Threats

The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.

  • Employees and Data Backup Top Cybersecurity Awareness Month Concerns

        October is National Cybersecurity Awareness Month, and as people are the weakest link in the cybersecurity chain, it’s only fitting that this year’s theme is “Do your part: Be CyberSmart.” Whether it’s unintentionally clicking on a malicious link in an email, poor password hygiene, a misconfiguration or a missed patch, human error is… Read more

  • Email Still a Major Attack Vector: Security Research

    While modern cyber threats can take different forms and delivery methods, email continues to be one of the primary approaches cyber attackers are using to exploit organizations, according to multiple research reports released in May 2019. In this monthly roundup, eSecurity Planet summarizes findings from seven different research reports — and the key lessons that… Read more

  • How Military Tactics Apply to Cybersecurity

    The modern cybersecurity landscape has often been compared to a battlefield, with adversaries and defenders alike using military-style strategy and tactics. With nation-states increasingly engaged in cyber attacks, the military analogy isn’t just a metaphor, it’s becoming a reality for how cybersecurity actually works. Among the most well known institutions in the U.S. for studying… Read more

  • IT Security Lessons from the Marriott Data Breach

    A number of data breaches have been disclosed over the course of 2018, but none have been as big or had as much impact as the one disclosed on Nov. 30 by hotel chain Marriott International. A staggering 500 million people are at risk as a result of the breach, placing it among the largest… Read more

  • IT Security Vulnerability Roundup: November 2018

      With a flood of new security flaws disclosed every month, it can be a challenge to keep up. What follows is a look at a dozen vulnerabilities that were disclosed in the past few weeks. 1. Integer Overflow Vulnerability in VMware Workstation, Fusion CVE identifier: CVE-2018-6983 CVSS Base Score: 9.8 The vulnerability: VMware Workstation and Fusion could… Read more

  • Breach and Attack Simulation: Find Vulnerabilities before the Bad Guys Do

    Despite implementing multiple solutions to create a defense in depth and following all industry best practices, some of the very best IT security directors will confess that they have a very fundamental problem: They don’t really know how well their security is working. Until recently, enterprises have had limited capabilities for assessing the damage that… Read more

  • Security Awareness Training for Employees for 2021

    Enterprises spend nearly $100 billion a year on cybersecurity, and despite sophisticated IT security defenses, one weak link – employees – remains a major vulnerability. Many attacks are stopped by firewalls, endpoint security products and advanced threat protection solutions, but somehow scammers keep getting past these and other defenses. As frustrating as it is to… Read more

  • What Is SQL Injection and How Can It Hurt You?

    In a SQL injection attack, an attacker submits to a website information that has been deliberately formulated in such a way that it results in that website misinterpreting it and taking unintended actions. More specifically, the website interprets the data submitted by the attacker as a database command, which it then executes. If the command… Read more

  • Mitigating the Memcached DDoS Threat

      Several security companies recently detected a series of massive UDP amplification attacks leveraging vulnerabilities in Memcached servers to speed up dynamic Web applications by caching data and objects in RAM. Link11 security analysts dubbed the new DDoS attack vector “Memcached Reflection,” noting that the attacks are similar to DNS reflection. “The attackers exploit the… Read more

  • How to Defend Servers Against Cryptojacking

    Cryptojacking has become one of the most active and pervasive threats in recent years. In a cryptojacking attack, a cryptocurrency mining script is injected into a server or a webpage to take advantage of the victim system’s CPU power. The first article in this series defined cryptojacking and why it is a cybersecurity risk. In… Read more

IT Security Resources

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis