Wireless and mobile security
In this guide, get advice on tools, software and tactics for wireless network security and wireless mobile device security. Learn how to build and maintain a secure wireless LAN, how to protect mobile devices, and how to successfully configure, implement and manage a solid wireless network.
Top Stories
-
Feature
13 Dec 2022
12 types of wireless network attacks and how to prevent them
From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them. Continue Reading
-
Feature
06 Dec 2022
Wireless security: WEP, WPA, WPA2 and WPA3 differences
As wireless networks have evolved, so have the protocols for securing them. Get an overview of WLAN security standards, and learn the differences among WEP, WPA, WPA2 and WPA3. Continue Reading
-
Feature
30 Nov 2020
Practice AWS Certified Security - Specialty exam questions
Explore the security and compliance capabilities of the AWS Config service to prepare for the wide-ranging AWS Certified Security - Specialty certification exam. Continue Reading
-
Tip
25 Nov 2020
8 benefits of a security operations center
A security operations center can help lessen the fallout of a data breach, but its business benefits go much further than that. Here are eight SOC benefits to consider. Continue Reading
-
Tip
24 Nov 2020
Weighing remote browser isolation benefits and drawbacks
Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach. Continue Reading
-
Feature
24 Nov 2020
Compare 5 SecOps certifications and training courses
Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat monitoring and incident response. Continue Reading
-
Tip
23 Nov 2020
10 tips for building a next-generation SOC
Check out 10 tips to help build a next-generation security operations center with the integrated tools to free security analysts to get ahead of and respond to threats fast. Continue Reading
-
Tip
20 Nov 2020
Pair cyber insurance, risk mitigation to manage cyber-risk
The role of cyber insurance may come after a breach, but it remains a useful element in an organization's vulnerability management strategy. Continue Reading
-
Tip
20 Nov 2020
Data protection impact assessment tips and templates
Conducting a data protection impact assessment is key to evaluating potential risk factors that could pose a serious threat to individuals and their personal information. Continue Reading
-
Tip
20 Nov 2020
Cyber insurance explained, from selection to post-purchase
Before you sign on the dotted line, make sure you understand what cyber insurance can and can't do -- and what type of policy will do the most for you. Continue Reading
-
Podcast
20 Nov 2020
Risk & Repeat: Christopher Krebs out as CISA director
This week's Risk & Repeat podcast discusses President Trump's firing of CISA Director Christopher Krebs, which was a controversial move in the infosec community. Continue Reading
-
Tip
20 Nov 2020
What are the biggest hardware security threats?
Hardware security threats -- and strategies to overcome them -- are evolving as enterprises increasingly install autonomous capabilities for smart building and IoT projects. Continue Reading
-
News
19 Nov 2020
White House questions election security; experts do not
A number of infosec experts, election officials and government agencies say Election Day was free from hacking and cyber attacks, but the White House disagrees. Continue Reading
-
News
18 Nov 2020
President Trump fires CISA director Christopher Krebs
President Trump fired Krebs as director of CISA after the agency pushed back on unfounded accusations about widespread voter fraud and voting system hacks during the election. Continue Reading
-
News
18 Nov 2020
Sophos: Ransomware 'heavyweights' demand sky-high payments
Sophos principal research scientist Chet Wisniewski explains the presence of 'weight classes' in ransomware and offers his thoughts on its future. Continue Reading
-
News
17 Nov 2020
CrowdStrike: Ransomware hit 56% of organizations in last year
A new survey from CrowdStrike revealed more than half of 2,200 respondents' organizations were hit with a ransomware attack at least once in the past 12 months. Continue Reading
-
Tip
17 Nov 2020
Choosing between proxy vs. API CASB deployment modes
Curious how to choose the right CASB deployment mode for your organization? Before you buy, compare how proxy vs. API CASB architectures work to secure SaaS applications. Continue Reading
-
Podcast
13 Nov 2020
Risk & Repeat: 2020 election security in review
This week's Risk & Repeat podcast looks back at the 2020 election, which was free of major cyber attacks or hacks but has seen a rise in disinformation campaigns online. Continue Reading
-
Tip
13 Nov 2020
How to use the Mitre ATT&CK framework for cloud security
Learn how to use the Mitre ATT&CK security framework to keep your enterprise cloud environment -- whether AWS, GCP, Azure, Azure AD or Microsoft 365 -- secure. Continue Reading
-
News
12 Nov 2020
25,000 criminal reports: Vastaamo breach sets new precedent
The recent data breach at the Vastaamo Psychotherapy Centre in Finland shows threat actors are willing to threaten and extort patients directly, setting a dangerous new precedent. Continue Reading
-
News
12 Nov 2020
Life after Maze: Is Egregor ransomware next?
Cybersecurity experts have noted similarities between newly discovered Egregor ransomware and the now-defunct Maze, but it's unclear whether the same threat actors are involved. Continue Reading
-
News
11 Nov 2020
Palo Alto Networks buys Expanse for $800 million
Palo Alto Networks continued its acquisition spree with an agreement to purchase San Francisco-based security vendor Expanse, which specializes in attack surface management. Continue Reading
-
Tip
11 Nov 2020
Note these 5 security operations center best practices
Understanding the five steps needed to ensure security operations center best practices will help organizations decide whether to outsource their SOC initiatives. Continue Reading
-
Feature
09 Nov 2020
Free online cybersecurity classes, with certificates
Check out SearchSecurity's catalog of free online security courses led by information security experts on today's most popular security topics. Continue Reading
-
News
09 Nov 2020
CISA: No election hacking, but plenty of misinformation
Election Day in the U.S. occurred with no evidence of cyber attacks or voting machine hacks, but CISA has its hands full with disinformation and conspiracy theories. Continue Reading
-
Quiz
09 Nov 2020
Try this cybersecurity quiz, test your cyberdefense smarts
Based on the November 2020 issue of Information Security magazine, this 10-question quiz lets you check your comprehensive knowledge of current security issues and earn CPE credit too. Continue Reading
-
Tip
04 Nov 2020
Red team vs. blue team vs. purple team: What's the difference?
Red team-blue team exercises simulate attacks on enterprise networks. What does each team do? Where do purple teams fit in? Find out here. Continue Reading
-
News
04 Nov 2020
SaltStack discloses critical vulnerabilities, urges patching
The SaltStack vulnerabilities, disclosed Tuesday, allow remote attackers to execute arbitrary code on affected installations of the popular open source software. Continue Reading
-
Feature
04 Nov 2020
Cybersecurity communication key to addressing risk
As security teams strengthen communication with the overall organization as well as with vendors, more positive cybersecurity cultures can be forged. Continue Reading
-
Tip
03 Nov 2020
Using SDP as a VPN alternative to secure remote workforces
Software-defined perimeter has been touted as a VPN alternative for secure remote access. How do you know if SDP or a traditional VPN is right for your company? Continue Reading
-
Feature
02 Nov 2020
Weighing the future of firewalls in a zero-trust world
Cybersecurity pros have been predicting the firewall's demise for years, yet the device is still with us. But does it have a place in zero-trust networks? One analyst says yes. Continue Reading
- 02 Nov 2020
-
Opinion
02 Nov 2020
Cybersecurity for remote workers: Lessons from the front
Tackle the security challenges COVID-19 wrought by using this playbook from an experienced disaster-zone responder. Continue Reading
- 02 Nov 2020
-
Feature
02 Nov 2020
5 steps to get IoT cybersecurity and third parties in sync
Third parties often prove to be the weak links when it comes to IoT cybersecurity. Learn what you can do to minimize the risk while reaping the benefits that outside vendors bring. Continue Reading
-
Infographic
02 Nov 2020
COVID-19 cybersecurity data shows rising risk during remote pivot
When enterprises quickly pivoted to remote work during the pandemic, it prompted a wave of new threats while also widening existing gaps in cybersecurity postures. Continue Reading
-
News
02 Nov 2020
Maze gang shuts down its ransomware operation
Maze ransomware has shut down, according to an announcement it posted Sunday, although some evidence suggests that Maze operators have resumed attacks under a different name. Continue Reading
-
Feature
02 Nov 2020
AI in security analytics is the enhancement you need
AI-powered analytics is critical to an effective, proactive security strategy. Learn how AI-enabled tools work and what your organization needs to do to reap their benefits. Continue Reading
- 02 Nov 2020
-
Opinion
02 Nov 2020
AI in cybersecurity ups your odds against persistent threats
AI capabilities can identify and take down cyberthreats in real time but are only part of what your team needs to come out on the winning side of the cybersecurity battle. Continue Reading
- 02 Nov 2020
- E-Zine 02 Nov 2020
-
Tip
30 Oct 2020
Benefits of virtual SOCs: Enterprise-run vs. fully managed
A virtual security operations center, be it managed in-house or by a third party, is becoming an increasingly popular option to save money and improve reliability. Continue Reading
-
Tip
30 Oct 2020
Security automation tools and analytics reshape SecOps efforts
To transition from being reactive to proactive in terms of cybersecurity threats, check out how SecOps teams can use security analytics and automation tools to make the change. Continue Reading
-
Tip
29 Oct 2020
Understanding the zero trust-SDP relationship
Zero trust is a complicated framework that spans the IT stack. Find out how software-defined perimeter can address zero trust's network-level access requirements. Continue Reading
-
News
29 Oct 2020
FBI, CISA warn of impending ransomware attacks on hospitals
Trickbot and Ryuk ransomware actors are targeting hospitals and other healthcare providers, according to a joint cybersecurity advisory from the CISA and the FBI. Continue Reading
-
News
28 Oct 2020
Ping Identity launches passwordless authentication system
Ping's new suite of authentication features looks to secure accounts and login processes by eliminating the need for usernames and passwords, which are often reused and an easy target. Continue Reading
-
News
28 Oct 2020
'Lives at stake': How ransomware impacts hospitals
Some ransomware gangs pledged to not target medical facilities during the COVID-19 pandemic, but hospitals are still getting hit. And the attacks affect more than just IT systems. Continue Reading
-
Guest Post
28 Oct 2020
Addressing the expanding threat attack surface from COVID-19
CISOs need to ensure they and their security teams are aware of the new threats created by many businesses expanding their attack surface with many employees still working remotely. Continue Reading
-
Feature
27 Oct 2020
Zero-trust network policies should reflect varied threats
Role-based access systems create enormous pools of responsibility for administrators. Explore how to eliminate these insecure pools of trust with zero-trust network policies. Continue Reading
-
Guest Post
27 Oct 2020
The need for independent cybersecurity solutions testing
Rohit Dhamankar suggests implementing standardized testing of cybersecurity providers, like MSSPs and MDRs, to help companies better understand the services they're getting from each. Continue Reading
-
Feature
27 Oct 2020
Zero-trust methodology's popularity a double-edged sword
The authors of 'Zero Trust Networks' discuss how the zero-trust methodology's popularity produces both vendor hype and renewed attention to critical areas of security weakness. Continue Reading
-
News
27 Oct 2020
Mitre ATT&CK: How it has evolved and grown
Adoption of the Mitre ATT&CK framework, which saw version 8.0 released Tuesday, has grown rapidly over the last years, though challenges still remain for enterprise users. Continue Reading
-
Feature
26 Oct 2020
For cybersecurity training, positive reinforcement is best
Traditional cybersecurity training methods often focus on negative reinforcement techniques, but experts say positive reinforcement is the best way to get results. Continue Reading
-
Guest Post
23 Oct 2020
Why SASE should be viewed as an evolution, not revolution
The hype around secure access service edge (SASE) is palpable. But by taking a step back, security leaders can align an emerging trend to their long-term goals. Continue Reading
-
News
22 Oct 2020
Iranian hackers pose as far-right group to threaten U.S. voters
The FBI said Russia and Iran have obtained voter information, and Iranian hackers have also been sending threatening emails to voters that appeared to be from a far-right group. Continue Reading
-
Tip
22 Oct 2020
How to build a cloud security operations center
To better protect workloads and data in the cloud, security operations centers collaborate with various IT teams. Learn how to cloud-enable your organization's SOC. Continue Reading
-
Tip
22 Oct 2020
How to prepare for a zero-trust model in the cloud
Zero-trust security in the cloud is different than it is on premises. Learn the concepts and policies to effectively achieve a zero-trust model in the cloud. Continue Reading
-
News
22 Oct 2020
McAfee launches IPO, raises $620 million
McAfee has returned to Wall Street, which comes months after the endpoint security vendor's previous CEO, Christopher Young, was replaced by Peter Leav in January. Continue Reading
-
Guest Post
21 Oct 2020
Changing the culture of information sharing for cybersecurity
Dan Young explains why it's time for the cybersecurity industry to come together regarding information sharing and how insurance providers, regulators and others could assist. Continue Reading
-
News
21 Oct 2020
Microsoft: 94% of Trickbot's infrastructure disabled
In a new blog post, Microsoft said its legal takedown last week, which sought to decrease Trickbot activity, disabled the vast majority of the botnet's servers. Continue Reading
-
News
21 Oct 2020
NSA issues advisory against Chinese state-sponsored hackers
Among the 25 vulnerabilities listed in the NSA advisory, numerous were critical and carried a CVSS score either at or close to 10, the highest possible. Continue Reading
-
Tip
21 Oct 2020
Evaluating SOC automation benefits and limitations
Security operations center automation can help address the security skills gap by scaling critical analyst responsibilities. But an overreliance on AI introduces other risks. Continue Reading
-
Tip
21 Oct 2020
Identify and prepare for 5G security issues
A key 5G security issue is that vulnerabilities are still being researched and identified. Learn more about the known 5G network security risks and how to mitigate them. Continue Reading
-
News
20 Oct 2020
NSS Labs ceases operations amid financial turmoil
Product testing firm NSS Labs shut down last week, citing negative effects of COVID-19, but former employees say the company's troubles started well before the pandemic. Continue Reading
-
News
20 Oct 2020
After a brief pause, Trickbot rebounds from takedown efforts
Attempts to disrupt the notorious Trickbot botnet, most recently through Microsoft's legal takedown, have proven short-lived as ransomware attacks have resumed. Continue Reading
-
Tip
19 Oct 2020
Planning a zero-trust strategy in 6 steps
Launch a zero-trust strategy in six steps. Learn how to form a dedicated team, ask questions about existing security controls and evaluate the priority of zero-trust initiatives. Continue Reading
-
Tip
19 Oct 2020
Zero-trust implementation begins with choosing an on-ramp
Zero-trust security has three main on-ramps -- each with its own technology path. For a clear-cut zero-trust implementation, enterprises need to choose their on-ramp wisely. Continue Reading
-
Guest Post
19 Oct 2020
Combating disinformation campaigns ahead of 2020 election
As the 2020 election approaches, more focus needs to be on overcoming disinformation campaigns that manipulate voters as they vote early or head to the polls on Election Day. Continue Reading
-
News
16 Oct 2020
Twitter hackers posed as IT staff, used VPN issues as a lure
A report by New York State's Department of Financial Services found that hackers breached Twitter's network by posing as IT support and obtaining credentials through vishing. Continue Reading
-
Tip
16 Oct 2020
How enterprise cloud VPN protects complex IT environments
Do you know how enterprise cloud VPN differs from a traditional VPN? Explore how cloud VPN works and whether it's the right option for your hybrid IT environment. Continue Reading
-
Feature
15 Oct 2020
The Ghidra Book interview with co-author Kara Nance
Ghidra has had a huge impact on the reverse-engineering community. Kara Nance, co-author of The Ghidra Book, discusses this impact as the open source tool has evolved. Continue Reading
-
Feature
14 Oct 2020
Blockchain or bust? Experts debate applications for elections
Blockchain has been proposed as a solution for security issues around e-voting. But some infosec experts are skeptical that the technology is the right fit for U.S. elections. Continue Reading
-
News
13 Oct 2020
Trickbot takedown: Will it make a dent in ransomware attacks?
A court order allowed Microsoft and several partners to take down the Trickbot botnet, which is commonly used to deploy ransomware, but it's unclear how long the impact will last. Continue Reading
-
News
12 Oct 2020
Hackers exploit Netlogon flaw to attack government networks
CISA issued an alert stating those government networks that were targeted by the APT were close to election systems and the activity may pose some risk to those systems. Continue Reading
-
Feature
12 Oct 2020
Cybersecurity budget relies on planning and negotiation
Experts from Gartner and Forrester discuss how successful cybersecurity budgeting during these uncertain times requires planning, research and negotiation. Continue Reading
-
Guest Post
09 Oct 2020
For Cybersecurity Awareness Month, learn about emerging risks
Tami Hudson examines why leaders should use October to educate themselves and their companies around the latest attacks bad actors are implementing and where to prioritize investment. Continue Reading
-
News
08 Oct 2020
Should ransomware payments be banned? Experts weigh in
Two events -- a new advisory and what might be the first ransomware-related death -- have reignited the debate of whether ransomware payments should be banned. Continue Reading
-
Tip
08 Oct 2020
Weighing double key encryption challenges, payoffs
Microsoft's new double key encryption offering brings data security and compliance benefits. Are they worth the implementation challenges? Continue Reading
-
News
07 Oct 2020
Raccine: A ransomware 'vaccine' with a few catches
Raccine, an open source 'vaccine,' prevents ransomware threat actors from using a Windows utility to delete shadow copies of a system's data, but there are a few drawbacks. Continue Reading
-
News
07 Oct 2020
Ping acquires blockchain identity startup ShoCard
Ping accelerated its push into the personal identity management market with the acquisition of ShoCard, which uses a blockchain-based platform to manage consumer identities. Continue Reading
-
Guest Post
05 Oct 2020
Developing a cyber resilience plan for today's threat landscape
A cyber resilience plan should complement a company's cybersecurity strategy so that the security culture and cyber hygiene is thought through in all IT and cybersecurity initiatives. Continue Reading
-
News
05 Oct 2020
Surge in ransomware attacks threatens student data
Ransomware attacks are not the only threats facing K-12 schools during the COVID-19 pandemic. Cybercriminals are stealing and exposing students' personal data as well. Continue Reading
-
Quiz
05 Oct 2020
Quiz: Network security authentication methods
There are many methods available to authenticate users requesting access to an organization's systems. Test your knowledge with this quiz on authentication in network security. Continue Reading
-
News
01 Oct 2020
Potential ransomware-related death still under investigation
German authorities say they are still investigating the death of a patient in connection with a ransomware attack on Düsseldorf University Hospital in Germany last month. Continue Reading
-
Guest Post
01 Oct 2020
3 common election security vulnerabilities pros should know
Election security remains top of mind for many right now, with Nabil Hannan discussing vulnerabilities like remote breaches, new attack surfaces and poor current controls. Continue Reading
-
Feature
30 Sep 2020
CASB, CSPM, CWPP emerge as future of cloud security
Complexity has introduced new needs and challenges when securing cloud environments. Find out how CASB, CSPM and CWPP tools have evolved to meet the changing cloud landscape. Continue Reading
-
Tip
30 Sep 2020
What are the top secure data transmission methods?
Safe information transfer is a must for modern organizations, but not all secure data transmission methods are equal. Explore your secure data transfer options in this tip. Continue Reading
-
Feature
29 Sep 2020
Explore self-sovereign identity use cases and benefits
The future of digital identity may look a lot like how we identify ourselves in real life. Learn more about self-sovereign identity use cases and features in this excerpt. Continue Reading
-
Feature
29 Sep 2020
How self-sovereign identity principles suit the modern world
There are several core self-sovereign identity principles to consider before the concept can benefit the enterprise. Learn about the implications of SSI advancements in this Q&A. Continue Reading
-
Feature
29 Sep 2020
Oversee apps with these 3 application security testing tools
Unsecured applications can have dire consequences for enterprises. Discover how top app security testing tools on the market today protect apps and enhance developer productivity. Continue Reading
-
Guest Post
28 Sep 2020
How to improve cybersecurity for the workforce of the future
Many organizations continue to have employees work from home, but they haven't always hardened their cybersecurity efforts alongside this move to better protect employees and data. Continue Reading
-
News
28 Sep 2020
Ivanti makes double acquisition of MobileIron, Pulse Secure
Ivanti will acquire all outstanding shares of MobileIron stock for approximately $872 million. The financial terms of Pulse Secure's acquisition were not disclosed. Continue Reading
-
Guest Post
28 Sep 2020
Cybersecurity testing essentials for mergers and acquisitions
Before moving forward with an M&A, conduct some cybersecurity testing to ensure your company knows how the acquired company protects data, employees and customers. Continue Reading
-
News
28 Sep 2020
IBM: Ransomware attacks surged in Q2, ransom demands rising
IBM Security examined several concerning ransomware for this year, as well as an exponential increase in ransom demands and massive spike in attacks during the spring. Continue Reading
-
Tip
28 Sep 2020
Critical IIoT security risks cloud IoT's expansion into industry
The convergence of IoT with industrial processes increases productivity, improves communications and makes real-time data readily available. But serious IIoT security risks must be considered as well. Continue Reading
-
Tip
24 Sep 2020
Prevent cloud account hijacking with 3 key strategies
The ability to identify the various methods of cloud account hijacking is key to prevention. Explore three ways to limit potential consequences of cloud credential compromise. Continue Reading
-
News
24 Sep 2020
Microsoft detects Netlogon vulnerability exploitation in the wild
While Microsoft released a patch last month for the Netlogon flaw, the company said it detected threat actors using exploits for the critical vulnerability. Continue Reading
-
News
24 Sep 2020
Shopify discloses data breach caused by insider threats
Canadian e-commerce company Shopify disclosed a data breach involving two insider threats, but questions remain about the breach and how it was discovered. Continue Reading
-
Tip
24 Sep 2020
Cybersecurity team structure stronger with 3 new roles
Having the right cybersecurity team in place can help reduce how long it takes to control threats. Consider adding cloud security, third-party risk and digital ethics specialists. Continue Reading
-
Tip
23 Sep 2020
7 SOC automation use cases to augment security operations
Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
-
News
23 Sep 2020
FBI: Disinformation attacks on election results 'likely'
Foreign threat actors and cybercriminals are "likely" to spread disinformation around 2020 election results through social media and also alter election-related websites. Continue Reading