Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
18 Mar 2024
Exploitation activity increasing on Fortinet vulnerability
The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published. Continue Reading
-
News
18 Mar 2024
GitOps users warned to patch 3 new Argo CD CVEs
Three recently identified vulnerabilities, one of them designated high severity, now have fixes following a lengthy disclosure process and disagreements about their real-world risk. Continue Reading
-
News
12 Dec 2022
Fortinet confirms VPN vulnerability exploited in the wild
In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Continue Reading
-
Definition
12 Dec 2022
checksum
A checksum is a value that represents the number of bits in a transmission message and is used by IT professionals to detect high-level errors within data transmissions. Continue Reading
-
Definition
09 Dec 2022
security information and event management (SIEM)
Security information and event management (SIEM) is an approach to security management that combines security information management (SIM) and security event management (SEM) functions into one security management system. Continue Reading
-
Feature
07 Dec 2022
Understanding malware analysis and its challenges
Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
-
Feature
07 Dec 2022
Why is malware analysis important?
Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
-
News
06 Dec 2022
MegaRAC flaws, IP leak impact multiple server brands
MegaRAC BMC software from American Megatrends, Inc. have a trio of serious security vulnerabilities that were discovered following an intellectual property leak. Continue Reading
-
Tutorial
06 Dec 2022
How to use the Hydra password-cracking tool
Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video. Continue Reading
-
News
05 Dec 2022
Education sector hit by Hive ransomware in November
The education sector remained a popular target last month, particularly from Hive, a ransomware-a-as-a-service group, that even warranted a government alert in late November. Continue Reading
-
Definition
05 Dec 2022
Evil Corp
Evil Corp is an international cybercrime network that uses malicious software to steal money from victims' bank accounts and to mount ransomware attacks. Continue Reading
-
Definition
02 Dec 2022
Trojan horse
In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Continue Reading
-
News
01 Dec 2022
Archive files become preferred format for malware delivery
The team at HP Wolf Security found that cybercriminals are using archive files as the preferred method for spreading malware, beating Microsoft Office for the first time. Continue Reading
-
News
30 Nov 2022
Exchange Server bugs caused years of security turmoil
The four high-profile sets of security vulnerabilities in Microsoft Exchange Server, disclosed by researcher Orange Tsai, are set to remain a major concern for organizations. Continue Reading
-
Podcast
30 Nov 2022
Risk & Repeat: Twitter, Elon Musk and security concerns
This podcast episode discusses Twitter's security concerns following Elon Musk's acquisition last month, as well as a possible data breach from 2021 that came to light recently. Continue Reading
-
News
30 Nov 2022
Tenable: 72% of organizations remain vulnerable to Log4Shell
New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year. Continue Reading
-
News
28 Nov 2022
Infosec researcher reports possible 'massive' Twitter breach
The alleged Twitter breach involves a data set from late 2021 and includes the phone numbers and personal information of millions of users in the U.S. and Europe. Continue Reading
-
News
28 Nov 2022
Small open source projects pose significant security risks
Open source security initiatives might prevent large-scale vulnerabilities such as Log4j, but smaller projects pose risks without more maintainer support, industry experts say. Continue Reading
-
News
23 Nov 2022
Cybereason warns of fast-moving Black Basta campaign
Threat actors with the Black Basta ransomware-as-a-service group are compromising networks in as little as one hour and stealing sensitive data before disabling DNS services. Continue Reading
-
Definition
22 Nov 2022
buffer underflow
A buffer underflow, also known as a buffer underrun or a buffer underwrite, is when the buffer -- the temporary holding space during data transfer -- is fed data at a lower rate than it is being read from. Continue Reading
-
Opinion
21 Nov 2022
Ransomware preparedness: The long road ahead
Is your organization ready for ransomware? A recent survey shows that businesses in a variety of industries are all struggling with ransomware prevention and recovery. Continue Reading
-
News
17 Nov 2022
Magecart malware menaces Magento merchants
Sansec researchers say as many as 38% of commercial customers running the Adobe Commerce and Magento platforms could be infected with Magecart's TrojanOrders malware. Continue Reading
-
Tip
17 Nov 2022
Top 5 vulnerability scanning tools for security teams
Use these five vulnerability scanning tools to find weaknesses and potential exploits in web applications, IT and cloud infrastructure, IoT devices and more. Continue Reading
-
Podcast
16 Nov 2022
Risk & Repeat: Researchers criticize HackerOne
This podcast episode discusses a recent TechTarget Security article about bug bounty platform HackerOne in which researchers aired several complaints about the company. Continue Reading
-
News
16 Nov 2022
Rapid7 discloses more F5 BIG-IP vulnerabilities
While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network. Continue Reading
-
Tip
14 Nov 2022
Dissect open source ransomware code to understand an attack
To protect your organization from ransomware, it's helpful to know what goes on behind the scenes. Unpack this ransomware code example to understand and defend against attacks. Continue Reading
-
News
10 Nov 2022
Flashpoint launches new 'ransomware prediction model'
Flashpoint's new model assigns a 'ransomware likelihood' rating for vulnerabilities contained in the VulnDB database, which contains more than 300,000 flaws. Continue Reading
-
Tip
10 Nov 2022
Common lateral movement techniques and how to prevent them
Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
-
Tip
08 Nov 2022
Types of vulnerability scanning and when to use each
Vulnerability scanning gives companies a key weapon when looking for security weaknesses. Discovery, assessment and threat prioritization are just a few of its benefits. Continue Reading
-
Feature
08 Nov 2022
How to build a shadow IT policy to reduce risks, with template
With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
-
News
07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing
Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
-
News
04 Nov 2022
Yanluowang ransomware gang goes dark after leaks
The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks. Continue Reading
-
News
03 Nov 2022
Ransomware on the rise, hitting schools and healthcare
October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
-
Definition
03 Nov 2022
Adobe Flash
Adobe Flash is a software platform used to create rich digital content containing animation, graphic effects, streaming video and other interactive elements to deliver engaging user experiences over many platforms, including desktops and mobile devices. Continue Reading
-
News
01 Nov 2022
OpenSSL vulnerabilities get high-priority patches
The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Continue Reading
-
Guest Post
28 Oct 2022
It's time to rethink security certification for OT devices
Security certifications don't protect OT devices from vulnerable processes and insecure-by-design practices. It's time to update security certs for the connected OT age. Continue Reading
-
Feature
28 Oct 2022
Enterprise ransomware preparedness improving but still lacking
An Enterprise Strategy Group survey found enterprises are making strides in ransomware preparedness, but work remains to prevent and mitigate attacks. Continue Reading
-
Opinion
27 Oct 2022
How Sheltered Harbor helps banks navigate cyber-recovery
Banks must be able to recover quickly from a cyber attack -- a difficult task, given the volume and sophistication of attacks. The not-for-profit Sheltered Harbor aims to help. Continue Reading
-
Tip
27 Oct 2022
Types of cloud malware and how to defend against them
Cloud malware isn't going away anytime soon, but organizations have a growing number of tools at their disposal to combat the threat. Continue Reading
-
News
26 Oct 2022
Cisco, CISA warn 2 AnyConnect flaws are under attack
CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch. Continue Reading
-
News
26 Oct 2022
Researchers criticize HackerOne over triage, mediation woes
HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers. Continue Reading
-
News
25 Oct 2022
Apple patches actively exploited zero-day iOS bug
The iOS zero-day was joined by a slew of other vulnerabilities in Apple's Oct. 24 security update. The iOS 16 update contained patches for 13 arbitrary code execution flaws. Continue Reading
-
News
24 Oct 2022
CISA warns of ransomware attacks on healthcare providers
A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
-
Definition
21 Oct 2022
command-and-control server (C&C server)
A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware. Continue Reading
-
Tip
21 Oct 2022
The top 5 ethical hacker tools to learn
Ethical hackers have a wealth of tools at their disposal that search for vulnerabilities in systems. Learn about five such tools that should be part of any hacker's tool set. Continue Reading
-
Definition
21 Oct 2022
burner phone
A burner phone, or 'burner,' is an inexpensive mobile phone designed for temporary, sometimes anonymous, use, after which it may be discarded. Continue Reading
-
News
21 Oct 2022
BlackByte ransomware using custom data exfiltration tool
Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools. Continue Reading
-
Definition
20 Oct 2022
RAT (remote access Trojan)
A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer. Continue Reading
-
News
19 Oct 2022
ProxyLogon researcher details new Exchange Server flaws
After testing Microsoft's mitigations for ProxyLogon, security researcher Orange Tsai discovered new Exchange Server bugs, including one flaw that took more than a year to fix. Continue Reading
-
News
19 Oct 2022
Azure vulnerability opens door to remote takeover attacks
Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes. Continue Reading
-
News
18 Oct 2022
Python vulnerability highlights open source security woes
A 15-year-old unpatched vulnerability in a tarfile module for the Python programming language prompted researchers from cybersecurity vendor Trellix to take action. Continue Reading
-
Tip
18 Oct 2022
Compare vulnerability assessment vs. vulnerability management
Vulnerability assessments and vulnerability management are different but similar-sounding security terms. Discover their similarities and differences. Continue Reading
-
Definition
18 Oct 2022
supply chain attack
A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain. Continue Reading
-
News
13 Oct 2022
NPM API flaw exposes secret packages
A flaw in the API for NPM could potentially allow a threat actor to see the internal packages for corporate users -- a possible first step for a supply chain attack. Continue Reading
-
News
13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022
LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
-
Feature
13 Oct 2022
How to configure and customize Kali Linux
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
-
Feature
13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing
Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
-
Feature
12 Oct 2022
7 steps for implementing zero trust, with real-life examples
More than a decade since the term's inception, zero-trust security is still much easier said than done. Here's how to get started. Continue Reading
-
Tip
12 Oct 2022
An overview of the CISA Zero Trust Maturity Model
A zero-trust framework blocks all attempts to access internal infrastructure without authentication. The CISA Zero Trust Maturity Model is a roadmap to get there. Continue Reading
-
News
11 Oct 2022
NPM malware attack goes unnoticed for a year
A cybercriminal crew known as "LofyGang" poisoned software supply chains with bad NPM packages for more than a year, according to Checkmarx researchers. Continue Reading
-
News
11 Oct 2022
BlackByte ransomware uses new EDR evasion technique
Attackers deploying the BlackByte ransomware strain are using vulnerable drivers to target a part of the operating system that many security products rely on for protection. Continue Reading
-
News
11 Oct 2022
Critical Fortinet vulnerability under active exploitation
Fortinet said the critical vulnerability affects three of its services -- FortiOS, FortiProxy and FortiSwitch Manager -- and urged customers to take immediate action. Continue Reading
-
Feature
11 Oct 2022
How to choose the best ZTNA vendor for your organization
In a sea of options, finding the best ZTNA vendor for your organization can pose a major challenge. Weed through the marketing hype with advice from the experts. Continue Reading
-
News
07 Oct 2022
CISA lists top vulnerabilities exploited by Chinese hackers
The U.S. government published a list of the most commonly exploited vulnerabilities exploited by Chinese state-sponsored actors, including Log4Shell and the ProxyLogon bugs. Continue Reading
-
Definition
06 Oct 2022
filter (computing)
The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question. Continue Reading
-
Definition
03 Oct 2022
spambot
A spambot is an automated system that sends unwanted, unsolicited messages to users, known as spam. Continue Reading
-
News
30 Sep 2022
Microsoft Exchange Server targeted with zero-day vulnerabilities
Microsoft warned that two unpatched zero-day vulnerabilities are being exploited against Exchange Server, a problem that's causing déjà vu for some researchers. Continue Reading
-
News
29 Sep 2022
Cobalt Strike malware campaign targets job seekers
Cisco Talos researchers spotted a new wave of phishing attacks that target job seekers in the U.S. and New Zealand, infecting them with Cobalt Strike beacons. Continue Reading
-
News
29 Sep 2022
Unit 42 finds polyglot files delivering IcedID malware
Palo Alto Networks' Unit 42 says attackers are using decoy Microsoft Compiled HTML Help files containing multiple file formats to infect systems with information-stealing malware. Continue Reading
-
Guest Post
29 Sep 2022
Solve ICS security issues with ICS and IT team convergence
It's predicted that threat actors will weaponize industrial control systems to harm or kill humans by 2025. Prepare by learning how to balance ICS and security convergence. Continue Reading
-
News
28 Sep 2022
NCC Group: IceFire ransomware gang ramping up attacks
While the ransomware group was first observed in March, IceFire emerged on NCC Group's radar last month when attacks against English-speaking organizations soared. Continue Reading
-
Answer
28 Sep 2022
Compare zero trust vs. the principle of least privilege
Zero trust and the principle of least privilege may appear to solve the same issue, but they have their differences. Read up on the two methodologies. Continue Reading
-
Answer
28 Sep 2022
Zero trust vs. defense in depth: What are the differences?
Security administrators don't have to choose between zero-trust and defense-in-depth cybersecurity methodologies. Learn how the two frameworks complement each other. Continue Reading
-
News
26 Sep 2022
Critical Sophos Firewall bug under active exploitation
Sophos said the exploitation of the critical firewall vulnerability has, at this time, affected "an extremely small subset of organizations" predominantly located in South Asia. Continue Reading
-
Tip
26 Sep 2022
Does AI-powered malware exist in the wild? Not yet
AI sending out malware attacks may invoke images of movielike, futuristic technology, but it may not be too far from reality. Read up on the future of AI-powered malware. Continue Reading
-
News
23 Sep 2022
Malicious NPM package discovered in supply chain attack
Threat actors are circulating a look-alike version of the Material Tailwind NPM package to infect developers for supply chain malware attacks, according to ReversingLabs. Continue Reading
-
News
23 Sep 2022
Microsoft focuses on remote security with Windows 11 update
Microsoft's Windows 11 2022 Update includes features for protecting sensitive corporate data and helping remote workers avoid malware and phishing attacks. Continue Reading
-
News
22 Sep 2022
15-year-old Python vulnerability poses supply chain threat
Trellix researchers issued a call for help to patch a vulnerable software module, which was found in more than 300,000 open source GitHub repositories. Continue Reading
-
News
21 Sep 2022
Cobalt Strike gets emergency patch
The developer of Cobalt Strike issued an out-of-band security update to address a cross-site scripting vulnerability in the popular penetration testing suite. Continue Reading
-
Definition
19 Sep 2022
cryptojacking
Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
-
Tip
16 Sep 2022
Discover the benefits and challenges of bug bounty programs
Bug bounty programs have a number of benefits and challenges. Before adopting such a program at your organization, read up on the pros and cons to decide if it would be a good fit. Continue Reading
-
Tip
15 Sep 2022
Use shadow IT discovery to find unauthorized devices and apps
Shadow IT may be convenient for users, but it isn't for IT -- especially where security is concerned. Shadow IT discovery finds unmanaged devices and apps. Continue Reading
-
News
15 Sep 2022
Transparency, disclosure key to fighting ransomware
Current and former CISA members say the best methods for curbing ransomware attacks are organizations reporting attacks and assisting in investigations. Continue Reading
-
News
14 Sep 2022
U.S. drops the hammer on Iranian ransomware outfit
The departments of Justice and the Treasury announced criminal charges and sanctions against a group of Iranian nationals accused of running an international ransomware operation. Continue Reading
-
News
13 Sep 2022
Secureworks reveals Azure Active Directory flaws
Secureworks published details of what it claims are significant security flaws in Azure's authentication system, but Microsoft has dismissed them as non-issues. Continue Reading
-
Tip
13 Sep 2022
Cloud detection and response: CDR vs. EDR vs. NDR vs. XDR
Cloud detection and response is the latest detection and response abbreviation. Explore how it differs from endpoint, network and extended detection and response. Continue Reading
-
Definition
13 Sep 2022
computer worm
A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. Continue Reading
-
News
13 Sep 2022
CrowdStrike threat report: Intrusions up, breakout time down
According to a new report by CrowdStrike's threat hunting team, Falcon OverWatch, attempted intrusions against the healthcare sector doubled year over year. Continue Reading
-
Definition
13 Sep 2022
air gap (air gapping)
An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection. Continue Reading
-
Feature
12 Sep 2022
How to prepare for post-quantum computing security
One of the biggest fears about quantum computing is its ability to break encryption algorithms more easily. Learn why and how to start making quantum security preparations now. Continue Reading
-
News
08 Sep 2022
Cisco Talos traps new Lazarus Group RAT
The North Korean-backed Lazarus Group has deployed a new type of remote access Trojan that has already been turned against foreign government networks and private energy companies. Continue Reading
-
News
07 Sep 2022
Google: Former Conti ransomware members attacking Ukraine
Google said former members of the Conti ransomware gang are operating as part of threat group UAC-0098, which is conducting attacks of both political and financial nature. Continue Reading
-
News
06 Sep 2022
Healthcare and education remain common ransomware targets
August disclosures showed ransomware attacks against education and healthcare entities resulted in slow recovery times and the potential loss of highly sensitive information. Continue Reading
-
Opinion
01 Sep 2022
How to start developing a plan for SASE implementation
From prioritizing business problems to identifying future initiatives to assessing critical tool gaps, learn how to create a realistic SASE implementation roadmap. Continue Reading
-
News
01 Sep 2022
Microsoft discloses 'high-severity' TikTok vulnerability
The flaw in TikTok's Android app is the latest security concern for the social media company, which was criticized last month for having keylogging functionality in its iOS app. Continue Reading
-
Tip
01 Sep 2022
Cybersecurity budget breakdown and best practices
Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
-
Tip
31 Aug 2022
Remote work cybersecurity: 12 risks and how to prevent them
Expanding attack surfaces, increasing vulnerabilities and overstressed staffs are among a litany of security risks whose ultimate cure requires more than an ounce of prevention. Continue Reading
-
News
30 Aug 2022
Microsoft Excel attacks fall out of fashion with hackers
Hornetsecurity researchers say newly introduced safety measures from Microsoft have driven cybercriminals away from using Excel as a malware infection tool. Continue Reading
-
News
30 Aug 2022
FBI warns attacks on DeFi platforms are increasing
As cryptocurrency interest soars, cybercriminals are cashing in on the immaturity of some DeFi platforms and stealing hundreds of millions of dollars from investors. Continue Reading
-
Tutorial
30 Aug 2022
Learn to monitor group memberships with PowerShell
Use PowerShell automation to build reports in local group memberships on a server and security groups in Active Directory to keep tabs on any irregular behavior. Continue Reading
-
News
25 Aug 2022
Ransomware defies seasonal trends with increase
The return and rebranding of major crews saw the volume of ransomware attacks in July jump 47%, defying seasonal trends, according to researchers at NCC Group. Continue Reading
-
Tip
24 Aug 2022
How to conduct a secure code review
Learn how to conduct a secure code review -- a critical step in the software development lifecycle -- to avoid releasing an app with bugs and security vulnerabilities. Continue Reading