The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.
October is National Cybersecurity Awareness Month, and as people are the weakest link in the cybersecurity chain, it’s only fitting that this year’s theme is “Do your part: Be CyberSmart.” Whether it’s unintentionally clicking on a malicious link in an email, poor password hygiene, a misconfiguration or a missed patch, human error is… Read more
The modern cybersecurity landscape has often been compared to a battlefield, with adversaries and defenders alike using military-style strategy and tactics. With nation-states increasingly engaged in cyber attacks, the military analogy isn’t just a metaphor, it’s becoming a reality for how cybersecurity actually works. Among the most well known institutions in the U.S. for studying… Read more
A number of data breaches have been disclosed over the course of 2018, but none have been as big or had as much impact as the one disclosed on Nov. 30 by hotel chain Marriott International. A staggering 500 million people are at risk as a result of the breach, placing it among the largest… Read more
Despite implementing multiple solutions to create a defense in depth and following all industry best practices, some of the very best IT security directors will confess that they have a very fundamental problem: They don’t really know how well their security is working. Until recently, enterprises have had limited capabilities for assessing the damage that… Read more
In a SQL injection attack, an attacker submits to a website information that has been deliberately formulated in such a way that it results in that website misinterpreting it and taking unintended actions. More specifically, the website interprets the data submitted by the attacker as a database command, which it then executes. If the command… Read more
Several security companies recently detected a series of massive UDP amplification attacks leveraging vulnerabilities in Memcached servers to speed up dynamic Web applications by caching data and objects in RAM. Link11 security analysts dubbed the new DDoS attack vector “Memcached Reflection,” noting that the attacks are similar to DNS reflection. “The attackers exploit the… Read more
Cryptojacking has become one of the most active and pervasive threats in recent years. In a cryptojacking attack, a cryptocurrency mining script is injected into a server or a webpage to take advantage of the victim system’s CPU power. The first article in this series defined cryptojacking and why it is a cybersecurity risk. In… Read more