SearchSecurity
New & Notable
News
Cybersecurity leaders back law for critical infrastructure
In the wake of cyberattacks like Colonial Pipeline, U.S. senators want a national law requiring critical infrastructure companies to report cybersecurity incidents to CISA.
Problem Solve
How to prevent ransomware: 6 key steps to safeguard assets
Ransomware can cost companies billions in damage. Incorporate these ransomware prevention best practices to keep attackers out.
News
Autodiscover flaw in Microsoft Exchange leaking credentials
Guardicore found that exploiting a design flaw in Autodiscover allowed it to capture 372,00 Windows domain credentials and nearly 97,000 unique application credentials.
Evaluate
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go.
Trending Topics
-
Emerging threats News
Hackers port Cobalt Strike attack tool to Linux
An unknown group of cybercriminals has created a version of the Windows-only Cobalt Strike Beacon tool that works against Linux machines, which has been used in recent attacks.
-
Windows security News
ProxyShell attacks ramping up on unpatched Exchange Servers
Security experts say active attacks on the series of Microsoft Exchange Server flaws, which can be chained to take control of servers, are already being launched in the wild.
-
PCI DSS Evaluate
Explore the next-generation firewall marketplace
Explore some of the top NGFWs currently on the market -- based on features and user reviews -- to help you make a buying decision
-
Encryption technology News
Hackers build a better timing attack to crack encryption keys
A new technique for cracking encryption keys can overcome the limitations of popular timing attacks by analyzing network packets, according to researchers at Black Hat 2021.
-
Security industry trends Evaluate
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go.
-
CISSP Get Started
Take this CISSP practice test before the final exam
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Find Solutions For Your Project
-
Evaluate
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go.
-
The benefits of an IT management response
-
3 components to consider when selecting an MDR service
-
Ultimate guide to secure remote access
-
-
Problem Solve
How to prevent ransomware: 6 key steps to safeguard assets
Ransomware can cost companies billions in damage. Incorporate these ransomware prevention best practices to keep attackers out.
-
How to remove ransomware, step by step
-
Top 3 ransomware attack vectors and how to avoid them
-
3 ransomware detection techniques to catch an attack
-
-
Manage
7 tips for building a strong security culture
Cybersecurity isn't just IT's responsibility. Use these seven tips to build a security culture where employees and IT work together to keep their organization safe.
-
FIM
-
How to navigate cybersecurity product coverage
-
11 video conferencing security and privacy best practices
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | February 2021
Threat detection and response demands proactive stance
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download
Information Security Basics
-
Get Started
Secure Shell (SSH)
SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.
-
Get Started
NIST Cybersecurity Framework
The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.
-
Get Started
PII
Personally identifiable information (PII) is any data that could potentially identify a specific individual.
Multimedia
Blog: Security Bytes
-
Google focuses more on steering the Android ship than righting it
Google's security and privacy upgrades to Android are mostly forward-thinking changes, readying for a future that is inevitable but unclear, rather than ways to improve security today.Continue Reading
-
At RSAC 2019, speculative execution threats take a back seat
The Meltdown and Spectre vulnerabilities loomed large last year, but RSAC 2019 will have little fodder on speculative execution threats and side channels attacks.Continue Reading
-
More Security Bytes Posts
Marriott Starwood data breach notification de-values customers
Are US hacker indictments more than Justice Theater?
Breaking down Dell's "potential cybersecurity incident" announcement
-
News
View All -
Mobile security threats and prevention
Spurned researcher posts trio of iOS zero days
An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details for three zero-day vulnerabilities in its iOS mobile platform.
-
Information security program management
Cybersecurity leaders back law for critical infrastructure
In the wake of cyberattacks like Colonial Pipeline, U.S. senators want a national law requiring critical infrastructure companies to report cybersecurity incidents to CISA.
-
Data security breaches
Autodiscover flaw in Microsoft Exchange leaking credentials
Guardicore found that exploiting a design flaw in Autodiscover allowed it to capture 372,00 Windows domain credentials and nearly 97,000 unique application credentials.
SearchSecurity Definitions
- Secure Shell (SSH)
- NIST Cybersecurity Framework
- personally identifiable information (PII)
- Advanced Encryption Standard (AES)