SearchSecurity
New & Notable
News
NSA's EternalRomance helps PyRoMineIoT spread
The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.
News
Kaspersky Lab halts No More Ransom project, Europol ties
News roundup: Following a vote by the European Parliament to implement a Kaspersky ban in the EU, Kaspersky announced it would halt ties with the No More Ransom project and Europol.
News
Operation Wire Wire cracks down on email fraud
U.S. federal agencies worked with international law enforcement in Operation Wire Wire to find and prosecute alleged cybercriminals conducting business-email-compromise scams.
News
Microsoft patch management policy clarified with new commitment
Microsoft's unspoken patch management policy has been codified in the new Security Servicing Commitment, which outlines what flaws will be patched monthly and which will be in Windows updates.
Your Guide to Info Sec Certifications
We’ve collected 30+ certifications for you. Which vendor-neutral and vendor-specific security certifications are best for you? Save time by downloading our list organized by experience level.
Trending Topics
-
Emerging threats News
NSA's EternalRomance helps PyRoMineIoT spread
The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.
-
Windows security News
Windows 7 Meltdown patches introduce new flaw
A security researcher discovered the recent Windows Meltdown patches may fix the Intel flaws, but also introduced a more severe vulnerability in some versions of Windows.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Google unveils principles for AI
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
Do you think the NSA holds any responsibility for its leaked exploits being repurposed? Why or why not?
-
Madelyn Bacon asks:
What do you think about Kaspersky's decision to freeze cooperation with Europol and No More Ransom?
Find Solutions For Your Project
-
Evaluate
Machine learning security, a real advance in tech protection
Some pioneers of AI in cybersecurity find progress thus far limited, but machine learning still offers an advancement in protecting enterprise networks and data.
-
The potential fallout from the iBoot firmware code leak
-
Are Meltdown and Spectre vulnerabilities?
-
How to hire the security operations center services you need
-
-
Problem Solve
Add machine learning to your endpoint protection
Need to up your endpoint protection endgame? Learn how applying machine learning for cybersecurity aids in the fight against botnets, evasive malware and more.
-
How a Telegram vulnerability was used for cryptomining
-
Big data, big leaks: We ask a data scientist
-
How KRACK endangers encrypted connections
-
-
Manage
How command and control systems limit attackers
A new remote access Trojan called UBoatRAT was found spreading via Google services and GitHub. Learn how spotting command-and-control systems can protect enterprises with Nick Lewis.
-
Applying the OODA cycle for cyber deception
-
How CyberArk researchers crafted a new attack
-
How the Necurs botnet spreads Scarab ransomware
-
-
E-Handbook | June 2018
Machine learning security, a real advance in tech protection
Download -
E-Zine | June 2018
CISOs face the IoT security risks of stranger things
Download -
Buyer's Handbook | May 2018
A security operations center for hire? Something to consider
Download -
E-Handbook | May 2018
How to best secure DNS? There's more than one approach
Download -
E-Handbook | April 2018
Cyber-risk strategies and models for a post-perimeter age
Download
Information Security Basics
-
Get Started
Machine learning picks up where legacy detection fails
Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.
-
Get Started
Report: Costs that result from insider threats
The Ponemon Institute study "2018 Cost of Insider Threats" examines the cost to companies victimized by material insider threat incidents during the past 12 months.
-
Get Started
honeypot (honey pot)
A honeypot is a computer system that is set up to act as a decoy to lure cyberattacks and to detect, deflect, or study attempts to gain unauthorized access to information systems.
Multimedia
Vendor Resources
Blog: Security Bytes
-
It's GDPR Day. Let the privacy regulation games begin!
GDPR Day -- May 25, 2018 -- has passed and enforcement is now accepting complaints against companies violating the terms of the EU's new privacy regulation.Continue Reading
-
Google I/O's security and privacy focus missing on day one
It's fairly easy to find stories sparking security and privacy concerns regarding a Google product or service — Search, Chrome, Android, AdSense and more — but if you watched or attended Google ...Continue Reading
-
More Security Bytes Posts
Cybersecurity pervasiveness subsumes all security concerns
Algorithmic discrimination: A coming storm for security?
GDPR deadline: Keep calm and GDPR on
-
News
View All -
Emerging cyberattacks and threats
NSA's EternalRomance helps PyRoMineIoT spread
The latest malware threat based on the EternalRomance NSA exploit is PyRoMineIoT, a cryptojacker infecting IoT devices. But experts said the NSA shouldn't be held responsible for the damages.
-
Government information security management
Kaspersky Lab halts No More Ransom project, Europol ties
News roundup: Following a vote by the European Parliament to implement a Kaspersky ban in the EU, Kaspersky announced it would halt ties with the No More Ransom project and Europol.
-
Email and messaging threats
Operation Wire Wire cracks down on email fraud
U.S. federal agencies worked with international law enforcement in Operation Wire Wire to find and prosecute alleged cybercriminals conducting business-email-compromise scams.