UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Data Loss Prevention

Data Loss Prevention | News, how-tos, features, reviews, and videos

padlock / Domain Name System / DNS / ICANN / security

News Analysis

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.

gavel / abstract binary lines > court judgment / fine / penalty / settlement

Feature

The biggest data breach fines, penalties and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.

A hacker attacks from within a Windows system.

Feature

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.

digital cloud computing cyber security digital data network future picture id1216520824

Feature

Top 7 security mistakes when migrating to cloud-based apps

As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.

lock circuit board bullet hole computer security breach

Analysis

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

cloud security data breach crime accessible

Opinion

4 ways attackers exploit hosted services: What admins need to know

Attackers are either targeting admins for hosted services with phishing campaigns or exploiting mistakes made when setting them up. Here's what to watch out for.

orange monitors with lock icon network security cyber threat

Feature

33 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.

Binary Russian flag

Checks and BalancesBy Chris Dimitriadis

SolarWinds hack is a wakeup call for taking cybersecurity action

Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.

cyber attack alert

Feature

How to prepare for and respond to a SolarWinds-type attack

If you can perform these tasks on your Windows network, then you are properly prepared to respond to a nation-state attack like SolarWinds.

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

How-To

How to block malicious JavaScript files in Windows environments

Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how.

malvertising malware hacked ads advertising online

Feature

What is malvertising? And how to protect against it

Malvertising, the practice of sprinkling malicious code to legitimate-looking ads, affects both small and large websites. Protecting against it is harder than it seems.

Compliance

Feature

12 new state privacy and security laws explained: Is your business ready?

States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Let's break down what each of these laws entails and how businesses and consumers are affected.

conference / convention / audience / applause / clapping

Feature

The CSO guide to top security conferences, 2020

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

Email takeover > Puppeteer hands manipulating strings

How-To

How to avoid subdomain takeover in Azure environments

Active but unused subdomains in Microsoft Azure give attackers the opportunity to use them for malicious purposes. Here's how to identify and delete vulnerable subdomains before attackers do.

A network of linked question marks.

Feature

6 board of directors security concerns every CISO should be prepared to address

The COVID pandemic and spike in cybercriminal activity has raised interest in security among corporate boards. These are the concerns and questions CISOs say they are now hearing from them.

Security system alert, warning of a cyberattack.

Feature

How to prepare for the next SolarWinds-like threat

It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.

Russian hammer and sickle / binary code

News Analysis

SolarWinds attack explained: And why it was so hard to detect

A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.

Fraud / deception / social engineering > A wolf in sheep's clothing in a binary environment.

Cybersecurity SnippetsBy Jon Oltsik

Why 2021 will be a big year for deception technology

New use cases, MITRE Shield support, and greater awareness will drive market growth and penetration.

Load More

Popular Resources

White Paper

Get $100 Off for every line you activate. All when you switch to T-Mobile for Business.
Analyst Report
Sponsored

Nemertes Research Report, The Transformed Workplace
White Paper

The Role of Session Based SD WAN in an AI Driven Enterprise
Video/Webcast
Sponsored

MITRE ATT&CK as a Framework for Cloud Threat Investigation
White Paper

A Buyer’s Guide to Optimizing Remote Employees’ Extended Network

See All

Most Popular