Spear phishing is the common trigger to many of the most popular - and successful - targeted attacks. How can organizations improve their defenses to better spot - and stop - spear phishing?
Spear phishing and messaging-based threats tend to be the first attack vector that criminals are using today in targeted...
The browser is the window to the web. But what's going in the background during that browsing is opaque to most users. A new experiment shows how the computing power of tens of thousands of computers could be unknowingly harnessed to crack passwords, harvest cryptocurrencies or conduct DDoS attacks.
2017's attacks will only increase in scale and scope in 2018. Organizations need to prepare now to defend against the next evolution of web application layer, credential abuse, and DDoS attacks.
Download this whitepaper and learn about:
DDoS trends for 2018;
The role IoT will play;
Ways to protect your APIs.
If the website is the front door, the API is the back door. And a lot of times that back door is left unlocked, which is problematic because an API drives a multitude of user experiences.
Download this whitepaper and learn:
Specific steps organizations can take to improve API security and performance;
Internet of things security alert: An attacker has been attempting to infect hundreds of thousands of Huawei home routers with a variant of the notorious Mirai malware called Satori, security researchers warn. Huawei has confirmed the flaw and issued patches and workarounds for affected users.
Crowdsourced cybersecurity, specifically bounty-based collaboration between organizations and white-hat hackers, is a burgeoning method of security reinforcement utilized by tech giants such as Google, Apple, and Microsoft, as well as other major companies in recent years.
Instead of awaiting a malicious breach,...
During the past year alone, we've witnessed a number of devastating cyber attacks, from the massive Equifax breach to the seemingly never-ending Yahoo! breach.
The 2nd annual Inside the Mind of a Hacker report was created to shed light on the makeup of the bug hunting community and gain insight and understanding into...
A 21-year-old man appeared in British court this week to face 11 charges, including using DDoS attacks to disrupt sites run by Google, Pokemon and Skype, as well as money laundering and selling malware and "crypting services."
DataBreachToday Executive Editor Mathew J. Schwartz's examination of the growing threats facing the critical energy sector leads the latest edition of the ISMG Security Report. Also in this report: A discussion of safeguarding the telehealth marketplace.
Security companies are warning that a global attack using compromised IoT devices may be coming soon. Check Point says one million organizations are running a device infected with IoTroop, also known as Reaper, which is botnet code that perhaps is related to Mirai but spreads in a much different way.
The FBI is asking all U.S. victims of DDoS attacks to please come forward. The bureau's plea for more information from cyberattack victims parallels similar requests made this week by British authorities speaking at ISMG's Fraud and Breach Prevention Summit in London.
Dark web vendors offer a wide range of technological crime. From distributed denial of service (DDoS) attacks to pre-recorded phone calls, there is a myriad of knowledge and listings for hacking & exploits.
In addition to materials for sale, the dark web is also home to a variety of forums designed to build...
CISOs have plenty to keep them up at night. With data breaches, ransomware incidents and system compromises, security leaders are forced to find ways to beat threats without slowing their pace of business. If they fail to effectively manage those risks, their organizations can face huge consequences.
Admitted Mirai malware attacker Daniel Kaye has been extradited from Germany to the United Kingdom, where he faces charges that he launched DDoS attacks and extortion attempts against the U.K.'s Lloyds Banking Group and Barclays banks.
Organizations share common concerns and frustrations about security incident response. The scope of what you need to protect has expanded significantly - more users, more endpoints, more everything. At the same time, internal and external scrutiny has skyrocketed due to the increasing coverage of large scale security...