Phishing

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

Asia and Middle East a hotbed of new threat actors in Q1, 2018

Kaspersky Lab’s latest quarterly threat intelligence summary reveals a wave of new APT activity based mainly in Asia and the Middle East, with a number of new techniques used by actors.

Microsoft announces security innovations to help manage threats from cloud to edge

Amid evolving digital threats, an innovative IoT security solution, integrated threat intelligence and advanced protection in Microsoft 365 help simplify cybersecurity for businesses.

The clearer the CSO role, the easier to get budget approved: Mushtaq Ahmed, CSS Corp

For an organization to be secure from any cyber threats, investments should be made in technology, people, and policy, says Mushtaq Ahmed of CSS Corp.

What is DNS and how does it work?

The Domain Name System resolves the names of internet sites with their underlying IP addresses adding efficiency and even security in the process.

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

Sophos introduces Phish Threat attack simulator and training solution

xPhish Threat simplifies a key part of an organizations security strategy- employee awareness and training.

SonicWall launches Capture Cloud platform to expand cybersecurity portfolio

SonicWall also is introducing new and enhanced products in its portfolio of hardware, virtual appliances and endpoint clients.

Want to hack a voting machine? Hack the voting machine vendor first

How password reuse and third-party breaches leave voting machine vendors vulnerable to attack.

Trend Micro detects and blocks 3.4mn high-risk email threats in 2017

Cloud App Security managed to detect over 50,000 ransomware and 3,000 BEC threats in the last three quarters of 2017.

The future of computer security is machine vs machine

Better security automation at the OS level and via cloud services will force hackers to respond in kind.

Will see more industry-specific rules for data privacy in 2018: Rishi Rajpal, Concentrix 

Proactive monitoring and maturing our SOC operations using external intelligence and fine-tuning will be one of our focus areas, says Rishi Rajpal, Director-Global Security, Concentrix.