The Windows 10 security guide: How to safeguard your business
Featured Stories
Articles about Security
Utah legislature awards two universities with $5 million for cybersecurity and tech programs
Utah Valley University and Utah State University will work with companies like Adobe and FireEye to create a pipeline of tech workers.
North Korean hackers target the South's think tanks through blog posts
Responsibility for new attacks has been laid at the feet of the Kimsuky threat group.
Comic book distributor struggling with shipments after ransomware attack
On Sunday, Diamond Comic Distributors said a ransomware attack was affecting its order processing systems and its internal communications platforms.
Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN
The issue affects multiple versions of PAN-OS 8.1 prior to 8.1.17 and Randori said it found numerous vulnerable instances exposed on internet-facing assets, in excess of 70,000 assets.
Experts tout $2 billion in cybersecurity funding in Biden's infrastructure bill
Billions of dollars in grants and funding will be provided to FEMA, CISA and the EPA to protect the country's critical systems and local governments.
Businesses don't know how to manage VPN security properly - and cyber criminals are taking advantage
Remote working has resulted in a rise in the use of corporate VPNs. But inexperience means many businesses aren't equipped to look for and patch security vulnerabilities being exploited by malicious hackers.
Healthcare security: IT pros warn of vulnerable HVAC systems, imaging machines, check-in kiosks and more
A survey of 400 IT pros found that most are concerned about the potential for data breaches and attacks leveraging medical equipment.
iPhone users don't care about sideloading
"If you want to sideload, you can buy an Android phone."
Exchange Server bug: Patch now, but multi-factor authentication might not stop these attacks, warns Microsoft
Even if an Exchange account has multi-factor authentication enabled, an attacker could use this vulnerability to compromise email accounts.
A stalker's wishlist: PhoneSpy malware destroys Android privacy
A new surveillance campaign has revealed widespread infection on Android devices.
Cybersecurity: This prolific hacker-for-hire operation has targeted thousands of victims around the world
Cybersecurity researchers at Trend Micro lift the lid on Void Balaur, a financially motivated cyber-crime group that has targeted politicians, journalists, human rights activists, medical professionals and others since 2015.
Average ransomware payment for US victims more than $6 million, survey says
A Mimecast survey of 742 cybersecurity professionals found that 80% have been targeted by ransomware over the last two years.
Rust-proofing the internet with ISRG's Prossimo
There are efforts afoot to rewrite many fundamental internet programs in Rust to make them safer to use.
Microsoft November 2021 Patch Tuesday: 55 bugs squashed, two under active exploit
This month includes fixes for zero-day flaws, some of which have been made public prior to patch release.
Singapore embraces Zero Trust: A prediction comes true
In Europe, Zero Trust went from concept to reality for many firms during 2020. APAC has been a very different story.
Yubikey Security Key C NFC
And there's a lot to like about the Yubikey Security Key C NFC, all for $29.
First look at the YubiKey Bio
YubiKey Bio builds biometric authentication into a security key
iVerify (version 17)
Everyhting you need to know about iOS and iPadOS securoty, all in one place.
OnlyKey hardware security key
This is the ultimate security key for professionals.
SoloKeys Solo V2
Durable, fully reversible connectors, encapsulated in epoxy resin, and with updatable firmware.
iVerify: Added security for iPhone and iPad users
I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download.
iStorage datAshur BT hardware encrypted flash drive
FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.
Netgear BR200 small-business router
The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be managed from anywhere you have an internet connection.
YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections
The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ports or NFC.
Apricorn Aegis Secure Key 3NXC
The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have been asking for -- USB-C support.
YubiKey 5Ci Clear Limited Edition
Transparency in security.
Certo AntiSpy iPhone Spyware Detection
Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion.
Android Smart Lock -- in pictures
Would you like to spend less time unlocking your Android smartphone? Android has you covered.
Inside an encrypted external hard drive -- in pictures
Quite a few readers have expressed an interest in seeing what's inside a super-secure DataLocker DL3 encrypted hard drive. Well, let's get the screwdrivers out and take a look!
DataLocker DL3 in pictures
External hard drive featuing AES 256-bit XTS mode encryption and a built-in LCD keypad.
Inside a ransomware gang: Beware these aggressive tactics
ZDNet Security Update: Danny Palmer talks to Mandiant's Kimberly Goody about the rise of a notorious ransomware group and how to protect against attacks.
This is ransomware's golden age: How to bring it to an end
Danny Palmer tells Beth Mauder about the findings of a new report which says we're in a 'golden era' for ransomware. Read more: https://zd.net/3EFFigt
Why the same old cyber attacks are still so successful and what needs to be done to stop them
ZDNet Security Update: Danny Palmer talks to Admiral Michael S. Rogers, Operating Partner at Team8 and former Director of the NSA and US Cyber Command, about cyber threats and the action needed to fight them.
This is what happens when you're hit by a ransomware attack
ZDNet Security Update: Danny Palmer talks to Ed Williams, Director of SpiderLabs EMEA at Trustwave, about how cyber criminals get into networks and what they actually do once inside.
Why hackers are targeting web servers with malware and how to protect yours
ZDNet Security Update: Danny Palmer talks to Zuzana Hromcová, malware researcher at ESET about the anatomy of powerful cyber attacks against web server software and how to protect against these threats.
Data breach reporting deadlines: Are they realistic?
Tonya Hall asks Matt Bradley, vice president at OnSolve, how artificial intelligence can help companies manage data breaches and other critical events.
Online health quizzes may not be so harmless
Eva Blum-Dumontet, senior researcher at Privacy International, explains to Tonya Hall what's behind those seemingly innocuous fitness and diet questionnaires you find on social networks.
What's worse: A terabit DDoS attack or triple extortion ransomware?
Tonya Hall asks Richard Hummel, manager at Netscout, about the latest cyberattack trends and why the number has skyrocketed.
No ads, no trackers: Former Google executives launch alternative search engine
Tonya Hall talks to Dr. Sridhar Ramaswamy, CEO and Co-founder at Neeva, about how a subscription-based search engine protects users' privacy and deliver better results.
Verizon plans to fight quantum attacks with these 'quantum-safe' VPNs
Daphné Leprince-Ringuet says quantum computers are a major threat to security protocols, but Verizon claims this 'quantum-safe' VPN is future-proof. Read more: https://zd.net/3hyWPOi
Digital ID systems present new opportunities – and new threats
ZDNet Security Update: Danny Palmer talks to the Alan Turing Institute's Prof. Carsten Maple about the increased use of digital identity systems such as vaccine passports -- and what's required to make them trustworthy and secure.
How not to get hacked: 3 dangerous security mistakes to avoid
Danny Palmer tells Beth Mauder about three things you should be doing to keep your online accounts secure from cyber criminals. Read more: https://zd.net/3njaVr4
cDc: Hacktivism and the origins of cybersecurity
Tonya Hall talks to Joseph Menn, author and investigative tech reporter at Reuters, about the influential Cult of the Dead Cow hacking group.
Stress in cybersecurity – why overworking information security staff is bad for everyone
ZDNet Security Update: Danny Palmer talks to John Donovan, CISO at Malwarebytes about the impact stress has on information security teams and how to help improve well-being of employees.
Why this updated ransomware-as-a-service scheme could be the next major threat to your network
Danny Palmer tells Beth Mauder about LockBit ransomware and how aggressive new techniques mean it's becoming a potent cyber threat. Read more: https://zd.net/3Btcs1n
Top Stories
-
![This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft]()
This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft
Security
-
![T-Mobile hack: Everything you need to know]()
T-Mobile hack: Everything you need to know
Security
-
![Exchange Server bug: Patch now, but multi-factor authentication might not stop these attacks, warns Microsoft]()
Security
-
![Ransomware attackers targeted this company. Then defenders discovered something curious]()
Ransomware attackers targeted this company. Then defenders discovered something curious
Security
-
![Fortinet, Shopify and more report issues after root CA certificate from Lets Encrypt expires]()
Fortinet, Shopify and more report issues after root CA certificate from Lets Encrypt expires
Security
