Blog / Jul 24, 2018
Rental scams are getting more sophisticated and are making it harder for legitimate landlords and renters to find each other.
Article / Jun 29, 2018
BackSwap demonstrates unique behavior in its manipulation of user input fields and its handling of International Bank Account Numbers (IBANs).
Blog / May 4, 2018
US-CERT TL18-106A alert underscores how insecure Internet systems really are and that ignoring the problem only increases the collateral damage.
Blog / May 2, 2018
When it comes to tallying the total cost of a data breach, lawsuits figure prominently, alongside repair costs, loss of reputation and sales, compliance penalties, and operational downtime.
Report / Mar 13, 2018
IoT attacks show no signs of decreasing while infected IoT devices go un-remediated, and discovery of new thingbots is at a decade-long high.
Blog / Jan 10, 2018 (MODIFIED: Jan 15, 2018)
Every week, another bug, vulnerability, or exploit is released—we need a multi-layered security strategy to deal with threats like Spectre and Meltdown.
Blog / Jan 4, 2018 (MODIFIED: Jan 18, 2018)
With Mirai rearing its ugly head again, we’re revealing its C&C hostnames so organizations can update their blacklists and protect themselves.
Article / Jan 3, 2018 (MODIFIED: Jan 25, 2018)
A new Python-based botnet that mines Monero spreads via SSH and leverages Pastebin to publish new C&C server addresses.
Blog / Dec 27, 2017 (MODIFIED: Jan 15, 2018)
Bleichenbacher attacks will likely continue to pop up until TLS 1.3 is fully adopted, which could take years.
Article / Dec 15, 2017 (MODIFIED: Jan 18, 2018)
Zealot Apache Struts campaign targets vulnerabilities in Windows, Linux, and DotNetNuke, then uses leaked NSA exploits to mine Monero on internal networks.
Blog / Nov 30, 2017 (MODIFIED: Jan 3, 2018)
How this cloud startup met its goals for security and availability right out of the gate by setting goals, doing a risk analysis, and examining tradeoffs.
Blog / Nov 21, 2017 (MODIFIED: Dec 27, 2017)
Seriously, how many colors are there? And how many of us share the same love of one of those limited choices?
Report / Nov 16, 2017 (MODIFIED: Jan 4, 2018)
Learn about the tricks attackers use to dupe unsuspecting users and how you can help protect them—and your organization.
Blog / Nov 7, 2017 (MODIFIED: Dec 15, 2017)
As the possibility of quantum computing draws nearer, changes to today’s TLS key exchange algorithms will be required.
Blog / Oct 19, 2017 (MODIFIED: Nov 30, 2017)
When it comes to IoT threats, we’re nowhere near being out of the woods yet; we’ve just barely entered the forest.
Blog / Oct 17, 2017 (MODIFIED: Nov 26, 2017)
Combating this vulnerability might mean you have to force updates on employees’ personal devices or deny them access altogether.
Blog / Oct 12, 2017 (MODIFIED: Nov 7, 2017)
Organizations need to provide clear and specific guidance to employees who travel across national borders when it comes to giving up passwords and surrendering devices.
Blog / Sep 28, 2017 (MODIFIED: Oct 24, 2017)
Stop feeding attackers every piece of the puzzle they need to pull off their scams.
Article / Sep 14, 2017 (MODIFIED: Oct 17, 2017)
TrickBot released a new worm module, shifted its focus towards the US, and soared past the one thousand target URLs mark in a single configuration.
Blog / Sep 7, 2017 (MODIFIED: Dec 29, 2017)
Organizations often overlook the many ways in which their own systems put useful information right into the hands of attackers building cyber scams.