Threats
Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.
-
How DMARC Can Protect Against Phishing & Ransomware
Learn how DMARC protects users from ransomware and other threats delivered through email.
-
Email Spoofing: What it Is & How to Prevent It
Learn what email spoofing is, how it works, and key email security techniques and tools to block it.
-
Cisco Warns of Multiple Flaws in Small Business Series Switches
Cisco is warning that nine significant vulnerabilities in its Small Business Series Switches could enable unauthenticated remote attackers to cause a denial-of-service condition or execute arbitrary code with root privileges on affected devices. The vulnerabilities are caused by improper validation of requests sent to the switches’ web interfaces, the company said. While the Cisco Product…
-
How to Prevent SQL Injection: 5 Key Prevention Methods
A SQL injection is an attack on a website’s back end. Discover how to protect your website and its database from SQL injection attacks.
-
Western Digital Cyber Attack a ‘Wake Up Call for ASIC Vendors’
Update: In a statement on the extent of the data breach disclosed last month, Western Digital said it has control of its digital certificate infrastructure and is “equipped to revoke certificates as needed.” “Regarding reports of the potential to fraudulently use digital signing technology allegedly attributed to Western Digital in consumer products, we can confirm…
-
Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers
Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover.
-
ChatGPT Security and Privacy Issues Remain in GPT-4
GPT-4 has many of ChatGPT’s malicious capabilities, in some cases even enhancing them.
-
Misconfigured Registries: Security Researchers Find 250 Million Artifacts Exposed
Development teams are exposing critical data and secrets online. Here’s what to do about it.
-
Attackers Continue to Leverage Signed Microsoft Drivers
In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In a recent Mastodon post, security expert Kevin Beaumont observed, “Microsoft are still digitally signing malware…
-
How UPX Compression Is Used to Evade Detection Tools
Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that.
