Internet Security

Internet Security | News, how-tos, features, reviews, and videos

Encrypted blocks of multicolored data cubes rolling out.
backdoor / abstract security circuits, locks and data blocks

cso security hacker breach gettyimages 1134588944 by jossnatu 2400x1600px

Booming dark web gig economy is a rising threat

Experts seen a sharp increase in help-wanted ads for black hat hackers-for-hire. Here's what they are targeting and how to respond to the threat.

padlock / Domain Name System / DNS / ICANN / security

DNS over HTTPS, DNS over TLS explained: Encrypting DNS traffic

DoT and DoH provide data confidentiality with end-to-end encryption for DNS traffic, but each has trade-offs.

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

7 critical IT policies you should have in place

Putting a framework of IT policies that should be the foundation of every company's security plan.

keyboard laptop microsoft edge logo web browser by urupong getty images 1200x800

How to harden Microsoft Edge against cyberattacks

Chromium-based Edge gives enterprises the opportunity to standardize on one browser. Here are the key security settings you need to know.

Email takeover  >  Puppeteer hands manipulating strings

How to avoid subdomain takeover in Azure environments

Active but unused subdomains in Microsoft Azure give attackers the opportunity to use them for malicious purposes. Here's how to identify and delete vulnerable subdomains before attackers do.

5 cryptography and data protection

What is cryptography? How algorithms keep information secret and safe

Cryptography is the science of keeping information secret and safe by transforming it into form that unintended recipients cannot understand. It makes secure data transmission over the internet possible.

internet web browser https / url address bar

Silo for Safe Access: A more secure web browser for some use cases

Authentic8's Silo is a sandboxed web browser designed to protect users and systems from malicious code. It can be a more secure option than VPNs or virtual desktops in some cases.

A virtual checkmark in digital system / standards / quality control / certification / certificates

Why it's time to shift to extended validation certificates

More than ever, a strong organizational identity is essential for building trust with users.

A censorship label is splashed across an image of a man hiding behind his laptop.

TLS attacks and anti-censorship hacks

Despite safeguards in TLS 1.3, China is still censoring HTTPS communications, according to a new report. There are workarounds to this. Plus, how TLS can be used as an attack vector.

Check mark certificate in a binary tunnel / standards / quality control / certification / certifi

4 best practices for managing and tracking SSL and TLS certificates

Do you know what SSL protocols you expose to your users? Are your settings optimized for security? Have you properly deprecated older TLS certs? Here's what you need to know.

Industry 4.0 / Industrial IoT / Smart Factory / Engineer conrols robotics via tablet.

Protocol gateway flaws reveal a weak point in ICS environments

Research presented at this week's Black Hat conference highlights a new threat via protocol translation attacks and reveals 9 flaws found in protocol gateways from different vendors.

data keys encryption password by gerd altmann cc0 via pixabay

Mathematical Mesh alpha release promises better end-to-end encryption

Web pioneer proposes a new cryptographic system that relies on threshold key infrastructure to improve end-to-end encryption.

padlock / Domain Name System / DNS / ICANN / security

DNSSEC explained: Why you might want to implement it on your domain

The Domain Name System Security Extensions provide cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it.

IPv6 wireless network protocol

7 points your security team needs to know about IPv6 (but probably doesn't)

The IPv6 protocol affects the security of your network even if you haven't deployed it internally. Here are the most important points every security team needs to understand about the protocol.

A hacker targets a sitting duck  >  easy target / easy pickings / victim targeting

Enterprise internet attack surface is growing, report shows

Attackers are taking advantage of the COVID-19 crisis to exploit pre-existing and newly introduced vulnerabilities across a wide range of attack points.

scanning the internet malicious magnifying glass

Should you deploy a TLS 1.3 middlebox?

Organizations moving to the TLS 1.3 protocol must decide whether to deploy middleboxes that intercept network traffic for greater visibility, but doing so presents security and regulatory risks.

keep out sign do not tresspass privacy authentication access barbed wire by tim husser getty

What is PKI? And how it secures just about everything online

Public key infrastructure (PKI) is a catch-all term for everything used to establish and manage public key encryption, one of the most common forms of internet encryption. It is baked into every web browser in use today to secure...

servers / server racks [close-up perspective shot]

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk.

Load More