August 2019

• August 21, 2019 21 Aug'19

  The difference between zero-day vulnerability and zero-day exploit

  A zero-day vulnerability isn't the same as a zero-day exploit. Learn the difference between these two zero-day terms, as well as why they should be high priority on any CISO's patching list.  Continue Reading

• August 21, 2019 21 Aug'19

  Texas ransomware attack hits 22 municipalities, demands $2.5M

  Ransomware attacks hit 22 municipalities around Texas, most of which appear to be smaller local governments, but the details surrounding the attacks are still unclear.  Continue Reading

• August 20, 2019 20 Aug'19

  KNOB attack puts all Bluetooth devices at risk

  Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to man-in-the-middle attacks and information leaks.  Continue Reading

• August 20, 2019 20 Aug'19

  New network traffic analysis tools focus on security

  Companies have used traffic data analytics to improve bandwidth and network performance. Now, though, a new class of tools taps network data to improve security.  Continue Reading

• August 20, 2019 20 Aug'19

  Network traffic analysis tools secure a new, crucial role

  Gartner just produced its first-ever guide to network traffic analytics security tools. Learn how the analysis of network traffic is broadening to include network security.  Continue Reading

• August 20, 2019 20 Aug'19

  Why is patch management important?

  Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.  Continue Reading

• August 20, 2019 20 Aug'19

  CISO challenges include building credibility within the business

  No matter what comes at them in terms of cybersecurity issues, the main CISO challenge comes down to building credibility as a trustworthy person.  Continue Reading

• August 19, 2019 19 Aug'19

  2020 election security to face same vulnerabilities as in 2016

  Confidence in the security of the 2020 election spanned the gamut, depending on who you asked at DEF CON's Voting Village, with local officials more optimistic than technologists.  Continue Reading

• August 19, 2019 19 Aug'19

  How to build an enterprise penetration testing plan

  Simulating an attack against your network is one of the best ways to remediate security holes before the bad guys find them. Here, learn penetration testing basics and how it can help keep your enterprise safe.  Continue Reading

• August 16, 2019 16 Aug'19

  DevOps security checklist requires proper integration

  There are a lot of moving parts to adding security into a DevOps environment. Using application testing DevOps security tools are key to the equation.  Continue Reading

• August 16, 2019 16 Aug'19

  How to identify and evaluate cybersecurity frameworks

  Not all frameworks for cybersecurity are equal. ESG's Jon Oltsik explains what attributes make a cybersecurity framework and how to go about choosing and using one.  Continue Reading

• August 15, 2019 15 Aug'19

  How to detect and defend against a TCP port 445 exploit and attacks

  The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks.  Continue Reading

• August 14, 2019 14 Aug'19

  Microsoft discovers BlueKeep-like flaws in Remote Desktop Services

  Microsoft disclosed four remote code execution flaws in Remote Desktop Services that are similar to BlueKeep, as well as other vulnerabilities in RDP.  Continue Reading

• August 14, 2019 14 Aug'19

  IoT botnets reach new threshold in Q2 of 2019

  Defending against the rising number and increasing sophistication of IoT botnet attacks isn't an easy task. Learn about the latest threats and the techniques to mitigate them.  Continue Reading

• August 14, 2019 14 Aug'19

  Latest news from the Black Hat 2019 conference

  Learn the latest from this year's Black Hat conference, Aug. 3 to 8. Our team is in Las Vegas to report on what's new in information security risks, trends and defense tactics.  Continue Reading

• August 13, 2019 13 Aug'19

  Google wants Project Zero to be part of an open alliance

  After five years of running Project Zero, Google wants to expand the scope to an open alliance of vulnerability researchers all working toward the same goal to 'make 0day hard.'  Continue Reading

• August 13, 2019 13 Aug'19

  Wireshark tutorial: How to use Wireshark to sniff network traffic

  Learn how to use the Wireshark packet analyzer to monitor network traffic, as well as how to use the Wireshark packet sniffer for network traffic analysis and inspection.  Continue Reading

• August 12, 2019 12 Aug'19

  Why cyber insurance policies are so 'ridiculously cheap'

  The cyber insurance market is growing rapidly and policies are incredibly inexpensive -- but experts at Black Hat 2019 had concerns about those low prices.  Continue Reading

• August 12, 2019 12 Aug'19

  Cybersecurity automation won't fix the skills gap alone

  Joan Pepin, CISO and vice president of operations at Auth0, says cybersecurity automation makes her job possible, but it can't replace the human talent her industry badly needs.  Continue Reading

• August 12, 2019 12 Aug'19

  5 enterprise patch management best practices

  It might not be the most exciting of responsibilities, but the value of enterprise patch management cannot be denied. Review these best practices to build a smooth patching process.  Continue Reading