7 threat detection challenges CISOs face and what they can do about it
Security operations (SecOps) teams continue to be under a constant deluge of new attacks and malware variants. In fact, according to recent research, there were over 170 …
Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April …
CMS-based sites under attack: The latest threats and trends
Payment card skimmers are becoming more common in exploit kits affecting WordPress websites and attackers are spending more time customizing them to avoid detection, …
How to recruit cybersecurity talent from atypical backgrounds
In this interview with Help Net Security, Max Shuftan, Director of Mission Programs & Partnerships at SANS Institute, talks about how companies and the cybersecurity …
US critical infrastructure operators should prepare for retaliatory cyberattacks
US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. The warning “Most of America’s …
Qualys platform study: Log4Shell, the menace continues
The anatomy of Log4Shell By now, we are all familiar with the fact that Log4Shell is just about as critical as a critical vulnerability can get – scoring a 10 out of 10 on the …
Take a walk on the client side: The importance of front-end JavaScript security assessments
As e-skimming, Magecart, and other types of front-end attacks grow in frequency and severity, businesses are faced with finding ways to protect the front-end (i.e., client …
70% of financial service providers are implementing API security
Financial service providers, such as banks and credit card companies, use a vast amount of APIs, which makes them an attractive target for threat actors. That’s why API …
How do I select a CDR soluton for my business?
In the process of file sharing, what is essential for every organization is to make sure malware doesn’t tag along, and this is where a content disarm and reconstruction …
How to keep your medical device IP safe from cyber attacks
Guarding intellectual property (IP) has always been a priority for medical device manufacturers as competitors and even nation states are constantly trying to compromise or …
How configuration assessments help improve cyber defenses
There’s an old adage in business; if you’re not measuring something, you can’t manage it. These days, information technology (IT) and information security …
Disaster recovery is critical for business continuity
Business continuity (BC) and disaster recovery (DR) efforts go hand in hand in this digitized world of ours. The former is focused on maintaining business operations rolling …