Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.

As many organizations pivot to working from home, here are some considerations for prioritizing the new security protocols.

CISA has issued an alert following the discovery of publicly available exploit code for Windows elevation of privilege flaw CVE-2020-1472.

Two high-severity bugs (CVE-2020-4703 and CVE-2020-4711) in IBM's Spectrum Protect Plus data-storage protection solution could enable remote code execution.

QR code usage is soaring in the pandemic — but malicious versions aren't something that most people think about.

Details on Friday came out around a severe privilege escalation vulnerability Microsoft patched last month in Netlogon. Now exploit code for the vulnerability, Zerologon, is making the rounds online.

Without the right reinforcements, you could be barking at the moon.

Social engineering and employee mistakes lead to breach Veteran's Administration and the National Health Service.

The pandemic-related shift to remote work and the growing availability of ransomware-as-a-service were two major drivers, CrowdStrike says.

As more organizations face disruptions, a defined approach to recovery is imperative so they can successfully recover, experts say.

Omdia Cybersecurity Accelerator analyst Eric Parizo describes how a security product integration framework (SPIF) can unify best-of-breed architectures.

The 'BLESA' flaw affects the reconnection process that occurs when a device moves back into range after losing or dropping its pairing, Purdue researchers said.

Cynet's report shares several interesting data points and findings, such as the cyberattack volume change observed in various industry sectors, the increased use of spearphishing as an initial attack vector, and the approaches being used to distribute malware…

Since the COVID-19 pandemic began, IT teams have been trying to keep up with the ever-evolving array of cyberthreats.

While the demand for cybersecurity talent rebounds, organizations will need to focus on cyber-enabled roles to fill immediate skills gaps.

Security Pro File: Award-winning computer scientist and electronic voting expert Barbara Simons chats up her pioneering days in computer programming, paper-ballot backups, Internet voting, math, and sushi.

The two hackers allegedly hacked more than 50 websites hosted in the U.S. and vandalized them with pro-Iran messages.

The Cybersecurity and Infrastructure Security Agency will become a peer of MITRE in the CVE program, likely leading to continued increases in disclosed vulnerabilities.

When cybersecurity reporter Danny Palmer found his card was apparently used on another continent, he set out to discover more.