Information security is a set of practices intended to keep data secure from unauthorized access or alterations. Here's a broad look at the policies, principles, and people used to protect data.
Josh Fruhlinger |
17 Jan |
Read more
False flags are a favourite technique of cyber attackers connected to Russian intelligence, but they don't have a monopoly on the practice.
Josh Fruhlinger |
21 Jan |
Read more
Cybersecurity is the practice of defending computers, networks, and data from malicious electronic attacks. Learn the skills, certifications and degrees you need to land a job in this challenging field.
Josh Fruhlinger |
05 Dec |
Read more
EDR is a category of security tools that monitor end-user hardware devices across a network for a range of suspicious activities and behaviour.
Josh Fruhlinger |
08 Nov |
Read more
In late 2018, the Marriott hotel chain announced that one of its reservation systems had been compromised, with hundreds of millions of customer records, including credit card and passport numbers, being exfiltrated by the attackers.
Josh Fruhlinger |
30 Sep |
Read more
A worm is a form of malware (malicious software) that operates as a self-contained application and can transfer and copy itself from computer to computer.
Josh Fruhlinger |
06 Aug |
Read more
A computer virus is a form of malicious software that piggybacks onto legitimate application code in order to spread and reproduce itself.
Josh Fruhlinger |
16 Jul |
Read more
A Trojan horse is a type of malware that can wreak havoc on computer networks — but only with your unwitting help.
Josh Fruhlinger |
20 Jun |
Read more
Public key infrastructure (PKI) is a catch-all term for everything used to establish and manage public key encryption, one of the most common forms of internet encryption. It is baked into every web browser in use today to secure traffic across the public internet, but organizations can also deploy it to secure their internal communications.
Josh Fruhlinger |
14 Jun |
Read more
Opsec, which stands for operations security, is a process by which organizations assess and protect public data about themselves that could, if properly analyzed and grouped with other data by a clever adversary, reveal a bigger picture that ought to stay hidden.
Josh Fruhlinger |
08 May |
Read more
A honeypot is a system designed to lure hackers into revealing their origins and techniques, and they're used by security researchers and corporate IT alike.
Josh Fruhlinger |
01 Apr |
Read more
Digital forensics is the application of scientific investigatory techniques to digital crimes and attacks. Think beyond the awful (and justly cancelled) TV show CSI Cyber; digital forensics is a crucial aspect of law and business in the internet age and can be a rewarding and lucrative career path.
Josh Fruhlinger |
25 Jan |
Read more
The chief information security officer (CISO) is the executive responsible for an organization's information and data security. Learn what it takes to land a CISO job and how to be successful in the role.
Josh Fruhlinger |
14 Jan |
Read more
Catch a glimpse of what flourishes in the shadows of the internet.
Josh Fruhlinger |
23 Nov |
Read more
How the OPM hack happened, the technical details, and a timeline of the infiltration and response.
Josh Fruhlinger |
06 Nov |
Read more