities and attacks on Microsoft Exchange Server, including the broad range of potential victims. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
09 Mar 2021
Explore 5 business email compromise examples to learn from
Gift cards are for gifts, never for payment. Explore real-world examples of business email compromise to learn common attack patterns and red flags. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
03 Mar 2021
Accellion FTA attacks claim more victims
More details have emerged about the Accellion FTA attacks since the December disclosure, including possible threat groups behind the breach and a growing list of victims. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
03 Mar 2021
Technical controls to prevent business email compromise attacks
Technical controls are at the heart of preventing successful business email compromise attacks. Learn about those and extra considerations to keep your business secure. Continue Reading
By- Diana Kelley, SecurityCurve
-
Feature
01 Mar 2021
3 ransomware distribution methods popular with attackers
To prevent cyber attacks, understanding how they work is half the battle. Explore the most common ransomware distribution methods in this excerpt of 'Preventing Ransomware.' Continue Reading
By- Katie Donegan, Social Media Manager
- Packt Publishing
-
Feature
01 Mar 2021
Malware researcher speculates on the future of ransomware
Abhijit Mohanta, author of 'Preventing Ransomware,' opines on the future of ransomware and discusses why this attack is favored among cybercriminals. Continue Reading
By- Katie Donegan, Social Media Manager
-
Definition
24 Feb 2021
spam trap
A spam trap is an email address that is used to identify and monitor spam email. Continue Reading
By- Ben Lutkevich, Site Editor