SearchSecurity
New & Notable
Gartner analysts debate ransomware payments
During Gartner's IT Symposium, analysts discussed the complex factors companies face when deciding whether or not to give into ransom demands.
5 questions to ask when creating a ransomware recovery plan
These 'five W's of ransomware' will help organizations ask the right questions when creating a ransomware-specific disaster recovery plan.
'LightBasin' hackers spent 5 years hiding on telco networks
A state-sponsored hacking group has been moving undetected on the networks of more than a dozen telecommunications providers, observing traffic and collecting data for years.
Federal agencies issue warning on BlackMatter ransomware
U.S. government agencies say a new family of malware could create problems for critical infrastructure by shutting down critical networks and disrupting commerce.
Trending Topics
-
Emerging threats
Best practices to detect and mitigate deepfake attacks
Deepfake technology enables fraudsters to distort reality and commit financial crimes. Learn how the technology works and best practices to mitigate deepfake attacks.
-
Windows security News
Microsoft releases emergency Exchange Server mitigation tool
Microsoft turned its attention to organizations that are slower to patch by releasing an emergency mitigation tool as a temporary fix against current threats.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology News
Hackers build a better timing attack to crack encryption keys
A new technique for cracking encryption keys can overcome the limitations of popular timing attacks by analyzing network packets, according to researchers at Black Hat 2021.
-
Security industry trends Evaluate
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
The complete guide to ransomware
Organizations in every industry can be targets of cybercrime for profit. Get expert advice on ransomware prevention, detection and recovery in our comprehensive guide.
-
How to evaluate and deploy an XDR platform
-
Top 10 ransomware targets in 2021 and beyond
-
Experts debate XDR market maturity and outlook
-
-
Problem Solve
6 reasons unpatched software persists in the enterprise
Patching is like flossing -- everyone knows they should do it, yet too few do it often and well. Explore why unpatched software is still ubiquitous, despite the risks.
-
How to create a ransomware incident response plan
-
How to prevent ransomware: 6 key steps to safeguard assets
-
How to remove ransomware, step by step
-
-
Manage
5 open source offensive security tools for red teaming
To be an effective red teamer, you need the right tools in your arsenal. These are five of the open source offensive security tools worth learning.
-
5 principles for AppSec program maturity
-
Certified Information Security Manager (CISM)
-
ID management
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
cipher
In cryptography, a cipher is an algorithm for encrypting and decrypting data.
-
Get Started
risk analysis
Risk analysis is the process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects.
-
Get Started
cybersecurity insurance
Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.
Multimedia
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Cyberespionage and nation-state cyberattacks
Federal agencies issue warning on BlackMatter ransomware
U.S. government agencies say a new family of malware could create problems for critical infrastructure by shutting down critical networks and disrupting commerce.
-
Government information security management
FinCEN: 2021 ransomware activity outpaces 2020 in 6 months
The U.S. Treasury's financial crimes bureau has seen a rise in anonymity-enhanced cryptocurrencies like Monero, though Bitcoin remains the most used.
-
Data security breaches
Sinclair Broadcast Group suffers ransomware attack, breach
The media giant disclosed a ransomware attack Monday that caused massive disruptions across networks and saw threat actors obtain corporate data.
SearchSecurity Definitions
- cipher
- What is risk analysis?
- What is cybersecurity insurance (cybersecurity liability insurance)?
- What is integrated risk management (IRM)?
- CISO as a service (vCISO, virtual CISO, fractional CISO)
- cryptographic nonce
- decompression bomb (zip bomb, zip of death attack)
- SSL VPN (Secure Sockets Layer virtual private network)