Securing the managed service provider (MSP)

Managed service providers (MSPs) have become the target of attacks, as lack of aggressive security posturing has left them—and the high-value data of their clients—vulnerable. Learn how MSPs can secure against a rising tide of threats.

Read more

A week in security (September 30 – October 6)

A roundup of the latest cybersecurity news for the week of September 30 – October 6, including National Cybersecurity Awareness Month, Magecart, and more.

Read more

A week in security (August 19 – 25)

A roundup of the latest cybersecurity news for the week of August 19–25, including Magecart attacks on poker software, a new Bluetooth vulnerability, continuing ransomware attacks on US cities, Bitcoin sextortion, and a look back at one researcher’s DEF CON experience.

Read more

A week in security (July 15 – 21)

A roundup of cybersecurity news from July 15–21, including the Zoom camera vulnerability, Extenbro, Sodinokibi, Magecart, and cybersecurity challenges facing the education sector.

Read more

A week in security (June 10 – 16)

A roundup of security news from June 10–16, including MegaCortex, the latest news on privacy, the abuse of Twitter’s Lists feature, and more.

Read more

The Advanced Persistent Threat files: Lazarus Group

Lazarus Group, the threat actors likely behind the Sony breach and WannaCry outbreak, are in the news again. Here’s what you need to know about this North Korean organization, and what you should do to protect against such nation-state attacks.

Read more

The Advanced Persistent Threat files: APT10

While security companies are getting good at analyzing the tactics of nation-state threat actors, they still struggle with placing these actions in context and making solid risk assessments. So in this series, we’re going to take a look at a few APT groups, and see how they fit into the larger threat landscape—starting with APT10.

Read more

A week in security (June 4 – June 10)

A roundup of the security news from June 4 – June 10, including IoT botnets, government attacks, dodgy Wi-Fi, and more.

Read more

Perspectives on Russian hacking

Malware research analyst Chris Boyd recently had an in-depth chat with SCMagazine about Russian hacking, malware, and social engineering. Here, he summarizes some of the key findings from his discussion and the other researchers interviewed.

Read more

Threat modeling: What are you so afraid of?

There are many, many threat models available on the internet with extensive documentation on how to apply them to your organization. Most are designed to map out data flow, identify soft points in organizational processes, and assign mitigations based on specific type of probable attacker and their identified motivations. These models are great, they are thorough, and nobody ever uses them.

Read more

Select your language