Endpoint

The latest best practices and technologies for securing endpoints.

  • Hiding Devices Using Port Knocking or Single-Packet Authorization (SPA)

    Invisibility sounds like something out of a fantasy novel, but if done properly, we can use it to hide computers, gateways, or individual PCs by implementing specific firewall techniques like port knocking or single-packet authorization (SPA). The effectiveness of the technique has a lot in common with the traditional fantasy concept of invisibility and will be…


  • Zero-Click Attacks a Growing Threat

    Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. Zero-click attacks remove this hurdle. They can compromise the targeted device despite a victim’s good security hygiene and practices. There is no need for social engineering, as the program can implant backdoors directly without forced…


  • Becoming an MSSP: Tools, Services & Tips for Managed Security Services

    The next few years will see a surge in channel spending. According to Jay McBain, an analyst at Forrester Research, spending on IT and telecommunications will be worth about $7 trillion by 2030. The channel is destined to land at least a third of that. Competition is fierce. With about half a million VARs currently…


  • 5 Trends in Patch Management

    The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked. News stories repeatedly note that the organizations impacted by breaches had often failed to install high-priority security patches from the likes of Microsoft Exchange, Fortinet, and…


  • Cybersecurity ‘Vaccines’ Emerge as Ransomware, Vulnerability Defense

    Cybersecurity vaccines are emerging as a new tool to defend against threats like ransomware and zero-day vulnerabilities. Cybersecurity firms have released “vaccines” in recent days to protect against the widely used STOP ransomware strain and the new Apache Log4Shell vulnerability. Germany-based G Data CyberDefense released software designed to trick the STOP ransomware variant into believing…


  • MITRE Expands Security Testing to Services, Deception Tools & More

    MITRE is moving beyond its well-regarded endpoint security evaluations and will soon be testing other security services and products. MITRE recently issued a call for participation for ATT&CK Evaluations for Managed Services, designed to reveal how managed security service providers (MSSPs) and managed detection and response (MDR) respond to adversarial attacks. Except unlike its Enterprise…


  • Top Secure Email Gateway Solutions

    Email is typically the channel through which ransomware and malware are unleashed upon the enterprise. Phishing scams use it to compromise networks. Executives are conned by fake emails into sending funds to the wrong places – or worse, giving up their privileged credentials. Employees are duped into clicking on malicious email attachments and links. A…


  • Cybersecurity Mesh, Decentralized Identity Lead Emerging Security Technology: Gartner

    New cybersecurity buzzwords are always in abundance at the Gartner Security & Risk Management Summit, and the concepts that took center stage this week, like cybersecurity mesh and decentralized identity, seem well suited for new threats that have exploded onto the scene in the last year. Gartner analyst Ruggero Contu noted that security risks are…


  • HTML Smuggling Techniques on the Rise: Microsoft

    Bad actors are increasingly using a technique called HTML smuggling to deliver ransomware and other malicious code in email campaigns aimed at financial services firms and other organizations, according to Microsoft researchers. In a blog post, the company’s Microsoft 365 Defender Threat Intelligence Team wrote that the highly evasive technique, which is used to deploy…


  • The Best Wi-Fi 6 Routers Secure and Fast Enough for Business

    Remote work and home offices were an afterthought until the COVID-19 pandemic. They were then vaulted to the forefront of security concerns so quickly that security and IT teams were caught off guard. Now, remote work is likely here to stay even after the pandemic is gone. That means that the temporary solutions put in…


Top Cybersecurity Companies

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis