Internet Security

Internet Security | News, how-tos, features, reviews, and videos

A virtual checkmark in digital system / standards / quality control / certification / certificates
Security IntelligenceBy

Why it's time to shift to extended validation certificates

More than ever, a strong organizational identity is essential for building trust with users.

A censorship label is splashed across an image of a man hiding behind his laptop.
News Analysis

TLS attacks and anti-censorship hacks

Despite safeguards in TLS 1.3, China is still censoring HTTPS communications, according to a new report. There are workarounds to this. Plus, how TLS can be used as an attack vector.

Check mark certificate in a binary tunnel / standards / quality control / certification / certifi
Feature

4 best practices for managing and tracking SSL and TLS certificates

Do you know what SSL protocols you expose to your users? Are your settings optimized for security? Have you properly deprecated older TLS certs? Here's what you need to know.

Industry 4.0 / Industrial IoT / Smart Factory / Engineer conrols robotics via tablet.
News

Protocol gateway flaws reveal a weak point in ICS environments

Research presented at this week's Black Hat conference highlights a new threat via protocol translation attacks and reveals 9 flaws found in protocol gateways from different vendors.

data keys encryption password by gerd altmann cc0 via pixabay
News Analysis

Mathematical Mesh alpha release promises better end-to-end encryption

Web pioneer proposes a new cryptographic system that relies on threshold key infrastructure to improve end-to-end encryption.

padlock / Domain Name System / DNS / ICANN / security
Feature

DNSSEC explained: Why you might want to implement it on your domain

The Domain Name System Security Extensions provide cryptographic authentication to prevent redirection to rogue websites, but owners of many domains have yet to adopt it.

IPv6 wireless network protocol
Feature

7 points your security team needs to know about IPv6 (but probably doesn't)

The IPv6 protocol affects the security of your network even if you haven't deployed it internally. Here are the most important points every security team needs to understand about the protocol.

A hacker targets a sitting duck > easy target / easy pickings / victim targeting
News Analysis

Enterprise internet attack surface is growing, report shows

Attackers are taking advantage of the COVID-19 crisis to exploit pre-existing and newly introduced vulnerabilities across a wide range of attack points.

scanning the internet malicious magnifying glass
Feature

Should you deploy a TLS 1.3 middlebox?

Organizations moving to the TLS 1.3 protocol must decide whether to deploy middleboxes that intercept network traffic for greater visibility, but doing so presents security and regulatory risks.

keep out sign do not tresspass privacy authentication access barbed wire by tim husser getty
Feature

What is PKI? And how it secures just about everything online

Public key infrastructure (PKI) is a catch-all term for everything used to establish and manage public key encryption, one of the most common forms of internet encryption. It is baked into every web browser in use today to secure...

servers / server racks [close-up perspective shot]
Feature

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk.

Abstract trend lines graphing change and transformation.

Top cybersecurity facts, figures and statistics

From malware trends to budget shifts, we have the latest figures that quantify the state of the industry.

Internet of Things (IoT) / security alert / wireless network management
News

Implementation flaws make LoRaWAN networks vulnerable to attack

New report from IOActive details implementation errors that expose LoRaWAN networks to attack and provides a framework for mitigating the risk.

credit card hack financial breach stealing money traffiking financial data target by igphotography
News

Macy’s breach is a game-changing Magecart attack

The attackers customized the Magecart code to the Macy's website to steal credit card information in the wallet and new registrations.

Bingo balls read 19, 20 and 21; no. 20 at the forefront.
Feature

2020 cybersecurity trends: 9 threats to watch

Here's how your biggest threats of 2019 will likely trend for 2020 and how you might change your defensive strategy for them.

browser security
How-To

How to secure your DNS traffic under Windows

DNS traffic is prone to snooping, and it’s often far too easy for attackers to hijack and change a company’s DNS settings. These simple steps will amp up your DNS protection.

API security alerts displayed on monitors amid binary code / application security
Feature

What you need to know about the new OWASP API Security Top 10 list

APIs now account for 40% of the attack surface for all web-enabled apps. OWASP has identified 10 areas where enterprises can lower that risk.

browser security
How-To

How to lock down enterprise web browsers

Your organization's web browser is essentially your operating system for the cloud. Secure it appropriately.

VPN security vulnerabilities > VPN alert / warning / network servers
Feature

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.

train tracks converge / rails switch / paths merge / convergence / directory traversals
Feature

Directory traversal explained: Definition, examples and prevention

In a path traversal attack, also known as directory traversal, an attacker enters information in a web form, URL address line, or another input method that gives them access to a file or directory that they shouldn't have access to....

Load More
You Might Also Like
Most Popular