Cybercrime
Cybercrime | News, how-tos, features, reviews, and videos
CISA sees no significant harm from Log4j flaws but worries about future attacks
The U.S. cybersecurity agency can't rule out that adversaries are using Log4j to gain persistent access to launch attacks later.
7 hot cybersecurity trends (and 2 going cold)
Is that security trend hot or not? From tools and technologies to threats and tactics, the numbers don't lie.
The Apache Log4j vulnerabilities: A timeline
The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.
The biggest data breach fines, penalties, and settlements so far
Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.
Top 8 cybersecurity predictions for 2022
Seeing opportunities in the mass move to remote work, cyberattackers are updating their tactics, compelling security leaders to respond. Experts make their predictions about threat reduction, compliance, supply chain management,...
Exploit chains explained: How and why attackers target multiple vulnerabilities
Here is what you need to know about exploit chain risks, use cases, and mitigation.
6 ways hackers hide their tracks
From trusted pentesting tools to LOLBINs, attackers abuse trusted platforms and protocols to evade security controls.
Lessons learned from 2021 network security events
Rather than predict what 2022 will bring, let's manage the future by implementing the lessons learned from this year's biggest security threats.
How ransomware negotiations work
Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.
Supply chain attacks show why you should be wary of third-party providers
The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.
How to detect Log4Shell exposure and exploitation
Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help.
What is Magecart? How this hacker group steals payment card data
Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.
Security lessons from 2021 holiday shopping fraud schemes
Here are four ways fraudsters targeted the 2021 shopping period with insight into how retailers can prevent and defend against exploitation.
The 7 CIS controls you should implement first
The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.
8 top penetration testing certifications employers value
If you're looking for a job as a penetration tester, these certs will help you demonstrate your hacking skills and your commitment to the field.
Survey: Hackers approach staff to assist in ransomware attacks
Cyberattackers have approached employees in 48% of organizations in North America to assist in ransomware attacks, according to a report by Pulse and Hitachi ID.
11 penetration testing tools the pros use
Automated and open source tools can help you conduct web application, network, and database penetration tests.
Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps
The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
Video/Webcast
Sponsored
BrandPosts
Learn more-
Sponsored by Sophos
-
Sponsored by ExtraHop