APT group hits IIS web servers with deserialization flaws and memory-resident malware

Mitre D3FEND: A new knowledge graph for cybersecurity defenders

7 tenets of zero trust explained

Advertisement

A large 'X' marks a conceptual image of a password amid hexadecimal code.

How to review password quality in Active Directory

Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.

a hand holds an open book from which abstract letters emerge

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

Praying mantis among green leaves [camouflage/stealth]

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.

Advertisement

United States Capitol building / United States Congress / abstract security concept

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.

Conceptual image of a network labeled 'Zero Trust.'

7 tenets of zero trust explained

Cut through the hype. NIST's core zero trust elements provide a practical framework around which to build a zero trust architecture.

man in bed nightmare what keeps you up at night stress sleeping by gorodenkoff getty images

Why code reuse is still a security nightmare

Despite best efforts to track software dependencies, blind spots still exist leading to silent vulnerabilities in software.

Aspects of employment / communication / networking / partnership / collaboration / teams / hiring

The state of security hiring: Jobs, skills & salaries

We look at the trends in cybersecurity hiring today, including the most in-demand jobs and skills and the hottest markets—and what it will take to attract and retain top talent.

Binary flag of the European Union viewed through a magnifying lens and showing a ripple effect.

EU takes aim at ransomware with plans to make Bitcoin traceable, prohibit anonymity

The European Commission has set out new legislative proposals to make crypto transfers more traceable. While the plans will close some existing loopholes, the impact on cybercrime is likely to be minimal, experts say.

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

A gavel rests on open law book. [law / regulation / compliance / legal liability]

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

Popular Resources
View All

Advertisement

security trust

Secure multiparty computation explained: Ensuring trust in untrustworthy environments

Secure multiparty computation is a collection of algorithms that allow people to work together over a network to find a consensus or compute a value and have faith that the answer is correct. Everyone contributed fairly and there was...

data pipeline primary

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency's new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

A vault door security mechanism with abstract circuits. / increase security / harden against attacks

Best Mitre D3FEND advice to harden Windows networks

Mitre's recently released D3FEND matrix offers sound guidance for any security admin or CISO looking to harden a Windows network against attack.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

A binary map of china.

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

From Our Advertisers