SearchSecurity
New & Notable
Manage
How home network devices are affected by VPNFilter
After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick Lewis.
Manage
How NetSpectre attacks could leak data remotely
The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe.
Manage
How to use Trailblazer to prevent AWS security threats
A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave Shackleford explains how it can bolster cloud security.
Manage
How the TrickBot banking Trojan combined with IcedID
The TrickBot banking Trojan joined forces with IcedID to form a dual threat that targets victims for money. Discover how this union occurred and how it has changed their behaviors.
Trending Topics
-
Emerging threats News
Pentagon breach exposed civilian and military travel data
The Department of Defense said a Pentagon data breach exposed travel records for approximately 30,000 military and civilian personnel, but the investigation is still in progress.
-
Windows security Manage
Microsoft vulnerability too difficult to detect
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Breaking down the Pwnie Awards
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Nick Lewis asks:
What do you think the combination of the TrickBot banking Trojan and IcedID means for banking Trojans in the future?
-
Nick Lewis asks:
How has this Microsoft vulnerability or past vulnerabilities affected your enterprise?
Find Solutions For Your Project
-
Evaluate
How TLS certificates were used to phish Netflix users
Hackers can imitate the design and domain name of popular sites like Netflix to steal credentials. Expert Michael Cobb explains how these Netflix phishing attacks work.
-
SIEM tools, future tech and how to prepare for what's ahead
-
Rev up your SIEM with machine learning capabilities
-
How TLBleed attacks leak data by abusing Intel chips
-
-
Problem Solve
How living off the land attacks use legitimate tools
Hackers use legitimate admin tools to exfiltrate data in living off the land attacks that are hard to detect. Learn about this cyberattack tactic from expert Michael Cobb.
-
How a malicious Chrome extension spreads malware
-
How MysteryBot uses overlay attacks to avoid detection
-
How cryptocurrency mining malware is infecting systems
-
-
Manage
How the TrickBot banking Trojan combined with IcedID
The TrickBot banking Trojan joined forces with IcedID to form a dual threat that targets victims for money. Discover how this union occurred and how it has changed their behaviors.
-
Microsoft vulnerability too difficult to detect
-
How MnuBot malware uses an unusual C&C server
-
How unencrypted previews expose private data
-
-
E-Handbook | October 2018
SIEM tools, future tech and how to prepare for what's ahead
Download -
E-Zine | October 2018
User behavior analytics tackles cloud, hybrid environments
Download -
E-Handbook | September 2018
Security access controls over identities must be priority
Download -
Buyer's Handbook | August 2018
How to find the best privileged identity management tool
Download -
E-Zine | August 2018
Security data scientists on how to make your data useful
Download
Information Security Basics
-
Get Started
How to use Shodan for ICS security
Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security.
-
Get Started
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
-
Get Started
denial-of-service attack
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.
Multimedia
Vendor Resources
- Get Started with Application Security in 3 Easy Steps –Resource
- Measuring the ROI of Security Operations Platforms –EBRIEF
- Measuring ROI in SOAR –White Paper
Blog: Security Bytes
-
Mystery around Trend Micro apps still lingers one month later
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.Continue Reading
-
FBI, DHS blaming the victims on Remote Desktop Protocol
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated.Continue Reading
-
More Security Bytes Posts
What the GAO Report missed about the Equifax data breach
DHS cybersecurity rhetoric offers contradictions at DEF CON
Five things to watch for at Black Hat USA this year
-
News
View All -
Emerging cyberattacks and threats
Pentagon breach exposed civilian and military travel data
The Department of Defense said a Pentagon data breach exposed travel records for approximately 30,000 military and civilian personnel, but the investigation is still in progress.
-
Information security laws, investigations and ethics
Facebook releases more details on account breaches
The recent Facebook breach affected 20 million fewer accounts than was previously thought. The company now says 29 million accounts had data exposed to attackers.
-
Web browser security
More than 10,000 websites still using Symantec certificates
Mozilla delays plans to distrust Symantec TLS certificates in Firefox because despite more than one year's notice, approximately 13,000 websites still use the insecure certificates.