SearchSecurity
New & Notable
News
Data theft in ransomware attacks may change disclosure game
Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly release data, that may be changing.
Evaluate
These key laws increase cyber warfare survivability
Retired Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book.
Evaluate
How to think about the future of cyber warfare
The future of cyber warfare places enterprise security and survivability in the crosshairs. Learn more about cyber warfare threats and capabilities and how infosec can prepare.
News
Microsoft seizes malicious domains used in COVID-19 phishing
Microsoft went to court to seize several malicious domains that were used by cybercriminals in extensive phishing and BEC attacks on Office 365 accounts amid the current pandemic.
Download: Your Complete Guide to IAM
Utilize this 66-page IAM guide to help you stay on top of the latest best practices and techniques. Security expert Michael Cobb explores the risks and rewards of biometrics measures and multifactor authentication, how organizations can assess if it is time to modernize IAM strategies, and much more.
Trending Topics
-
Emerging threats News
Data theft in ransomware attacks may change disclosure game
Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly release data, that may be changing.
-
Windows security News
CISA warns Microsoft SMB v3 vulnerability is under attack
CISA issued an alert Friday about attacks on a Microsoft Server Message Block v3 vulnerability and a proof-of-concept code that exploits the flaw in unpatched systems.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology Get Started
How symmetric and asymmetric encryption algorithms differ
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and cons.
-
Security industry trends News
Risk & Repeat: Can virtual infosec conferences succeed?
This week's Risk & Repeat podcast looks at the recent cancellations of Black Hat USA 2020 and DEF CON 28 and what their virtual replacements will try to accomplish.
-
CISSP Get Started
Passing the CISSP exam: How hard is it?
Want to become a CISSP? Here's everything you need to know, such as how difficult the exam is, tips for studying, what's needed to obtain a passing score and more.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
These key laws increase cyber warfare survivability
Retired Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book.
-
How to think about the future of cyber warfare
-
Why COVID-19 won't stop cybersecurity jobs and recruitment
-
What are the benefits, challenges of AI in cybersecurity?
-
-
Problem Solve
5 steps to lower supply chain cybersecurity threats
Follow five steps to lower the risk of supply chain cybersecurity threats, from creating third-party risk management teams to using blockchain and hyperledger and more.
-
Critical infrastructure can't wait for security requirements
-
3 questions facing security pros during COVID-19
-
How to prevent data breaches
-
-
Manage
Understanding the IAM-compliance relationship
IAM is a key component of any security strategy, but its role in regulatory compliance is just as crucial. Read up on features and processes to make IAM work for your enterprise.
-
Invest in new security talent with cybersecurity mentorships
-
Why enterprises need IAM -- and how to prosper from it
-
How to protect workloads using zero-trust security
-
-
E-Handbook | May 2020
How to get actionable threat intelligence from tech tools
Download -
E-Zine | May 2020
Why CISOs need advanced network security strategies now
Download -
E-Handbook | April 2020
Employ AI for cybersecurity, reap strong defenses faster
Download -
E-Handbook | March 2020
How to implement a strong COVID-19 cybersecurity plan
Download -
E-Handbook | February 2020
Advanced cybersecurity fraud and how to fight it
Download
Information Security Basics
-
Get Started
Choosing between stateless and stateful firewalls
Examine the important differences between stateful and stateless firewalls, and learn when each type of firewall should be used in an enterprise setting.
-
Get Started
5 levels of Cybersecurity Maturity Model Certification
The Cybersecurity Maturity Model Certification requires DOD contractors to achieve baseline security standards. Explore the five levels of certification and how to achieve them.
-
Get Started
Using public keys and private keys in digital signatures
Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents.
Multimedia
Vendor Resources
- Key Cyber Security ‘Windows’ You Need to Close –Resource
- 5 Reasons your SMB workspace needs simple SSO –eBook
- 2020 Data Breach Executive Brief –White Paper
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Hacker tools and techniques: Underground hacking sites
Cybercriminals auction off admin credentials for $3,000
Threat actors are auctioning off domain administrator accounts, selling access to the highest bidder for an average of $3,139 and up to $140,000, according to Digital Shadows.
-
Emerging cyberattacks and threats
Data theft in ransomware attacks may change disclosure game
Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly release data, that may be changing.
-
Email and messaging threats
Microsoft seizes malicious domains used in COVID-19 phishing
Microsoft went to court to seize several malicious domains that were used by cybercriminals in extensive phishing and BEC attacks on Office 365 accounts amid the current pandemic.