Threats

The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.

  • How to Defend Common IT Security Vulnerabilities

    IT security pros have never faced more threats, whether it’s from the huge increase in remote work or aggressive nation-state sponsored hackers like those involved in the SolarWinds breach. While there will always be new holes to plug, security vulnerabilities usually stem from the same few causes: unpatched vulnerabilities, misconfigurations or user error, and even… Read more

  • New TCP/IP Vulnerabilities Expose IoT, OT Systems

    Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Dubbed AMNESIA:33, these newly identified vulnerabilities include four broadly used TCP/IP stacks and have left more than 150 vendors potentially compromised. Forescout’s findings are… Read more

  • Cybersecurity Outlook 2021: Trends and Predictions

    Just when it seemed that 2020 couldn’t get any weirder, news broke that Russian state-sponsored hackers had spent much of the year exploiting vulnerabilities in SolarWinds‘ widely used Orion IT management software to hack into major federal agencies and corporations. Suddenly the year wasn’t about the massive shift toward remote work caused by the COVID-19… Read more

  • FireEye, SolarWinds Breaches: Implications and Protections

    Five days after FireEye detailed the theft of about 300 of its proprietary cybersecurity tools, SolarWinds announced that its Orion IT monitoring platform had also been compromised by hackers believed to be sponsored by the Russian government. Together, the attack that originated with a SolarWinds vulnerability turned over critical cybersecurity infrastructure to the malicious actors,… Read more

  • Tokenization vs. Encryption: Pros and Cons

    Two of the most popular methods for protecting business data are tokenization and encryption. However, choosing the one that is the best for your company requires you to consider factors like company size, security goals, cost, and your comfort level with each choice. Whichever you choose, your ultimate goal should be finding the best option… Read more

  • XDR Emerges as a Key Next-Generation Security Tool

    Corporate networks are complex, and so is the myriad of cybersecurity solutions that protect them. Trying to manage all the security tools in a comprehensive way can leave security teams overwhelmed. Extended detection and response (XDR) solutions are a new attempt to unify all those security tools. They’re designed to consolidate multiple products into a… Read more

  • Disk vs File Encryption: Which Is Best for You?

    Full disk encryption is the most commonly used encryption strategy in practice today for data at rest, but does that mean it’s sufficient to prevent unauthorized access to your data? The short answer: No. File-based encryption is another form of transparent encryption that fills in the gaps where full disk encryption falls short. Fortunately, some… Read more

  • Microsegmentation: The Next Evolution in Cybersecurity

    The explosion in remote work that followed the COVID-19 pandemic has shifted corporate models from a main-branch focus to distributed corporate networks and vastly spread out remote employees. That in turn has shifted focus away from distributed networks and technologies like SD-WAN to the edge of the network – and to technologies like zero trust… Read more

  • Apple White Hat Hack Shows Value of Pen Testers

        The best Cybersecurity Awareness Month lesson may have come from Apple, which could ultimately pay bug bounties of around $500,000 to a group of white hat hackers who found 55 vulnerabilities on Apple’s own networks, including 11 critical vulnerabilities. The main lesson is pretty simple: No one is safe, and the need for… Read more

  • Employees and Data Backup Top Cybersecurity Awareness Month Concerns

        October is National Cybersecurity Awareness Month, and as people are the weakest link in the cybersecurity chain, it’s only fitting that this year’s theme is “Do your part: Be CyberSmart.” Whether it’s unintentionally clicking on a malicious link in an email, poor password hygiene, a misconfiguration or a missed patch, human error is… Read more

IT Security Resources

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis