SearchSecurity
New & Notable
News
Experts wary of links between GreyEnergy and BlackEnergy
Researchers claim a new threat group called GreyEnergy is the successor to BlackEnergy, but experts are unsure if the evidence supports the claims or warnings of future attacks.
News
(ISC)2: Infosec workforce shortage hits APAC hardest
With a workforce in short supply, the skills gap has affected the professional growth of security pros worldwide, an (ISC)2 Cybersecurity Workforce Study found.
News
Risk & Repeat: Military cybersecurity scrutinized in GAO report
This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military.
Problem Solve
Enterprise security benefits of banning removable storage
IBM banned removable storage devices to encourage employees to use the company's internal file-sharing system. Learn how a ban like this can improve enterprise security.
Trending Topics
-
Emerging threats News
Disclosed libSSH flaw leaves servers at risk
A 4-year-old libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is still unclear exactly how many devices are at risk.
-
Windows security Manage
Microsoft vulnerability too difficult to detect
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how this is possible with Nick Lewis.
-
PCI DSS Get Started
How the PCI SSC took on mobile point-of-sale systems
The PCI SSC developed an mPOS security standard to improve mobile payment and PIN systems. Expert Michael Cobb looks at what the requirements are and how they help.
-
Encryption technology Manage
Comparing lattice cryptography to current cryptography
As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option.
-
Security industry trends News
Risk & Repeat: Breaking down the Pwnie Awards
In this week's Risk & Repeat podcast, SearchSecurity editors discuss whether or not Meltdown and Spectre deserved to be nominated for the Pwnie Awards' Most Overhyped Bug.
-
CISSP Evaluate
Creative ways to earn CISSP CPEs
Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.
Topics Covered
-
Data security technology and strategy (5) +
-
Enterprise identity and access management (8) +
-
Enterprise network security (9) +
- DDoS attack detection and prevention
- Endpoint protection and client security
- IoT security issues
- IPv6 security and network protocols security
- Network Access Control technologies
- Network device security: Appliances, firewalls and switches
- Secure remote access
- Software-defined security best practices
- VPN security
-
Information security certifications, training and jobs (2) +
-
Information security program management (7) +
- Government information security management
- Information security incident response
- Information security laws, investigations and ethics
- Information security policies, procedures and guidelines
- Security automation systems, tools and tactics
- Security industry market trends, predictions and forecasts
- Security vendor mergers and acquisitions
-
Information security risk management (3) +
-
Information security threats (5) +
-
Network threat detection (4) +
-
Platform security (3) +
-
Security audit, compliance and standards (4) +
-
Software and application security (9) +
- Application attacks (buffer overflows, cross-site scripting)
- Application firewall security
- Database security
- Microsoft Patch Tuesday and patch management
- Open source security tools and software
- Productivity apps and messaging security
- Secure SaaS: Cloud application security
- Secure software development
- Social media security risks
-
Web security tools and best practices (3) +
-
Wireless and mobile security (4) +
Featured Authors
Have a question for an expert?
Please add a title for your question
Get answers from your peers on your most technical Information Security challenges.
Meet all of our Information Security experts
-
Michael Heller asks:
What defensive security procedures do you usually take after reading research like this?
Find Solutions For Your Project
-
Evaluate
How TLS certificates were used to phish Netflix users
Hackers can imitate the design and domain name of popular sites like Netflix to steal credentials. Expert Michael Cobb explains how these Netflix phishing attacks work.
-
SIEM tools, future tech and how to prepare for what's ahead
-
Rev up your SIEM with machine learning capabilities
-
How TLBleed attacks leak data by abusing Intel chips
-
-
Problem Solve
Enterprise security benefits of banning removable storage
IBM banned removable storage devices to encourage employees to use the company's internal file-sharing system. Learn how a ban like this can improve enterprise security.
-
How living off the land attacks use legitimate tools
-
How a malicious Chrome extension spreads malware
-
How MysteryBot uses overlay attacks to avoid detection
-
-
Manage
How NetSpectre attacks could leak data remotely
The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe.
-
How home network devices are affected by VPNFilter
-
How the TrickBot banking Trojan combined with IcedID
-
Microsoft vulnerability too difficult to detect
-
-
E-Handbook | October 2018
SIEM tools, future tech and how to prepare for what's ahead
Download -
E-Zine | October 2018
User behavior analytics tackles cloud, hybrid environments
Download -
E-Handbook | September 2018
Security access controls over identities must be priority
Download -
Buyer's Handbook | August 2018
How to find the best privileged identity management tool
Download -
E-Zine | August 2018
Security data scientists on how to make your data useful
Download
Information Security Basics
-
Get Started
How to use Shodan for ICS security
Shodan can be a helpful tool for security pros to locate ICS cybersecurity vulnerabilities. Expert Ernie Hayden explains how Shodan works and how it can be used for security.
-
Get Started
digital signature
A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
-
Get Started
denial-of-service attack
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.
Multimedia
Vendor Resources
Blog: Security Bytes
-
Mystery around Trend Micro apps still lingers one month later
The mystery around the Trend Micro apps that were removed from the Mac App Store continues despite Trend Micro's numerous updates on the matter.Continue Reading
-
FBI, DHS blaming the victims on Remote Desktop Protocol
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated.Continue Reading
-
More Security Bytes Posts
What the GAO Report missed about the Equifax data breach
DHS cybersecurity rhetoric offers contradictions at DEF CON
Five things to watch for at Black Hat USA this year
-
News
View All -
Data security breaches
Report says spammers responsible for Facebook hack
News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more.
-
Cyberespionage and nation-state cyberattacks
Experts wary of links between GreyEnergy and BlackEnergy
Researchers claim a new threat group called GreyEnergy is the successor to BlackEnergy, but experts are unsure if the evidence supports the claims or warnings of future attacks.
-
Information security certifications, training and jobs
(ISC)2: Infosec workforce shortage hits APAC hardest
With a workforce in short supply, the skills gap has affected the professional growth of security pros worldwide, an (ISC)2 Cybersecurity Workforce Study found.