UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Cyberattacks

Cyberattacks | News, how-tos, features, reviews, and videos

CSO > global security

Feature

CSO Global Intelligence Report: The State of Cybersecurity in 2021

The message is clear in a fresh survey of 2,741 security, IT, and business professionals around the world: The damage from attacks is widespread and organizations are increasing security budgets to fend off further impact.

Ransomware > A masked criminal ransoms data for payment.

Feature

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.

a hand holds an open book from which abstract letters emerge

Feature

Mitre D3FEND explained: A new knowledge graph for cybersecurity defenders

D3FEND is a new schema released by Mitre last month to establish a common language to help cyber defenders share strategies and methods. It is a companion project to the company’s ATT&CK framework.

Praying mantis among green leaves [camouflage/stealth]

News Analysis

APT group hits IIS web servers with deserialization flaws and memory-resident malware

Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.

United States Capitol building / United States Congress / abstract security concept

News Analysis

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

Opinion

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

A binary map of china.

News Analysis

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

A laptop displays binary code and the flag of China.

News Analysis

US charges four suspected Chinese spies who coordinated APT40 hackers

The government outlines how APT40 conducted its Microsoft Exchange Server attack and offers advice to defend against nation-state threats.

lock circuit board bullet hole computer security breach

Analysis

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

president joe biden meets with russian president vladimir putin in geneva switzerland shutterstock

News Analysis

Ransomware talks: How Biden could push Putin to the table

Under pressure to end the ransomware scourge, the White House faces strong headwinds. The problem: Putin has no motivation to change the status quo.

Conceptual image of a password amid hexadecimal code.

Feature

Rainbow tables explained: How they work and why they're (mostly) obsolete

Rainbow tables are password cracking tools with origins dating back to research from the early 1980s. Here's how they work, why attacks are easy to prevent, and how they compare to modern password cracking.

Digital fingerprints are virtually connected. [tracking / identity / genetics / data privacy]

News

Supply-chain attack on Kaseya remote management software targets MSPs

REvil ransomware pushers exploit zero-day flaw in Kaseya VSA to infect MSPs and their customers.

Russian hammer and sickle / binary code

Opinion

US and UK issue rare joint guidance in response to Russian GRU brute force campaign

CISOs should leverage this guidance to help get the resources they need to make these and other cyberattacks too costly for nation-state threat actors and criminals.

Dark net warning sign against black and yellow warning stripes in the background.

The State of CybersecurityBy Darren Guccione

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

CSO > Botnet > Robots amid a blue binary matrix

Feature

Botnet attacks on APIs: Why most companies are unprepared

The use of botnets to target applications for illegal and unethical purposes is growing, yet implementation of bot detection tools and best practices lags.

Insider threats > Employees suspiciously peering over cubicle walls

Opinion

Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know

A grand jury has indicted Securolytics COO Vikas Singla for allegedly helping attackers access Gwinnett Medical Center's phone system and printers. This breach of trust presents a dilemma for CISOs.

United States Capitol building / United States Congress / abstract security concept

News Analysis

US Congress tees up ambitious cybersecurity agenda in the wake of supply chain, ransomware attacks

Roughly 115 cybersecurity-related bills are working their way through the legislative process, in many cases with bipartisan support.

DDOS attack

News Analysis

New DDoS extortion attacks detected as Fancy Lazarus group returns

After operating under other names, Fancy Lazarus has fine-tuned its DDoS extortion campaigns, although with mixed results.

Load More

Popular Resources

eBook
Sponsored

Best-In-Class Security Operations And What It Takes To Get There
eBook
Sponsored

Five Common Data Security Pitfalls To Avoid
White Paper

Alert Overload Still Plagues Cybersecurity Industry
eGuide
Sponsored

A Comprehensive Guide to Building a Pentest Program
eBook
Sponsored

A Guide to ENHANCED CYBERSECURITY Through PHYSICAL SECURITY

See All

Most Popular

BrandPosts

Sponsored by Netscout

Cyberattacks Escalate, Putting Pressure on the Defensive
Sponsored by ExtraHop

ExtraHop Contributes Network Security Expertise to MITRE ATT&CK Framework
Sponsored by Sophos

Using TLS to Avoid Detection is On the Rise