Threats

The latest cybersecurity threats and news to help you protect your data, networks, applications, and devices.

  • IT Security Lessons from the Marriott Data Breach

    A number of data breaches have been disclosed over the course of 2018, but none have been as big or had as much impact as the one disclosed on Nov. 30 by hotel chain Marriott International. A staggering 500 million people are at risk as a result of the breach, placing it among the largest… Read more

  • IT Security Vulnerability Roundup: November 2018

      With a flood of new security flaws disclosed every month, it can be a challenge to keep up. What follows is a look at a dozen vulnerabilities that were disclosed in the past few weeks. 1. Integer Overflow Vulnerability in VMware Workstation, Fusion CVE identifier: CVE-2018-6983 CVSS Base Score: 9.8 The vulnerability: VMware Workstation and Fusion could… Read more

  • Breach and Attack Simulation: Find Vulnerabilities before the Bad Guys Do

    Despite implementing multiple solutions to create a defense in depth and following all industry best practices, some of the very best IT security directors will confess that they have a very fundamental problem: They don’t really know how well their security is working. Until recently, enterprises have had limited capabilities for assessing the damage that… Read more

  • Security Awareness Training for Employees for 2021

    Enterprises spend nearly $100 billion a year on cybersecurity, and despite sophisticated IT security defenses, one weak link – employees – remains a major vulnerability. Many attacks are stopped by firewalls, endpoint security products and advanced threat protection solutions, but somehow scammers keep getting past these and other defenses. As frustrating as it is to… Read more

  • What Is SQL Injection and How Can It Hurt You?

    In a SQL injection attack, an attacker submits to a website information that has been deliberately formulated in such a way that it results in that website misinterpreting it and taking unintended actions. More specifically, the website interprets the data submitted by the attacker as a database command, which it then executes. If the command… Read more

  • Mitigating the Memcached DDoS Threat

      Several security companies recently detected a series of massive UDP amplification attacks leveraging vulnerabilities in Memcached servers to speed up dynamic Web applications by caching data and objects in RAM. Link11 security analysts dubbed the new DDoS attack vector “Memcached Reflection,” noting that the attacks are similar to DNS reflection. “The attackers exploit the… Read more

  • How to Defend Servers Against Cryptojacking

    Cryptojacking has become one of the most active and pervasive threats in recent years. In a cryptojacking attack, a cryptocurrency mining script is injected into a server or a webpage to take advantage of the victim system’s CPU power. The first article in this series defined cryptojacking and why it is a cybersecurity risk. In… Read more

  • Hacking Blockchain with Smart Contracts to Control a Botnet

      TORONTO — Blockchain has been hailed by some in the technology industry as a potential method to help improve cyber security. However, security researcher Majid Malaika warns that Blockchain can potentially be abused to enable a new form of botnet that would be very difficult to take down. Malaika detailed his Blockchain-powered botnet in… Read more

  • Two Thirds of Americans Worry About Hackers, Identity Theft

      Sixty-six percent of American adults worry frequently or occasionally about being a victim of identity theft, and 67 percent worry frequently or occasionally about having their personal or financial information stolen by hackers, a recent Gallup poll of over 1,000 U.S. adults found. In comparison, just 38 percent of respondents worry about having their… Read more

  • Ransomware Insurance: Cyber Insurance May Be the Best Protection

      Many business leaders had been unaware of the severity of the ransomware problem until the WannaCry attacks in mid-2017 raised its profile significantly. In fact, ransomware has been around for several years, and has become the fastest-growing cause of cyber insurance business claims, according to data compiled by CFC Underwriting. The company says ransomware… Read more

IT Security Resources

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis