New & Notable
News
Exploitation activity increasing on Fortinet vulnerability
The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published.
Evaluate
Cloud detection and response is, and will stay, a team sport
CISOs should push for federated technologies, common processes and formal communications between teams to ensure cloud detection and response is effective and efficient.
News
JetBrains, Rapid7 clash over vulnerability disclosure policies
In a blog post this week, JetBrains argued that attacks on TeamCity customers were the result of Rapid7 publishing the full technical details of two critical vulnerabilities.
Manage
How to craft a generative AI security policy that works
The advent of generative AI threatens to poke additional holes in your cybersecurity strategy. Compiling a GenAI-based security policy to guide your responses can help.
Trending Topics
-
Data Security & Privacy News
Risk & Repeat: CISA hacked via Ivanti vulnerabilities
The compromise of two internal CISA systems comes on the heels of ongoing attacks and developments related to two zero-day vulnerabilities Ivanti disclosed in January.
-
Threats & Vulnerabilities News
Exploitation activity increasing on Fortinet vulnerability
The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published.
-
IAM News
Proofpoint: 'Hundreds' of Azure accounts compromised
Proofpoint researchers found that the attackers manipulated the MFA of compromised accounts, registering their own methods to maintain persistent access.
-
Analytics & Automation Evaluate
Top benefits and challenges of SOAR tools
To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success.
-
Network Security Get Started
The differences between inbound and outbound firewall rules
Firewalls can support both inbound and outbound firewall rules, but there are important differences between the two. Learn more about each and their uses.
-
Operations & Management Manage
How to craft a generative AI security policy that works
The advent of generative AI threatens to poke additional holes in your cybersecurity strategy. Compiling a GenAI-based security policy to guide your responses can help.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Find Solutions For Your Project
-
Evaluate
Cloud detection and response is, and will stay, a team sport
CISOs should push for federated technologies, common processes and formal communications between teams to ensure cloud detection and response is effective and efficient.
-
Cybersecurity market researchers forecast significant growth
-
Threat intelligence programs need updating -- and CISOs know it
-
Why companies need attack surface management in 2024
-
-
Problem Solve
4 types of prompt injection attacks and how they work
Compromised LLMs can expose sensitive corporate data and put organizations' reputations at risk. Learn about four types of prompt injection attacks and how they work.
-
Use cloud threat intelligence to protect critical data and assets
-
How to craft cyber-risk statements that work, with examples
-
How passwordless helps guard against AI-enhanced attacks
-
-
Manage
How to craft a generative AI security policy that works
The advent of generative AI threatens to poke additional holes in your cybersecurity strategy. Compiling a GenAI-based security policy to guide your responses can help.
-
5 PaaS security best practices to safeguard the app layer
-
IaaS security checklist for cloud customers
-
How dynamic malware analysis works
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
virus (computer virus)
A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an infected system and it often propagates to other systems, much like a biological virus spreads from host to host.
-
Get Started
Certified Information Security Manager (CISM)
Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.
-
Get Started
How data poisoning attacks work
Generative AI brings business opportunities to the enterprise but also security risks. Learn about an evolving attack vector called data poisoning and how it works.
Multimedia
-
News
View All -
Threats and vulnerabilities
Exploitation activity increasing on Fortinet vulnerability
The Shadowserver Foundation recently saw an increase in exploitation activity for CVE-2024-21762, two days after a proof-of-concept exploit was published.
-
Threat detection and response
Sophos: Remote ransomware attacks on SMBs increasing
According to new research from Sophos, small businesses are seeing a rise in threats such as remotely executed ransomware attacks, malvertising, driver abuse and more.
-
Application and platform security
LockBit attacks continue via ConnectWise ScreenConnect flaws
Coalition is latest company to confirm LockBit activity against vulnerable ScreenConnect instances. But the insurer found significant differences between previous LockBit attacks.