Advertisement

Fraud / deception / social engineering  >  A wolf in sheep's clothing in a binary environment.

10 signs you're being socially engineered

Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs.


reno maglitto channel and alliance director apac netskope.2

Channels are true evangelists of cloud security: Reno Maglitto

Reno Maglitto, Channel and Alliance Director APAC, Netskope on CASB market, the channel ecosystem and Netskope’s USP for securing organizations’ cloud presence.


DDOS attack

Misconfigured WS-Discovery in devices enable massive DDoS amplification

Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible.


Advertisement

Botnet Trouble / Botnet army

Secrets of latest Smominru botnet variant revealed in new attack

Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack.


Credential theft  > A thief steals a password.

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them.


Two business people shake hands with a third at a meeting, surrounded by question marks.

6 questions candidates should ask at every security job interview

The cybersecurity skills shortage means security pros can be picky about where they work. Here's how to suss out bad employers.


network security / network traffic scanning

Review: Blue Hexagon may make you rethink perimeter security

This fully functional, fully trained cybersecurity tool is ready on day 1 to spot threats on whatever network it’s charged with protecting.


Email encryption  >  A key + a three-dimensional 'at' symbol bearing a series of locks.

The top 5 email encryption tools: More capable, better integrated

Most of the email encryption solution vendors have broadened the scope of their products to include anti-phishing, anti-spam, and data loss prevention (DLP).


golden egg / nest / numbers / precious value / worth / growth

Three strategies to prove security's value

How CISOs can identify and quantify security’s value in real dollars


shadow flashlight shadowy investigation

Shining light on dark data, shadow IT and shadow IoT

What's lurking in the shadows of YOUR organization? What you don't know can hurt you. Insider Pro columnist Mike Elgan looks at how your business is at risk and offers six steps to minimize it.


Advertisement

financ credit pos

What is PSD2? And how it will impact the payments processing industry

The EU’s revised Payment Services Directive (PSD2), which include multifactor authentication for online European payment card transactions, will have a ripple effect on the payments processing industry in the U.S. and elsewhere.


Let's Encrypt automated encryption gears
Cybersecurity Snippets

SOAPA vs. SOAR: How these security terms differ

SOAPA and SOAR are vastly different. Security orchestration, automation, and response (SOAR) tools represent a component of a security operations and analytics platform architecture (SOAPA).


Brexit / privacy  >  Binary data + a U.K. umbrella drifting away on a sea branded with an E.U. flag

Privacy Shield and Brexit: What now? What next?

Once the UK leaves the European Union, companies on both sides of the Atlantic will need to act to ensure compliant data flows between the UK and US under Privacy Shield.


cybersecurity controls

The 5 CIS controls you should implement first

The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.


Cyber insurance  >  Umbrella hub protecting connected devices + online activities in binary world.

Implementing a successful cyber insurance program: Key steps and considerations

In a first, a Black Hat micro summit explains how insurers assess risk to write cyber insurance policies as more organizations seek to indemnify themselves against potential breach losses.