Threats

Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.

  • PowerShell Is Source of More Than a Third of Critical Security Threats

    PowerShell was the source of more than a third of critical threats detected on endpoints in the second half of 2020, according to a Cisco research study released at the RSA Conference today. The top category of threats detected across endpoints by Cisco Secure Endpoint was dual-use tools leveraged for exploitation and post-exploitation tasks. PowerShell…

  • The Microsoft Exchange Attack Saga Continues

    With companies and organizations under siege on so many fronts over the past year, the last thing internal IT departments needed was another daunting challenge to grapple with.  Yet for those enterprises that host their own Microsoft Exchange environments, a collection of four recently discovered exploits involving the Exchange Server software has added another layer…

  • SolarWinds Hack Defenses: Protecting Against ‘Solorigate’ TTPs

    A March 2020 software update of the SolarWinds Orion management platform gave malicious actors unhindered access to key government and enterprise networks. Microsoft has dubbed the infamous supply chain compromise of SolarWinds as “Solorigate.” In December, eSecurity Planet detailed FireEye’s initial findings, implications for the industry, and how to mitigate similar attacks. Since then, much…

  • Automating Security Risk Assessments for Better Protection

    Protecting your organization from IT security risks is an ongoing, fluid task. Proactively identifying, mitigating and remediating security threats is one of the biggest challenges today’s global businesses face. As a savvy tech leader, you are likely hyperfocused on performing security risk audits to keep your networks strong and protected. Automated security risk assessments can…

  • How to Defend Common IT Security Vulnerabilities

    IT security pros have never faced more threats, whether it’s from the huge increase in remote work or aggressive nation-state sponsored hackers like those involved in the SolarWinds breach. While there will always be new holes to plug, security vulnerabilities usually stem from the same few causes: unpatched vulnerabilities, misconfigurations or user error, and even…

  • New TCP/IP Vulnerabilities Expose IoT, OT Systems

    Forescout Research Labs last month released a 14-page white paper and a 47-page research report detailing 33 vulnerabilities affecting millions of Internet of Things (IoT), Operational Technology (OT), and IT devices. Dubbed AMNESIA:33, these newly identified vulnerabilities include four broadly used TCP/IP stacks and have left more than 150 vendors potentially compromised. Forescout’s findings are…

  • Cybersecurity Outlook 2021: Trends and Predictions

    Just when it seemed that 2020 couldn’t get any weirder, news broke that Russian state-sponsored hackers had spent much of the year exploiting vulnerabilities in SolarWinds‘ widely used Orion IT management software to hack into major federal agencies and corporations. Suddenly the year wasn’t about the massive shift toward remote work caused by the COVID-19…

  • FireEye, SolarWinds Breaches: Implications and Protections

    Five days after FireEye detailed the theft of about 300 of its proprietary cybersecurity tools, SolarWinds announced that its Orion IT monitoring platform had also been compromised by hackers believed to be sponsored by the Russian government. Together, the attack that originated with a SolarWinds vulnerability turned over critical cybersecurity infrastructure to the malicious actors,…

  • Tokenization vs. Encryption: Pros and Cons

    Two of the most popular methods for protecting business data are tokenization and encryption. However, choosing the one that is the best for your company requires you to consider factors like company size, security goals, cost, and your comfort level with each choice. Whichever you choose, your ultimate goal should be finding the best option…

  • XDR Emerges as a Key Next-Generation Security Tool

    Corporate networks are complex, and so is the myriad of cybersecurity solutions that protect them. Trying to manage all the security tools in a comprehensive way can leave security teams overwhelmed. Extended detection and response (XDR) solutions are a new attempt to unify all those security tools. They’re designed to consolidate multiple products into a…

Get the free newsletter

Subscribe to Cybersecurity Insider for top news, trends & analysis

This field is required This field is required

IT Security Resources

Top Cybersecurity Companies

See Full List