Cyberattacks
Cyberattacks | News, how-tos, features, reviews, and videos
How to prepare for the next SolarWinds-like threat
It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.
What is typosquatting? A simple but effective attack technique
Typosquatting is a type of social engineering attack that uses purposely misspelled domains for a variety of malicious purposes.
14 tips to prevent business email compromise
Criminals fool victims into clicking on malicious links or assisting in financial theft by sending emails that mimic real senders and real companies. Here's how to stop BEC.
SolarWinds attack explained: And why it was so hard to detect
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.
FireEye breach explained: How worried should you be?
The theft of red team tools, allegedly by Russia's Cozy Bear group, poses only a small threat to other organizations. The real lesson: Anyone can be hacked.
6 new ways threat actors will attack in 2021
Cyber criminals will leverage improved capabilities and vulnerabilities introduced during the COVID crisis to improve the efficiency of their attacks.
TrickBot gets new UEFI attack capability that makes recovery incredibly hard
Researchers discover a new TrickBot module that allows malware to persist even after reformatting or replacing a hard drive.
Why Excel 4.0 macro exploits are surging
Researchers discover progressively complex and effective XL4 attacks that take advantage of the many organizations that still rely on the old functionality.
What is swatting? Unleashing armed police against your enemies
Swatting is a form of harassment that uses prank calls to send police SWAT teams into victims' homes. Here's what you need to know about this dangerous practice.
China’s exclusion from US 5G market likely to continue with Biden administration
Telecom insiders discuss supply chain security and call for better communication, collaboration, and transparency from the federal government about threats within their industry.
What is the dark web? How to access it and what you'll find
The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.
Mercenary APT group CostaRicto hits organizations worldwide
This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.
How to protect backups from ransomware
Ransomware is getting smarter, attacking backups to prevent recovery. Prevent this from happening by taking a few simple steps.
Avoiding the snags and snares in data breach reporting: What CISOs need to know
Ambiguities in a growing list of US reporting requirements keep CISOs up at night: Will they be compelled to report every breach even if they can prove the data was untouched? Experts advise on how to avoid trouble.
Common pitfalls in attributing cyberattacks
Attack attribution is always difficult as criminal groups often share code and techniques, and nation-state actors excel at deception. Here, security researchers share their techniques and common pitfalls.
Elusive hacker-for-hire group Bahamut linked to historical attack campaigns
The Bahamut group targets high-value victims and takes meticulous care with its own operational security.
New FBI strategy seeks to disrupt threat actors, help defenders through better coordination
The FBI sharpens its focus on collaboration among US and foreign government agencies and the private sector. It will acting as a central hub to deal with cybersecurity threats.
InterPlanetary Storm cross-platform P2P botnet infects computers and IoT devices
IPStorm's ability to infect Android, macOS and Windows devices as well as those that are Linux-based makes it much more dangerous.
Tips to prep for digital forensics on Windows networks
Know what data you need to collect and how you will collect it before a security incident occurs on your Windows network.
9 top anti-phishing tools and services
Some of these solutions will help find and stop phishing emails before they can cause damage, while others will find phishers fraudulently using your business's brand.
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
Video/Webcast
Sponsored