Researchers Discover Second rTorrent Vulnerability Campaign

This time attackers appears to have spoofed the Recording Industry Association of America (RIAA) and New York University (NYU) user-agents.

DHS Helps Shop Android IPS Prototype

A MITRE-developed intrusion prevention system technology got showcased here this week at the RSA Conference.

70% of Energy Firms Worry About Physical Damage from Cyberattacks

High-profile ICS attacks Triton/Trisis, Industroyer/CrashOverride, and Stuxnet have driven energy firms to invest more in cybersecurity, survey shows.

The Role of KPIs in Incident Response

Using KPIs can have a positive impact on the tactical and strategic functions of a security operations program.

Enabling Appropriate User Access in a “Zero Trust” World

Bill Mann, Chief Product Officer at Centrify, suggests some strategies for securing today's perimeter-less enterprise environments - including stronger enforcement of well-defined policies for user access, integration of security into DevOps processes,...

Leveraging Threat Intelligence across Infosec Roles

Allan Liska, Senior Security Architect at Recorded Future, believes everyone in the infosec team - including vulnerability management and threat response staff - can take greater advantage of available threat intelligence to more effectively and effici...

Practically Applying Threat Intelligence to Your Business

Travis Farral, Director of Security Strategy at Anomali, believes cybersecurity teams can operate much more efficiently by better identifying the specific threats that endanger their environment - and by better understanding the potential impacts of th...

Stopping Bots and Credential Stuffing: A Smarter Strategy

Patrick Sullivan, Senior Director Security Strategy at Akamai Technologies, explains why cybersecurity teams need better mechanisms for controlling bot activity - and why all bots are not created equal.

Cyber War Game Shows How Federal Agencies Disagree on Incident Response

Former officials at DHS, DOJ, and DOD diverge on issues of attribution and defining what constitutes an act of cyber war.

Optimizing the Security Awareness of Your End-Users

End-users can be the weakest link in your infosec defense. But according to KnowBe4 founder and CEO Stu Sjouwerman, there is something you can do about that - if you implement the right behavioral diagnostics and focus your training needs on individual...

Beating Zero-Payload/Fileless Attacks with Unified EPP/EDR

To cope with today's fileless endpoint attacks - especially those that aren't precisely similar to previously known exploits - Tomer Weingarten and Nicholas Warner of SentinelOne suggest a unified EPP/EDR approach that includes visibility into the dang...

Keeping the Business Safe Across Hybrid Cloud Environments

Aggressive cloud adoption increases threat surface and makes it more difficult for infosec teams to keep track of what the business is doing. Donald Meyer, Head of Data Center and Cloud at Check Point Software, explains how infosec teams can more effec...