The latest technologies and best practices to secure local, virtual, cloud, and hybrid networks.

  • Cisco: Mainstream Web Sites Are More Risky than Porn Sites

    Cisco recently published its 2013 Annual Security Report [PDF file], which states that the highest concentration of online security threats target legitimate Web sites rather than pornography, pharmeutical or gambling sites — online shopping sites are 21 times more likely to deliver malware than counterfeit software sites, and online advertisements are 182 times more likely… Read more

  • As Malware Evolves, Are AV Signatures Still Relevant?

    In the beginning of the virus era, computer users were introduced to the concept of signature-based anti-virus scanners. It’s an idea whose time may well have come and gone. “Since the 1990s people have used signature-based scanners as their primary line of defense,” said Roger Thompson, chief emerging threats researcher at ICSA Labs, a research… Read more

  • How to Avoid a Hacktivist Attack

    Last year saw a massive surge in hacktivism – hacking motivated by political and social objectives – according to Verizon’s 2012 Data Breach Investigations Report [PDF file]. The report attributed fully 58 percent of all data stolen, more than 100 million records, to hacktivists. “The most significant change we saw in 2011 was the rise… Read more

  • Anatomy of a Hack: A Case Study

    In a perfect world, we would all learn about preventing hack attacks before they happen. But sometimes the hack happens first and the lessons come second. This is the tale we are talking about today – based, in true Hollywood tradition, on a true story. The lead in this story is a mid-sized organization –… Read more

  • Metasploit Goes Phishing

    The Metasploit penetration testing framework has always been about finding ways to exploit IT, in an effort to improve defense. The new Metasploit 4.5 release from security vendor Rapid7 goes a step further than its predecessors, offering a new phishing engine and updated exploit modules. “The phishing engine is part of a larger Social Engineering… Read more

  • HootSuite Suffers Privacy Breach

    Social media management company HootSuite recently acknowledged that e-mails sent to some users to warn them that their free trial of HootSuite Pro was about to end may have also included other users’ e-mail addresses, exposing the contact information of thousands of users. “Scores of HootSuite users have taken to Twitter to voice their displeasure… Read more

  • How to Prevent Security Breaches from Known Vulnerabilities

    Why are hackers able to breach the security of so many organizations using known vulnerabilities, and what can you do minimize the risk that this happens to you? It’s an important question to ask, because consequences can be significant if a security breach leads to the theft of confidential proprietary data or loss of customer… Read more

  • 7 IPv6 Security Risks

    The rise of IPv6 could give you some severe security headaches — even if you have no current plans to implement the new networking protocol. That was the stark warning issued by Eric Vyncke, a security expert from Cisco, talking at the RSA Conference Europe in London this month. On the face of it, there… Read more

  • City of Tulsa Cyber Attack Was Penetration Test, Not Hack

    The City of Tulsa, Oklahoma last week began notifying residents that their personal data may have been accessed — but it now turns out that the attack was a penetration test by a company the city had hired. “City officials didn’t realize that the apparent breach was caused by the security firm, Utah-based SecurityMetrics, until… Read more

  • Pwnie Express Intros Power Pwn Hacking Tool

    Pwnie Express recently announced the upcoming release of the Power Pwn, a complete penetrating testing platform disguised as a surge protector. “The device is a $1,295 ‘penetration testing’ tool that will lodge remotely activated Wi-Fi, Bluetooth, and Ethernet attacks in an effort to identify network weaknesses,” writes The Verge’s Evan Rodgers. “A convenient web interface… Read more

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis