Expert analysis
Exploiting common URL redirection methods to create effective phishing attacks
“Simple” can often be harder than “complex.” When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as …
Defending against Windows RDP attacks
In 2020, attacks against Windows Remote Desktop Protocol (RDP) grew by 768%, according to ESET. But this shouldn’t come as a surprise, given the massive increase in the number …
The obvious and not-so-obvious data you wouldn’t want companies to have
What types of data are companies collecting, and when does it stop serving us? Value exchange: The ultimate differentiator First, let’s start by assessing the process of …
May 2021 Patch Tuesday forecast: Spring cleaning is in order
There’s an event referred to as spring cleaning, where we take some time from our regular routines to focus on bringing order back to our homes. We remove the junk that has …
Be a “dumbass”, like some of the world’s best cyber investigators
One of my closest friends in the cybersecurity industry has had a second-to-none career path. While in the employ of an industry leader in incident response, he was …
Acting on a security risk assessment of your organization’s use of Salesforce
Salesforce isn’t rocket science, but the software has an incredible array of tools, which is why securing it demands a unique (and sometimes complex) approach. If you’re …
Are NFTs safe? 3 things you should know before you buy
NFTs, or non-fungible tokens, have captured the attention (and wallets) of consumers and businesses around the world. This is largely in part to the big price-tag sales, such …
Email security is a human issue
Research suggests that email is the most common point of entry for malware, providing access in 94% of cases, so it’s unsurprising that phishing is the root cause of 32% of …
What contractors should start to consider with the DoD’s CMMC compliance standards
Q1 2021 has been a tumultuous period in our era of cyber espionage. The Center For Strategic & International Studies (CSIS), which has been tracking “significant cyber …
Dispelling four myths about automating PKI certificate lifecycle management
The public key infrastructure (PKI) underpins the most effective strategy for securing communications between machines, network and mobile devices, virtual servers, and the …
Is it OK to publish PoC exploits for vulnerabilities and patches?
In the wake of the Microsoft Exchange ProxyLogon zero-day and F5 BIG-IP security exploits earlier this year, many are questioning if and when should researchers publish proof …
Defeating typosquatters: Staying ahead of phishing and digital fraud
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?