Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
11 Oct 2024
Zero-day flaw behind Rackspace breach still a mystery
More than two weeks after threat actors exploited a zero-day vulnerability in a third-party utility to breach Rackspace, the details about the flaw and the utility remain unknown. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Oct 2024
OpenAI details how threat actors are abusing ChatGPT
While threat actors are using generative AI tools like ChatGPT to run election influence operations and develop malware, OpenAI says the efforts are rarely successful. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Nov 2016
SF Municipal Railway restores systems after ransomware attack
The San Francisco Municipal Transportation Authority restored systems without paying following a ransomware attack that allowed free rides for travelers over the weekend. Continue Reading
By- Michael Heller, TechTarget
-
News
17 Nov 2016
Chinese company caught preinstalling Android spyware on budget devices
A Chinese company was found to be preinstalling Android spyware on budget smartphones and collecting phone call and messaging data without consent. Continue Reading
By- Michael Heller, TechTarget
-
Answer
11 Nov 2016
How can users protect mobile devices from SandJacking attacks?
Attackers can use the SandJacking attack to access sandboxed data on iOS devices. Expert Nick Lewis explains how to protect your enterprise from this attack. Continue Reading
By -
News
29 Aug 2016
Pegasus iOS exploit uses three zero days to attack high-value targets
A new remote iOS exploit called Pegasus leverages three zero days in what appear to be state-sponsored targeted attack campaigns against political dissidents. Continue Reading
By- Michael Heller, TechTarget
-
Answer
21 Jun 2016
What new Asacub Trojan features should enterprises watch out for?
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching out for. Continue Reading
By -
Podcast
15 Jun 2016
Ransomware worm raises concerns for enterprise security
In this Risk & Repeat podcast, SearchSecurity editors break down the discovery of the ZCryptor ransomware worm and what it means for future ransomware threats. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
18 Mar 2016
Detecting and Combating Malicious Email
In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims. Continue Reading
By- SearchSecurity and Syngress
-
Answer
01 Feb 2016
How does the new voicemail phishing scam work?
A new phishing scam uses voicemail notification emails to spread malware. Expert Nick Lewis explains how this attack works and how enterprises can prevent it. Continue Reading
By -
Feature
12 Jan 2016
Introduction to vulnerability management tools
Expert Ed Tittel explores how vulnerability management tools can help organizations of all sizes uncover defense weaknesses and close security gaps before they are exploited by attackers. Continue Reading
By -
Feature
30 Dec 2015
Symantec Messaging Gateway and Symantec Email Security.cloud: Product overview
Expert Karen Scarfone examines the Symantec Messaging Gateway and Symantec Email Security.cloud email security gateway products that detects and blocks messages that contain suspicious content and threats. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
30 Dec 2015
Proofpoint Enterprise Protection: Product overview
Expert Karen Scarfone examines the Proofpoint Enterprise Protection email security gateway product, which scans inbound and outbound email messages for malware, phishing and spam threats. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
21 Dec 2015
McAfee Email Protection, Security for Email Servers: Product overview
Expert Karen Scarfone reviews the McAfee Email Protection and McAfee Security for Email Servers products that are used for monitoring, blocking and quarantining email messages. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
21 Dec 2015
Clearswift SECURE Email Gateway: Product overview
Expert Karen Scarfone reviews the Clearswift SECURE Email Gateway product, which monitors incoming and outgoing emails. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
21 Dec 2015
Fortinet FortiMail: Product overview
Expert Karen Scarfone reviews the Fortinet FortiMail email security gateway product that is used for monitoring email messages on behalf of an organization. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
Feature
14 Dec 2015
Cisco Email Security Appliance: Product overview
Expert Karen Scarfone reviews Cisco's Email Security Appliance product that is designed for detecting and blocking email-borne threats. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
01 Dec 2015
Amex credit card hack predicts replacement card number
Samy Kamkar found a weakness in the algorithm American Express uses to generate replacement card information and created a credit card hack as a proof-of-concept. Continue Reading
By- Michael Heller, TechTarget
-
Opinion
01 Dec 2015
WMI tools make the perfect crime 'malware-free'
Security researchers claim that attackers are abusing a longstanding administrative tool in the Windows operating system. With no telltale signs of malware, how can you stop it? Continue Reading
-
Tip
14 Oct 2015
The malware lifecycle: Knowing when to analyze threats
Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative. Continue Reading
By -
Feature
08 Oct 2015
Emerging security threats you're up against now
Learn about the 'hacking as a service' and other emerging security threats. Continue Reading
By -
Feature
05 Oct 2015
Cyber Reconnaissance, Surveillance and Defense
In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works. Continue Reading
By- SearchSecurity and Syngress
-
Answer
01 Oct 2015
How can power consumption-tracking malware be avoided?
Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it. Continue Reading
By -
Tip
18 Jun 2015
Network anomaly detection: The essential antimalware tool
Traditional perimeter defenses are no longer enough; network anomaly detection tools are now essential in the battle against advanced malware. Continue Reading
-
News
11 Jun 2015
Duqu malware makes a comeback and infiltrates Kaspersky systems
The first strain of Duqu malware was found in late 2011. Now three and a half years later, Duqu 2.0 has emerged and is exploiting as many as three zero-day vulnerabilities in a new attack campaign. Continue Reading
By- Michael Heller, TechTarget
-
Feature
01 Apr 2015
New cyberthreats: Defending against the digital invasion
The confluence of the Internet of Things and bring your own device may turn into a beachhead for attackers. Continue Reading
By- Johannes Ullrich, SANS Technology Institute
-
News
03 Mar 2015
Amid Apple Pay fraud, banks scramble to fix Yellow Path process
Banks are rushing to fix sloppy authentication processes at the heart of rising Apple Pay fraud. Experts also worry about potential fraud with other mobile payment systems. Continue Reading
By- Michael Heller, TechTarget
-
Guide
15 Jan 2015
Understanding and responding to POS malware
Organizations must confront threats like Backoff malware to their point-of-sale systems. This guide reviews the POS malware dangers out there and offers remediation tactics. Continue Reading
-
Feature
16 Dec 2014
Targeted Cyber Attacks
In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets. Continue Reading
By- SearchSecurity and Syngress
-
Answer
18 Nov 2014
How vulnerable is Silverlight security?
Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it. Continue Reading
By -
Feature
02 Jun 2014
Command-and-control servers: The puppet masters that govern malware
Are there shadow networks within your enterprise? Stop malware by shutting down command-and-control communication channels. Continue Reading
By- Adam Rice
- James Ringold, Westinghouse Electric Company
-
Tip
10 Apr 2014
NSA TAO: What Tailored Access Operations unit means for enterprises
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses. Continue Reading
By -
Answer
23 Jan 2014
Femtocell security: Defending against a femtocell hack
The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack. Continue Reading
By -
Tip
12 Dec 2013
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks. Continue Reading
By -
Answer
02 Dec 2013
Heap spray attacks: Details and mitigations for new techniques
Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks. Continue Reading
By -
Tip
11 Nov 2013
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk. Continue Reading
By -
Answer
10 Sep 2013
Can an unqualified domain name cause man-in-the-middle attacks?
An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result. Continue Reading
By -
Quiz
07 Mar 2013
Quiz: Targeted attacks
Think you know a targeted attack when you see one? Check if you're up to speed and ready to protect your organization from this pernicious threat with this five-question quiz. Continue Reading
By -
Feature
26 Feb 2013
Antivirus evasion techniques show ease in avoiding antivirus detection
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed. Continue Reading
By- Joe Granneman, Contributor
-
Answer
25 Aug 2011
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in. Continue Reading
By -
Answer
25 May 2010
Tips on how to remove malware manually
In this expert response, Nick Lewis explains how to remove malware manually, step by step. Continue Reading
By -
Definition
30 Apr 2010
government Trojan
A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. Government Trojans represent a step in turning the tables on cybercriminals by using a proven mechanism for capturing data covertly. Continue Reading
-
Tip
06 Apr 2010
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to similar attacks. Continue Reading
By -
Tip
02 Jul 2009
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them. Continue Reading
By- Sherri Davidoff, LMG Security
-
Answer
26 Jan 2009
What are the security risks of opening port 110 and port 25?
If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Answer
21 Oct 2008
Is it impossible to successfully remove a rootkit?
In this expert Q&A, Michael Cobb takes a closer a look at the nature of rootkits to see why they can be so difficult to remove. Continue Reading
By -
Tip
05 Mar 2008
Built-in Windows commands to determine if a system has been hacked
In this tip, contributor Ed Skoudis identifies five of the most useful Windows command-line tools for machine analysis and discusses how they can assist administrators in determining if a machine has been hacked. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Tip
17 Jan 2008
Cleansing an infected mail server
Learn five measures you can take to when cleaning up a massive email virus infection Continue Reading
By -
Tip
17 Jan 2008
Ten hacker tricks to exploit SQL Server systems
SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Answer
30 May 2007
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices. Continue Reading
By -
Answer
02 May 2007
How can header information track down an email spoofer?
Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from. Continue Reading
By -
Answer
09 Apr 2007
How can attackers exploit RSS software flaws?
RSS syndication feeds are a convenient way to get your news, blogs or other favorite content, but these popular tools are often left exposed. In this SearchSecurity.com Q&A, Ed Skoudis explains how malicious hackers can attack RSS software and distribute malicious code. Continue Reading
By- Ed Skoudis, SANS Technology Institute
-
Feature
26 Jan 2007
Balancing the cost and benefits of countermeasures
The final tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers. Continue Reading
-
Feature
26 Jan 2007
Network-based attacks
The second tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published by Realtimepublishers. Continue Reading
-
Feature
12 May 2005
E-mail policies -- A defense against phishing attacks
In this excerpt of Chapter 6 from "Phishing: Cutting the Identity Theft Line," authors Rachael Lininger and Russell Dean Vines explain how e-mail policies help protect companies from phishing attacks. Continue Reading