Data Loss Prevention
Data Loss Prevention | News, how-tos, features, reviews, and videos
Sponsor Podcast in partnership with Microsoft
Episode 2: Empowering employees to be secure and productive
Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed
A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.
The biggest data breach fines, penalties and settlements so far
Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.
Top SolarWinds risk assessment resources for Microsoft 365 and Azure
Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.
Top 7 security mistakes when migrating to cloud-based apps
As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.
The 15 biggest data breaches of the 21st century
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
4 ways attackers exploit hosted services: What admins need to know
Attackers are either targeting admins for hosted services with phishing campaigns or exploiting mistakes made when setting them up. Here's what to watch out for.
33 hardware and firmware vulnerabilities: A guide to the threats
Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.
SolarWinds hack is a wakeup call for taking cybersecurity action
Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.
How to prepare for and respond to a SolarWinds-type attack
If you can perform these tasks on your Windows network, then you are properly prepared to respond to a nation-state attack like SolarWinds.
How to block malicious JavaScript files in Windows environments
Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how.
What is malvertising? And how to protect against it
Malvertising, the practice of sprinkling malicious code to legitimate-looking ads, affects both small and large websites. Protecting against it is harder than it seems.
12 new state privacy and security laws explained: Is your business ready?
States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Let's break down what each of these laws entails and how businesses and consumers are affected.
The CSO guide to top security conferences, 2020
Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.
How to avoid subdomain takeover in Azure environments
Active but unused subdomains in Microsoft Azure give attackers the opportunity to use them for malicious purposes. Here's how to identify and delete vulnerable subdomains before attackers do.
6 board of directors security concerns every CISO should be prepared to address
The COVID pandemic and spike in cybercriminal activity has raised interest in security among corporate boards. These are the concerns and questions CISOs say they are now hearing from them.
How to prepare for the next SolarWinds-like threat
It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.
SolarWinds attack explained: And why it was so hard to detect
A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.
Why 2021 will be a big year for deception technology
New use cases, MITRE Shield support, and greater awareness will drive market growth and penetration.
-
White Paper
-
Analyst Report
Sponsored -
White Paper
-
Video/Webcast
Sponsored -
White Paper