Endpoint protection and client security
Get information on client security pratcices, including how to build, implement and maintain secure endpoint protection products and procedures for keeping your network safe from potentially unsecure laptops, desktops, and other endpoint devices.
Top Stories
-
News
12 Oct 2021
Cybereason and Google Cloud join forces for new XDR service
Cybereason and Google Cloud have teamed up to combat future security threats with accelerated XDR capabilities. Continue Reading
-
News
29 Sep 2021
Telegram bots allowing hackers to steal OTP codes
A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
-
Definition
04 Apr 2022
Luhn algorithm (modulus 10)
The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers. Continue Reading
-
News
12 Oct 2021
Cybereason and Google Cloud join forces for new XDR service
Cybereason and Google Cloud have teamed up to combat future security threats with accelerated XDR capabilities. Continue Reading
-
News
29 Sep 2021
Telegram bots allowing hackers to steal OTP codes
A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
-
Definition
27 Sep 2021
brute-force attack
A brute-force attack is a trial-and-error method used by application programs to decode login information and encryption keys to use them to gain unauthorized access to systems. Continue Reading
-
News
24 Sep 2021
Spurned researcher posts trio of iOS zero days
An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform. Continue Reading
-
Feature
23 Sep 2021
Experts debate XDR market maturity and outlook
Is extended detection response still all buzz and no bite? Experts disagree on whether XDR qualifies as a legitimate market yet or still has a ways to go. Continue Reading
-
News
02 Sep 2021
FTC drops the hammer on SpyFone for privacy violations
The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app. Continue Reading
-
News
02 Sep 2021
Accellion-related breach disclosures continue to unfold
Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred. Continue Reading
-
News
31 Aug 2021
College students targeted by money mule phishing techniques
Back to fool: University students with little security training are being targeted by Nigerian scammers to move fraudulent funds with the lure of quick bucks and flexible hours. Continue Reading
-
News
09 Aug 2021
'ProxyShell' Exchange bugs resurface after presentation
A critical vulnerability in Microsoft Exchange is once again making the rounds with attackers, following a Black Hat presentation from the researcher who found it. Continue Reading
-
News
05 Aug 2021
Apple's M1 silicon brings new challenges for malware defenders
Noted security researcher Patrick Wardle told Black Hat 2021 attendees that catching malware attacks on new macOS systems requires learning the subtleties of ARM64 architecture. Continue Reading
-
Definition
04 Aug 2021
international private leased circuit (IPLC)
An international private leased circuit (IPLC) is a point-to-point private line used by an organization to communicate between offices that are dispersed throughout the world. Continue Reading
-
Definition
28 Jul 2021
buffer overflow
A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. Continue Reading
-
Definition
13 Jul 2021
spyware
Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge. Continue Reading
-
News
08 Jul 2021
Dutch researchers shed new light on Kaseya vulnerabilities
Dutch security researchers were working with Kaseya to get an authentication bypass flaw and other bugs patched when the catastrophic supply chain attack occurred. Continue Reading
-
News
07 Jul 2021
Microsoft posts emergency 'PrintNightmare' patch
The out-of-band patch release addresses a critical flaw that allowed threat actors to gain remote code execution on vulnerable Windows and Windows Server systems. Continue Reading
-
News
30 Jun 2021
SentinelOne IPO raises $1.2 billion, beating estimates
the endpoint security vendor has gone public in one of the largest IPOs in the cybersecurity industry. Continue Reading
-
News
29 Jun 2021
End users in the dark about latest cyberthreats, attacks
A study from IoT security vendor Armis shows many outside the IT community are unaware of growing threats, leaving a major gap in knowledge of basic security practices. Continue Reading
-
Definition
03 Jun 2021
social engineering
Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain. Continue Reading
-
Feature
21 May 2021
RSA Conference 2021: 3 hot cybersecurity trends explained
In a lightning round session at RSA Conference, ESG analysts discussed three of the hottest topics in cybersecurity in 2021: zero trust, XDR and SASE. Continue Reading
-
News
19 May 2021
Cisco shares lessons learned in zero-trust deployment
The networking giant explained at RSA Conference 2021 how it was able to deploy a company-wide zero trust model in less than six months, and what it learned along the way. Continue Reading
-
News
07 Apr 2021
Cisco: Threat actors abusing Slack, Discord to hide malware
The threat intelligence vendor released a new report on how threat actors are increasingly abusing popular collaboration applications like Slack and Discord during the pandemic. Continue Reading
-
Tip
01 Apr 2021
5 endpoint security best practices to keep company data safe
With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
-
News
08 Mar 2021
McAfee sells off enterprise business for $4 billion
Less than six months after its IPO, McAfee has agreed to sell its enterprise business to private equity firm Symphony Technology Group and refocus on consumer cybersecurity. Continue Reading
-
News
04 Mar 2021
Microsoft's security roadmap goes all-in on 365 Defender
Microsoft 365 Defender's new threat analytics feature includes step-by-step reports on attacks, vulnerabilities and more, as well as links to relevant alerts in each report. Continue Reading
-
Tip
29 Jan 2021
Why endpoint security is important and how it works
Organizations and IT admins must understand the fundamental approaches that endpoint security platforms take to secure endpoints and defend against common threats. Continue Reading
-
Tip
14 Jan 2021
Extended detection and response tools take EDR to next level
Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading
-
Quiz
23 Dec 2020
Endpoint security quiz: Test your knowledge
Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading
-
News
28 Sep 2020
Ivanti makes double acquisition of MobileIron, Pulse Secure
Ivanti will acquire all outstanding shares of MobileIron stock for approximately $872 million. The financial terms of Pulse Secure's acquisition were not disclosed. Continue Reading
-
Tip
30 Jun 2020
3 must-ask post-pandemic questions for CISOs
The worldwide health pandemic has created multiple challenges for today's CISOs and their security teams. Ask these three questions to stay safe in a post-pandemic workplace. Continue Reading
-
Answer
19 Jun 2020
How to prevent network eavesdropping attacks
One of the biggest challenges of network eavesdropping attacks is they are difficult to detect. Read about prevention measures to help keep your network safe from snoopers and sniffers. Continue Reading
-
News
15 Jun 2020
Druva integrates with FireEye Helix for secure backups
The partnership allows security admins to see access history and activity in Druva through FireEye Helix's console, enabling quicker responses to security anomalies. Continue Reading
-
Tip
10 Jun 2020
How security teams can prevent island-hopping cyberattacks
Learn how to prevent island-hopping cyberattacks to keep hackers from gaining the confidence of a phishing victim who could then accidentally commit corporate financial fraud. Continue Reading
-
Feature
05 Jun 2020
A case for both cybersecurity detection and prevention tools
Companies need both detection and prevention cybersecurity tools to effectively keep data and employees safe from attackers. Just one or the other isn't enough. Continue Reading
-
Opinion
01 May 2020
Why nation-state cyberattacks must be top of mind for CISOs
Even though organizations face threats coming from many sources, one type of cyberattack should be top of mind for CISOs: those backed by nation-states. Here's why. Continue Reading
-
Video
30 Apr 2020
Telework security requires meticulous caution, communication
Organizations that are proactive about telework security may enjoy a more resilient network environment. Follow five steps in this webinar to ensure secure remote work. Continue Reading
-
Feature
20 Apr 2020
Zero-trust management challenges outweighed by benefits
The zero-trust model's adoption, deployment and management challenges are easily outweighed by its ability to offset modern threats, IEEE senior member Jack Burbank advises. Continue Reading
-
News
08 Apr 2020
Box Shield adds malware detection
Box Inc. quarantines malware-infected files with features that allow content to be viewed, with admin and security team alerts to address threats before they spread. Continue Reading
-
Feature
24 Mar 2020
4 lasting effects of growing remote workforces on networks
In this roundup of network blogs, explore expert advice on increasing remote workers' efficiency, potential lasting effects of COVID-19 on networks and the future of networking. Continue Reading
-
News
23 Mar 2020
Companies bolster endpoint data protection for remote work
While plenty of teleworking tools exist to help the increase in people working at home due to COVID-19, managing and protecting proliferating endpoint data can alter IT pros' jobs. Continue Reading
-
News
05 Mar 2020
Amid expansion, BlackBerry security faces branding dilemma
BlackBerry continues its push into security by addressing a number of endpoint devices. But analysts discuss whether the former mobile device maker has a perception problem. Continue Reading
-
News
28 Feb 2020
Thoma Bravo's Sophos acquisition near completion
SearchSecurity has learned completion of the Sophos acquisition is imminent, though the endpoint security vendor says the deal has not officially closed. Continue Reading
-
Tip
26 Feb 2020
Stop business email compromise with three key approaches
Why is BEC such a popular attack? Because it works, unfortunately, tempting hackers with huge potential payouts. Learn how to keep them from lining their pockets with your assets. Continue Reading
-
Feature
29 Jan 2020
How to implement a holistic approach to user data privacy
IoT devices flood the market with promises to make daily life more convenient. Learn how to embrace user consent to benefit your organization and enhance user data privacy. Continue Reading
-
Answer
28 Jan 2020
What are some features in Microsoft Defender ATP?
The threat protection platform, which underwent a recent name change, comes with some tailored features for Windows Server 2019 to stop attacks and reduce configuration issues. Continue Reading
-
News
14 Jan 2020
CrowdStrike: Intrusion self-detection, dwell time both increasing
The 2019 CrowdStrike Services Cyber Front Lines Report found that while the percentage of organizations that self-detected an intrusion is up, dwell time has gone up as well. Continue Reading
-
Tip
17 Dec 2019
Perimeterless security still has borders -- and APIs need it
Many people believe perimeterless security means borders are a thing of the past. But virtual borders secure APIs needed by mobile users and cloud workloads. Check out how to manage them. Continue Reading
-
Tip
12 Dec 2019
Master IoT and edge computing security challenges
Edge devices are not necessarily designed with security in mind. Organizations need to think critically about how to approach today's edge computing security challenges. Continue Reading
-
News
04 Dec 2019
NSS Labs drops antitrust suit against AMTSO, Symantec and ESET
NSS Labs dropped its antitrust suit against the Anti-Malware Testing Standards Organization, Symantec and ESET, ending a contentious legal battle in the endpoint security market. Continue Reading
-
Tip
22 Nov 2019
The top 3 use cases for AI endpoint security tools
Endpoint attack surfaces are growing, and cybersecurity pros struggle to keep up. Consider the following use cases for AI endpoint security techniques in the enterprise. Continue Reading
-
News
11 Nov 2019
OpenText's Carbonite acquisition expands its cloud portfolio
OpenText acquires Carbonite, a vendor in cloud-based data protection and backup, disaster recovery and end-point security. Continue Reading
-
News
22 Oct 2019
Forcepoint Web Security offering reaches for the edge
Forcepoint has delivered a web-based security tool leveraging elastic cloud gateway technology that allows admins to access content from any remote location. Continue Reading
-
News
21 Oct 2019
Sophos acquisition bid presents potential growth, peril
Private equity firm Thoma Bravo made an offer to acquire Sophos for approximately $3.9 billion. Analysts discuss what the deal might mean for the endpoint security vendor. Continue Reading
-
News
24 Sep 2019
HP's purchase of endpoint security vendor Bromium a win for IT
Analysts describe HP's Bromium acquisition as a safe, cheap, smart bet in its push to compete with Dell. It's also another sign of rapid consolidation in the endpoint security market. Continue Reading
-
News
23 Aug 2019
Carbon Black acquisition bolsters VMware's security play
VMware announced an agreement to acquire endpoint security vendor Carbon Black in an effort to boost its cloud security offerings; the all-cash deal is valued at $2.1 billion. Continue Reading
-
News
09 Aug 2019
Broadcom-Symantec deal troubles cybersecurity experts
Broadcom laid down a $10.7 billion bet in buying Symantec's enterprise security software. While some are optimistic, security experts predict another Intel-McAfee deal. Continue Reading
-
Answer
26 Jul 2019
How can endpoint security features help combat modern threats?
The antivirus of yesteryear isn't a strong enough competitor to beat modern enterprise threats. Learn about the endpoint security features ready to tackle these battles head-on. Continue Reading
-
News
23 Jul 2019
Researchers fool Cylance AI antimalware with 'simple' bypass
Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." Continue Reading
-
News
13 Jun 2019
CrowdStrike IPO success puts spotlight on endpoint security
Cybersecurity firm CrowdStrike made its successful Wall Street debut Wednesday. The company closed its trading with a share price of $58. Continue Reading
-
Definition
04 Jun 2019
USB Killer
USB Killer is a device that connects to USB drives and delivers a surge which can damage or destroy unprotected hardware. Continue Reading
-
Tip
04 Jun 2019
Zero-trust security model means more than freedom from doubt
A zero-trust security model has a catchy name, but the methodology means more than not trusting any person or device on the network. What you need to know. Continue Reading
-
News
31 May 2019
New Sophos endpoint security software releases
Sophos has released Intercept X for Server with endpoint detection and response to protect users against blended threats and proactively detect stealthy attacks. Continue Reading
-
News
24 May 2019
CrowdStrike, NSS Labs settle legal disputes over product testing
CrowdStrike and NSS Labs have ended their legal dispute with a confidential settlement agreement, which resolves all lawsuits including NSS Labs' antitrust suit against the vendor. Continue Reading
-
News
06 May 2019
Enterprise security threats rising, consumer attacks falling
Cybercriminals are increasingly taking aim at businesses, according to a recent Malwarebytes report. Security experts weigh in on best practices for defending against malware attacks. Continue Reading
-
News
02 May 2019
CrowdStrike tackles BIOS attacks with new Falcon features
CrowdStrike added firmware attack detection capabilities to its Falcon platform and also expanded its partnership with Dell to help organizations tackle BIOS threats. Continue Reading
-
Feature
23 Apr 2019
10 endpoint security products to protect your business
Check out this product roundup and discover all the features endpoint security protection offers, such as patch management, email protection and reporting. Continue Reading
-
News
15 Apr 2019
Blue Hexagon bets on deep learning AI in cybersecurity
Cybersecurity startup Blue Hexagon uses deep learning to detect network threats. Security experts weigh in on the limitations of AI technologies in cybersecurity. Continue Reading
-
News
09 Apr 2019
NSS Labs CTO Jason Brvenik talks security testing challenges
NSS Labs CTO Jason Brvenik talks about his company's relationship with security vendors following the company's antitrust suit against several endpoint protection vendors last year. Continue Reading
-
News
28 Mar 2019
NSS Labs CTO discusses advanced endpoint protection testing, challenges
NSS Labs released the results of its new endpoint protection group test at RSA Conference 2019. NSS Labs CTO Jason Brvenik talks about the results, testing challenges and more. Continue Reading
-
Tip
25 Mar 2019
How EDR tools can improve endpoint security
IT should be constantly re-evaluating security tool choices. Endpoint detection and response tools, for example, can be a good option to improve endpoint security. Continue Reading
-
Tip
21 Mar 2019
8 ways to protect building management systems
Security threats to building management systems can come from numerous sources. Expert Ernie Hayden outlines these potential threats and how to protect against them. Continue Reading
-
Feature
18 Mar 2019
Find the right tool using this antimalware software comparison
Compare endpoint antimalware software products for organizations based on features, level of protection and vendor offerings. Continue Reading
-
News
25 Feb 2019
Synology Active Backup boosts recovery speeds for Shiseido
Worried about slow recovery times and the impact ransomware might cause endpoint devices, Shiseido swapped in Synology Active Backup to reduce recovery time to 30 minutes. Continue Reading
-
Answer
18 Feb 2019
How do I stop the Vidar malvertising attack?
The Vidar malvertising attack was part of a two-pronged intrusion that included the installation of ransomware in endpoints. How can enterprises protect themselves? Continue Reading
-
Tip
07 Feb 2019
More Ghostscript vulnerabilities, more PostScript problems
Researchers keep finding PostScript interpreter bugs. Find out how a new Ghostscript vulnerability enables remote code execution against web services and Linux desktop users. Continue Reading
-
News
31 Jan 2019
Dell unveils endpoint security portfolio with CrowdStrike, Secureworks
Dell has teamed up with CrowdStrike and Secureworks for SafeGuard and Response, a portfolio of endpoint security technology and services, to tackle the shifting threat landscape. Continue Reading
-
Tip
29 Jan 2019
How a Windows antimalware tool helps endpoint security
The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it. Continue Reading
-
Feature
21 Jan 2019
Government shutdown raises end-user security risks
The government shutdown could be a boon for hackers, as end-user resources are a prime attack vector. An expert explains what IT should be on the lookout for. Continue Reading
-
Answer
18 Jan 2019
Java deserialization attacks: What are they and how do they work?
The TP-Link EAP Controller for Linux was recently found to be vulnerable to attacks. Learn from Judith Myerson what this means for users and how it can be prevented. Continue Reading
-
Answer
16 Jan 2019
Network shaping: How does it enable BGP attacks to divert data?
The use of BGPsec protocols was found after looking into threat actors in China that controlled U.S. internet traffic. Discover how this technique works and how it can be mitigated. Continue Reading
-
Answer
17 Dec 2018
Kronos banking Trojan: How does the new variant compare?
Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis. Continue Reading
-
Tip
12 Dec 2018
How to address endpoint security issues caused by users
Certain behaviors, such as ignoring patches, create security issues on the endpoints users work with. IT should enforce policies that prevent users from taking these damaging actions. Continue Reading
-
Infographic
03 Dec 2018
Still no answers to endpoint security protection, survey finds
The frequency of endpoint attacks is on the rise, with 76% of IT security professionals reporting that their organization was compromised by new or zero-day (unknown) exploits. Continue Reading
-
News
30 Nov 2018
Mitre enters product testing with Mitre ATT&CK framework
The first round of evaluations using the Mitre ATT&CK framework has gone public, putting on display how different endpoint products detect advanced threat activities. Continue Reading
-
Answer
16 Nov 2018
What are today's top 3 network security challenges?
A significant shortage of cybersecurity staff, poorly configured firewalls and unmanaged end-user mobile devices are some of the top network security threats. Continue Reading
-
News
06 Nov 2018
Latest Symantec acquisitions target endpoint security
Endpoint security startups Appthority and Javelin Networks are the latest Symantec acquisitions as the cybersecurity giant aims to improve its endpoint protection product. Continue Reading
-
Feature
18 Oct 2018
Understanding third-party Windows 10 security tools
Third-party security tools provide value and new utilities for Windows 10 desktop administrators. IT should consider non-Microsoft options for patching, firewalls and more. Continue Reading
-
Podcast
28 Sep 2018
Risk & Repeat: NSS Labs lawsuit shakes infosec industry
This week's Risk & Repeat podcast discusses NSS Labs' antitrust suit against several security vendors, including CrowdStrike and the Anti-Malware Testing Standards Organization. Continue Reading
-
News
21 Sep 2018
CrowdStrike responds to NSS Labs lawsuit over product testing
CrowdStrike and the Anti-Malware Testing Standards Organization responds the allegations made by NSS Labs in a bombshell antitrust suit over product testing practices. Continue Reading
-
News
19 Sep 2018
NSS Labs lawsuit takes aim at CrowdStrike, Symantec and ESET
In an antitrust lawsuit, NSS Labs accused some of the top antimalware vendors in the industry, including CrowdStrike and Symantec, of conspiring to undermine its testing efforts. Continue Reading
-
Tip
28 Aug 2018
Red team assessments and post-assessment posture improvement
Testing an organization's security maturity is crucial for an organization to improve their post-assessment posture. Learn how red teaming can help this situation with Matt Pascucci. Continue Reading
-
Answer
21 Aug 2018
LG network: How can attackers use preauthenticated commands?
A vulnerability was found in the LG network involving remote preauthenticated commands. Learn how researchers created a malicious password to show how it issue can be abused. Continue Reading
-
News
13 Jul 2018
Endpoint security tool fueled OpenText's Guidance Software acquisition
Endpoint security was the primary draw for OpenText's Guidance Software acquisition. But plans to improve e-discovery and data forensics with Magellan AI are part of the roadmap. Continue Reading
-
Tip
30 May 2018
Cloud endpoint security: Balance the risks with the rewards
While cloud endpoint security products, such as antivirus software, provide users with many benefits, the cloud connection also introduces risks. Expert Frank Siemons explains. Continue Reading
-
Tip
29 May 2018
Desktop and mobile malware detection takes on high priority
End-user computing professionals must embrace modern Windows and mobile malware protection technologies to defend against ransomware and other attacks. Continue Reading
-
Tip
24 May 2018
How the Meltdown and Spectre vulnerabilities impact security
The Meltdown and Spectre vulnerabilities impact the physical and hardware security of systems, making them extremely difficult to detect. Learn how to prevent these attacks with Nick Lewis. Continue Reading
-
News
27 Apr 2018
SentinelOne CEO: Endpoint security market full of 'noise and confusion'
In part two of the interview with SentinelOne CEO Tomer Weingarten, he discusses how niche products and venture capital investments have affected the endpoint security space. Continue Reading
-
Answer
26 Apr 2018
How can I prevent a DDoS attack program?
DDoS programs overwhelm networks with a torrent of requests. How can you prevent a DDoS attack, and what are the steps you can take to keep your networking environment secure? Continue Reading
-
News
16 Apr 2018
CrowdStrike Falcon X takes aim at incident response
CrowdStrike introduced a new component for the vendor's cloud-based security platform -- dubbed Falcon X -- that looks to speed up enterprises' incident response times. Continue Reading
-
Feature
12 Apr 2018
Four Windows 10 built-in security features to know
IT needs an effective plan to maximize security for Windows 10 and get the most out of its built-in features. Continue Reading