Phishing comes in many forms, from spear phishing, whaling and business-email compromise to clone phishing, vishing and snowshoeing. Here's how to recognize each type of phishing attack.
Fahmida Y. Rashid |
27 Oct |
Read more
Security startup Cymmetria has put together a tool and a framework to help security defenders hack back legally as part of incident response activities.
Fahmida Y. Rashid |
25 Oct |
Read more
Yes, password length and complexity matter, but only if you apply those qualities to the proper security context.
Fahmida Y. Rashid |
03 Oct |
Read more
Cyber criminals have the most to gain by taking ownership of bank, brokerage and retirement accounts using people’s PII. Are traditional authentication systems obsolete?
Fahmida Y. Rashid |
12 Sep |
Read more
Enterprises that rely on the DNSSEC protocol need to update their name servers before Oct. 11 with the new root zone key signing key or risk having DNSSEC validations fail.
Fahmida Y. Rashid |
12 Sep |
Read more
Amazon promises AWS S3 customers that they will be able to identify and protect sensitive data faster with Macie, but is it enough to catch up to what Microsoft and Google offers?
Fahmida Y. Rashid |
17 Aug |
Read more
Bad actors using typo-squatting place 39 malicious packages in npm that went undetected for two weeks. How should the open source community respond?
Fahmida Y. Rashid |
08 Aug |
Read more
As more companies adopt better encryption practices, cyber criminals are turning to SSL/TLS vulnerabilities to deliver malicious attacks.
Fahmida Y. Rashid |
02 Aug |
Read more
Oracle hasn’t been “just” a database company in a long time, and nowhere is that more evident than in its quarterly critical patch update release, where the bulk of the fixes are in business applications like PeopleSoft and E-Business Suite.
Fahmida Y. Rashid |
21 Jul |
Read more
Human error is one of the top reasons for data breaches in the cloud, as administrators forget to turn on basic security controls. Whether it is Amazon Web Services, Microsoft Azure, or Google Cloud Platform, keep these rules in mind to secure your cloud workloads.
Fahmida Y. Rashid |
19 Jul |
Read more
The realities of managing and protecting IT infrastructures puts IT and security personnel in a no-win situation when attacks like WannaCry or ExPetr occur, so stop blaming them.
Fahmida Y. Rashid |
29 Jun |
Read more
Qualys shows that attackers can locally exploit the privilege escalation vulnerability to gain root access over Linux, Solaris and BSD machines. This is bad news for Unix-based servers, and even more so for multi-tenant environments.
Fahmida Y. Rashid |
21 Jun |
Read more
The security whodunnit: analyzing the language used in an attack is just one tool to assign attribution, and it’s not always reliable.
Fahmida Y. Rashid |
13 Jun |
Read more
Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and data stores are being configured.
Fahmida Y. Rashid |
12 Jun |
Read more
You can reduce potential damage by paying attention to when attackers are most likely to strike.
Fahmida Y. Rashid |
08 Jun |
Read more