Threat detection and response
Just as malicious actors' threats and attack techniques evolve, so too must enterprise threat detection and response tools and procedures. From real-time monitoring and network forensics to IDS/IPS, NDR and XDR, SIEM and SOAR, read up on detection and response tools, systems and services.
Top Stories
-
News
26 Nov 2024
AWS CISO details automated cybersecurity tools for customers
Chris Betz, CISO at AWS, discusses how three internal tools are designed to automatically identify and mitigate threats for the cloud giant's customers. Continue Reading
By- Rob Wright, Senior News Director
-
News
21 Nov 2024
Cyber insurers address ransom reimbursement policy concerns
In a recent op-ed for The Financial Times, U.S. Deputy National Security Advisor Anne Neuberger wrote that reimbursing ransom payments is a 'troubling practice that must end.' Continue Reading
By- Arielle Waldman, News Writer
-
Definition
21 Nov 2024
What is a threat intelligence feed?
A threat intelligence feed, also known as a TI feed, is an ongoing stream of data related to potential or current threats to an organization's security. Continue Reading
By- Nick Barney, Technology Writer
- Ivy Wigmore
-
News
21 Nov 2024
Cyber insurers address ransom reimbursement policy concerns
In a recent op-ed for The Financial Times, U.S. Deputy National Security Advisor Anne Neuberger wrote that reimbursing ransom payments is a 'troubling practice that must end.' Continue Reading
By- Arielle Waldman, News Writer
-
News
21 Nov 2024
DOJ charges 5 alleged Scattered Spider members
The defendants, charged for conducting alleged phishing scams across the U.S., are suspected members of a prolific threat group responsible for last year's casino attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
20 Nov 2024
Risk & Repeat: China hacks major telecom companies
The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
20 Nov 2024
Apple warns 2 macOS zero-day vulnerabilities under attack
The macOS Sequoia vulnerabilities are the latest to be targeted and exploited by threat actors as cybersecurity vendors report a shift in the landscape. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Nov 2024
2 Palo Alto Networks zero-day vulnerabilities under attack
CVE-2024-9474 marks the second zero-day vulnerability in Palo Alto Networks' PAN-OS firewall management interface to come under attack in the last week. Continue Reading
By- Arielle Waldman, News Writer
-
News
15 Nov 2024
Palo Alto Networks PAN-OS management interfaces under attack
Palo Alto Networks confirmed that threat actors are exploiting a vulnerability in PAN-OS firewall management interfaces after warning customers to secure them for nearly a week. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
13 Nov 2024
Most widely exploited vulnerabilities in 2023 were zero days
While zero-day exploitation surged throughout 2023, CISA said threat actors continue to exploit known vulnerabilities that were disclosed and patched as far back as 2017. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
12 Nov 2024
SIEM vs. SOAR vs. XDR: Evaluate the key differences
SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs. Continue Reading
By -
Tip
12 Nov 2024
EDR vs. XDR vs. MDR: Key differences and benefits
One of the most important goals of cybersecurity professionals is to quickly identify potential or in-progress cyberattacks. These three approaches can help. Continue Reading
By -
News
06 Nov 2024
CISA on 2024 election security: 'Good news' for democracy
CISA Director Jen Easterly says that despite disruptions including bomb threats in multiple states, Election Day 2024 was a success story from a security standpoint. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
06 Nov 2024
What is machine identity management?
Machine identity management focuses on the machines connected to and accessing resources on a network. Continue Reading
-
News
05 Nov 2024
Canadian authorities arrest alleged Snowflake hacker
Alexander Moucka was arrested last week and is expected to appear in court Tuesday for allegedly breaching dozens of Snowflake customers. Continue Reading
By- Arielle Waldman, News Writer
-
News
04 Nov 2024
CISA: U.S. election disinformation peddled at massive scale
CISA said the U.S. cybersecurity agency has seen small-scale election incidents 'resulting in no significant impacts to election infrastructure,' such as low-level DDoS attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
01 Nov 2024
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
-
News
31 Oct 2024
China-based APTs waged 5-year campaign on Sophos firewalls
For years, several advanced persistent threat groups tied to the Chinese government targeted Sophos firewall products with custom malware and zero-day exploits. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
30 Oct 2024
How to create an incident response playbook with template
Using an incident response playbook can speed up an organization's responses to cyberattacks. Find out how to build repeatable playbooks to use for different types of incidents. Continue Reading
By- Karen Scarfone, Scarfone Cybersecurity
-
News
30 Oct 2024
Play ransomware attack tied to North Korean nation-state actor
A relationship between North Korean actor Jumpy Pisces and Play ransomware would be unprecedented, as the former has not collaborated with cybercrime gangs previously. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Podcast
29 Oct 2024
Risk & Repeat: SEC cracks down on cybersecurity disclosures
The SEC's charges against Unisys, Avaya, Check Point Software Technologies and Mimecast have raised questions about expectations for transparency in cybersecurity. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Oct 2024
REvil convictions unlikely to curb Russian cybercrime
In a rare action against cybercrime, a court in Russia sentenced four individuals tied to the Revil ransomware gang for money laundering and malware distribution charges. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
29 Oct 2024
How to configure and customize Kali Linux settings
Learning how to use Kali Linux for ethical hacking and penetration testing? Read step by step how to configure and customize the distribution. Continue Reading
By- Kyle Johnson, Technology Editor
- Packt Publishing
-
Tip
28 Oct 2024
Insider threat hunting best practices and tools
Detecting threats coming from inside the organization presents unique challenges. Insider threat hunting helps identify potential threat actors and proactively deal with them. Continue Reading
By- Jerald Murphy, Nemertes Research
-
News
24 Oct 2024
Cisco ASA and FTD zero day used in password spraying attacks
One day after Cisco disclosed a zero-day vulnerability discovered in its VPN software, CISA added the flaw to its Known Exploited Vulnerabilities catalog. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
24 Oct 2024
EDR vs. SIEM: Key differences, benefits and use cases
Endpoint detection and response and security information and event management tools offer organizations benefits, but each plays a specific role, so it's worth having both. Continue Reading
By- Ravi Das, ML Tech Inc.
-
News
24 Oct 2024
Fortinet FortiManager zero-day flaw exploited since June
Mandiant researchers first observed exploitation activity against CVE-2024-47575 on June 27, with more than 50 FortiManager devices compromised since. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
24 Oct 2024
EDR vs. EPP: How are they different and which is right for you?
Endpoint detection and response tools and endpoint protection platforms offer similar security features. Which is better for your organization: EDR, EPP or both? Continue Reading
By -
Guide
24 Oct 2024
SolarWinds breach news center
The massive SolarWinds supply chain attack continues to invade networks. Here's the latest news on the breach, how the malware infiltrates systems and the IT industry response. Continue Reading
By- Bridget Botelho, Editorial Director, News
-
Tip
22 Oct 2024
Threat intelligence vs. threat hunting: Better together
Understanding and using threat intelligence and threat hunting together provides enterprises with a well-rounded security posture. Find out how to build your plan. Continue Reading
-
News
22 Oct 2024
Thoma Bravo-owned Sophos to acquire Secureworks for $859M
Sophos said it plans to integrate Secureworks' products into a broader portfolio that serves both large enterprises and small and medium-sized businesses. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
21 Oct 2024
Cisco confirms attackers stole data from DevHub environment
While Cisco said its systems were not breached, the vendor did confirm that attackers stole sensitive information from the public-facing portal. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 Oct 2024
DOJ charges alleged Anonymous Sudan ringleaders
Two Sudanese brothers are accused of leading the cybercriminal group that caused significant damage to healthcare organizations as well as other high-profile victims. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 Oct 2024
September a quiet month for ransomware attacks
Notable ransomware attacks in September involved a Rhode Island public school district, a Texas hospital system, and Kawasaki Motors' European branch. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Oct 2024
Microsoft: Nation-state activity blurring with cybercrime
Microsoft's Digital Defense Report 2024 noted that Russia 'outsourced some cyberespionage operations' against Ukraine to otherwise independent cybercrime gangs. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
16 Oct 2024
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
By -
Definition
11 Oct 2024
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
By- Paul Kirvan
- Kinza Yasar, Technical Writer
- Ben Lutkevich, Site Editor
-
Definition
10 Oct 2024
What is threat intelligence?
Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
-
Definition
10 Oct 2024
What is extended detection and response (XDR)?
Extended detection and response (XDR) is a technology-driven cybersecurity process designed to help organizations detect and remediate security threats across their entire IT environment. Continue Reading
-
Definition
09 Oct 2024
What is user behavior analytics (UBA)?
User behavior analytics (UBA) is the tracking, collecting and assessing of user data and activities using monitoring systems. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Peter Loshin, Former Senior Technology Editor
- Madelyn Bacon, TechTarget
-
News
08 Oct 2024
High-severity Qualcomm zero-day vulnerability under attack
Qualcomm urges customers to patch the memory corruption vulnerability as Google researchers have observed targeted exploitation in the wild against the flaw. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
04 Oct 2024
Contact center fraud: How to detect and prevent it
Contact centers can be sitting ducks for fraudsters, but comprehensive agent training, authentication techniques and advanced technologies can protect businesses and customers. Continue Reading
By- Kathleen Richards
- Andrew Froehlich, West Gate Networks
-
Feature
03 Oct 2024
'Defunct' DOJ ransomware task force raises questions, concerns
A report from the Office of the Inspector General reviewed the U.S. Department of Justice's efforts against ransomware and found its task force was largely ineffective. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Oct 2024
Law enforcement agencies arrest 4 alleged LockBit members
Operation Cronos' efforts to disrupt the LockBit ransomware gang continue as authorities announced the arrests of four alleged members, including one developer. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Sep 2024
Onapsis debuts SAP security capabilities for BTP
New capabilities from Onapsis are aimed at enabling customers to assess security for and protect SAP Business Technology Platform from configuration and other vulnerabilities. Continue Reading
By- Jim O'Donnell, News Writer
-
News
26 Sep 2024
Ransomware Task Force finds 73% attack increase in 2023
The Institute for Security and Technology's Ransomware Task Force says a shift to big game hunting tactics led to a significant rise in attacks last year. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Sep 2024
Arkansas City water treatment facility hit by cyberattack
While disruptions are limited, the attack on the water treatment facility highlights how the critical infrastructure sector remains a popular target for threat actors. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Sep 2024
Microsoft warns of Russian election threats, disinformation
As the 2024 U.S. presidential election nears, Microsoft detailed new influence campaigns, such as fake videos aimed at discrediting Vice President Kamala Harris. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Sep 2024
FBI disrupts another Chinese state-sponsored botnet
The FBI said the massive botnet, which included 260,000 connected devices, was developed and operated by a publicly traded Chinese company named Integrity Technology Group. Continue Reading
By- Rob Wright, Senior News Director
-
News
18 Sep 2024
Huntress warns of attacks on Foundation Software accounts
The cybersecurity company observed a brute force attack campaign targeting Foundation customers that did not change default credentials in their accounting software. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
17 Sep 2024
Infosec experts detail widespread Telegram abuse
Cybersecurity vendors say threat activity on Telegram has grown rapidly in recent years, and they don't expect the arrest of founder and CEO Pavel Durov to change that trend. Continue Reading
By- Arielle Waldman, News Writer
-
Answer
16 Sep 2024
How important is authentication in email marketing?
Marketers who have email strategies must understand the importance of authentication protocols to ensure campaigns are successful and bad actors don't reach customers. Continue Reading
By- Griffin LaFleur, Swing Education
-
Tip
16 Sep 2024
Explaining cybersecurity tabletop vs. live-fire exercises
Tabletop games and live-fire exercises are two ways to test the effectiveness of enterprise security controls and defenses. Discover how each works and how they differ. Continue Reading
By -
News
16 Sep 2024
Windows spoofing flaw exploited in earlier zero-day attacks
Microsoft reveals that CVE-2024-43461, which was disclosed in September's Patch Tuesday, was previously exploited as a zero-day vulnerability in an attack chain. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
13 Sep 2024
How AI could change threat detection
AI is changing technology as we know it. Discover how it's already improving organizations' ability to detect cybersecurity threats and how its benefits could grow as AI matures. Continue Reading
-
News
12 Sep 2024
Mastercard to acquire Recorded Future for $2.65B
Mastercard says the addition of threat intelligence vendor Recorded Future will bolster its cybersecurity services as threats against the financial sector continue to rise. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
12 Sep 2024
What is threat detection and response (TDR)? Complete guide
Threat detection and response (TDR) is the process of recognizing potential cyberthreats and reacting to them before harm can be done to an organization. Continue Reading
By- Phil Sweeney, Industry Editor
-
News
11 Sep 2024
Microsoft: Zero-day vulnerability rolled back previous patches
On Patch Tuesday, Microsoft addresses a critical zero-day vulnerability that reversed previous fixes for older vulnerabilities and put Windows 10 systems at risk. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
11 Sep 2024
How to prevent vendor email compromise attacks
Vendor email compromise is one of the latest email attacks to hit headlines. Learn how to prevent becoming a victim to this potentially expensive scheme. Continue Reading
-
News
09 Sep 2024
Akira ransomware gang targeting SonicWall VPN accounts
Arctic Wolf recently observed the Akira ransomware gang compromising SonicWall SSL VPN accounts, which could be connected to a critical vulnerability in SonicOS. Continue Reading
By- Arielle Waldman, News Writer
-
Definition
06 Sep 2024
What is network detection and response (NDR)?
Network detection and response (NDR) technology continuously scrutinizes network traffic to identify suspicious activity and potentially disrupt an attack. Continue Reading
-
Tip
06 Sep 2024
Threat hunting frameworks, techniques and methodologies
Threat hunting's proactive approach plays a vital role in defending against cyberattacks. Learn about the frameworks, methodologies and techniques that make it so effective. Continue Reading
By- Dave Shackleford, Voodoo Security
-
Definition
06 Sep 2024
What is identity threat detection and response (ITDR)?
Identity threat detection and response (ITDR) is a collection of tools and best practices aimed at defending against cyberattacks that specifically target user identities or identity and access management (IAM) infrastructure. Continue Reading
-
Definition
06 Sep 2024
What is MXDR, and do you need it?
Managed extended detection and response (MXDR) is an outsourced service that collects and analyzes threat data from across an organization's IT environment. Continue Reading
By- Char Sample, ICF International
-
Tip
05 Sep 2024
What is threat hunting? Key strategies explained
If you are ready to take a more proactive approach to cybersecurity, threat hunting might be a tactic to consider. Here's what security teams should know. Continue Reading
By- Ed Moyle, Drake Software
-
Feature
28 Aug 2024
Halliburton cyberattack explained: What happened?
Oil field services provider Halliburton reported on Aug. 23, 2024, that it was the victim of a cyberattack, adding another to the growing list of cyberincidents. Continue Reading
-
News
28 Aug 2024
Volt Typhoon exploiting Versa Director zero-day flaw
Lumen Technologies researchers have observed exploitation of CVE-2024-39717 against four U.S. organizations in the ISP, MSP and IT sectors. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
27 Aug 2024
Infosec industry calls for more public sector collaboration
As cyberattacks continue to rise, infosec professionals address the need to increase private and public sector partnerships to assist law enforcement operations. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
26 Aug 2024
How to use the NIST CSF and AI RMF to address AI risks
Companies are increasingly focused on how they can use AI but are also worried about their exposure to AI-fueled cybersecurity risks. Two NIST frameworks can help. Continue Reading
By- Matthew Smith, Seemless Transition LLC
-
Tip
26 Aug 2024
5 open source Mitre ATT&CK tools
Security teams that use the Mitre ATT&CK framework should consider using these open source tools to help map attacker techniques to the knowledge base. Continue Reading
By- Ashwin Krishnan, StandOutin90Sec
-
Answer
26 Aug 2024
How does DMARC affect email marketing?
Marketers must prepare for DMARC to ensure their emails reach customers' inboxes -- rather than their spam or junk folders -- and to build trust between consumers and the brand. Continue Reading
By- Griffin LaFleur, Swing Education
-
Conference Coverage
23 Aug 2024
The latest from Black Hat USA 2024
Use this guide to Black Hat 2024 to keep up on breaking news, trending topics and expert insights from one of the world's top cybersecurity conferences. Continue Reading
By- Sharon Shea, Executive Editor
-
Definition
20 Aug 2024
What is cloud detection and response (CDR)?
Cloud computing requires a security approach that is different than traditional protections. Where does cloud detection and response fit into a cybersecurity strategy? Continue Reading
-
Tip
19 Aug 2024
Guide to data detection and response (DDR)
Data is one of the most important assets in any organization. To truly protect it, you need a DDR strategy. Here's what you need to know, with tips on buying DDR tools. Continue Reading
-
Opinion
16 Aug 2024
Cyber-risk management: Key takeaways from Black Hat 2024
Product updates announced at Black Hat USA 2024 can help security teams better manage constantly changing attack surfaces and ensure new AI projects won't pose security risks. Continue Reading
By- David Vance
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
15 Aug 2024
New deepfake audio detector released as U.S. election nears
The tool can identify AI-generated speech. The release follows wide circulation of deepfakes of vice president Kamala Harris and X owner Elon Musk. Continue Reading
By- Esther Ajao, News Writer
-
Tip
15 Aug 2024
How to select an MDR security service
With the threat landscape as challenging as it is, organizations are looking for reinforcements. One option is to bolster detection and response via third-party MDR services. Continue Reading
-
News
12 Aug 2024
Flashpoint CEO: Cyber, physical security threats converging
Although Flashpoint is known for their cybersecurity threat intelligence services, the vendor also provides physical security intelligence to its clientele. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
12 Aug 2024
EDR testing: How to validate EDR tools
Cutting through an EDR tool's marketing hype is difficult. Ask vendors questions, and conduct testing before buying a tool to determine if it solves your organization's pain points. Continue Reading
By -
News
07 Aug 2024
Veracode highlights security risks of GenAI coding tools
At Black Hat USA 2024, Veracode's Chris Wysopal warned of the downstream effects of how generative AI tools are helping developers write code faster. Continue Reading
By- Arielle Waldman, News Writer
-
News
07 Aug 2024
Researchers unveil AWS vulnerabilities, 'shadow resource' vector
During a Black Hat USA 2024 session, Aqua Security researchers demonstrated how they discovered six cloud vulnerabilities in AWS services and a new attack vector. Continue Reading
By- Rob Wright, Senior News Director
-
Definition
02 Aug 2024
What is endpoint security? How does it work?
Endpoint security is the protection of endpoint devices against cybersecurity threats. Continue Reading
-
News
31 Jul 2024
Microsoft confirms DDoS attack disrupted cloud services
Microsoft suffered a DDoS attack on Tuesday that caused massive outages for customers around the world. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
30 Jul 2024
Be prepared for breach disclosure and a magnitude assessment
Organizations need to take a proactive approach to monitoring data stores continuously, and in the case of a breach, assess the magnitude quickly and accurately. DSPM can help you. Continue Reading
By- Todd Thiemann, Senior Analyst
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
Tip
29 Jul 2024
6 types of DNS attacks and how to prevent them
DNS servers are vulnerable to a variety of attacks, but there are steps you can take to secure them from danger. Continue Reading
By- Ravi Das, ML Tech Inc.
-
Feature
25 Jul 2024
The differences between open XDR vs. native XDR
Extended detection and response tools are open or native. Learn the differences between them, and get help choosing the right XDR type for your organization. Continue Reading
By- Kyle Johnson, Technology Editor
-
News
24 Jul 2024
KnowBe4 catches North Korean hacker posing as IT employee
KnowBe4 says it hired a new principal security engineer for its internal AI team, but quickly detected suspicious activity originating from the employee's workstation. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
24 Jul 2024
AT&T data breach: What's next for affected customers?
Another breach has affected millions of people -- this time it is AT&T customers. Learn more about this AT&T breach and what to do if you were part of this attack. Continue Reading
By- Amanda Hetler, Senior Editor
-
Tip
24 Jul 2024
How to implement an attack surface management program
Keeping attackers away from corporate assets means keeping constant vigilance over the organization's attack surface. An attack surface management program can help. Continue Reading
By -
Tutorial
23 Jul 2024
Intro: How to use BlackArch Linux for pen testing
BlackArch Linux offers a lot of pen testing and security benefits, but it requires knowledgeable and independent professionals who can put the distribution to work. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Feature
23 Jul 2024
The ultimate guide to cybersecurity planning for businesses
This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
By- Craig Stedman, Industry Editor
-
Tip
22 Jul 2024
Cloud detection and response: CDR vs. EDR vs. NDR vs. XDR
Cloud detection and response is the latest detection and response tool. Explore how it differs from endpoint, network and extended detection and response tools. Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
18 Jul 2024
Fin7 helps ransomware gangs with EDR bypass
SentinelOne found the Russia-based cybercriminal group is helping other threat actors, including ransomware gangs, to evade detection with a custom tool named AvNeutralizer. Continue Reading
By- Arielle Waldman, News Writer
-
Tutorial
18 Jul 2024
How to use Pwnbox, the cloud-based VM for security testing
Pwnbox offers users the chance to hone their skills about security concepts and tools without having to build a costly lab environment. Continue Reading
By- Damon Garn, Cogspinner Coaction
-
Definition
15 Jul 2024
What is an intrusion detection system (IDS)?
An intrusion detection system monitors (IDS) network traffic for suspicious activity and sends alerts when such activity is discovered. Continue Reading
By- Cameron Hashemi-Pour, Site Editor
- Ben Lutkevich, Site Editor
-
News
11 Jul 2024
Ransomware gangs increasingly exploiting vulnerabilities
New research from Cisco Talos highlighted three of the most popular known vulnerabilities that were exploited by ransomware gangs for initial access during 2023 and 2024. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Jul 2024
Check Point sheds light on Windows MSHTML zero-day flaw
A Check Point Software Technologies researcher who discovered CVE-2024-38112 said the Windows spoofing vulnerability may have been exploited as far back at January 2023. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Opinion
09 Jul 2024
CISOs on how to improve cyberthreat intelligence programs
Organizations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response. Continue Reading
By- Jon Oltsik, Analyst Emeritus
-
Enterprise Strategy Group
We provide market insights, research and advisory, and technical validations for tech buyers.
-
News
09 Jul 2024
Governments issue warning on China's APT40 attacks
Government agencies say APT40 continues to pose significant risk to organizations across the globe by exploiting vulnerabilities in public-facing applications. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
08 Jul 2024
How AI-driven SOC tech eased alert fatigue: Case study
Alert fatigue is real, and it can cause big problems in the SOC. Learn how generative AI can improve security outcomes and reduce analysts' frustration in this case study. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Definition
05 Jul 2024
What is a cyber attack? How they work and how to stop them
A cyber attack is any malicious attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Mary K. Pratt
-
Tip
05 Jul 2024
16 common types of cyberattacks and how to prevent them
To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks and what to do to prevent them. Continue Reading
By