Password security has evolved from simple physical protections to complex, multi-factor authentication systems. Experts suggest that while traditional passwords are becoming outdated, combining them with new technologies like biometrics and passkeys offers stronger security. Future trends point towards more user-friendly yet robust methods to safeguard digital access.

The NIST Risk Management Framework, or RMF, is a voluntary 7-step process used to manage information security and privacy risks. By following the NIST RMF, organizations can successfully implement their own risk management programs, maintain compliance, and address the weaknesses that present the greatest danger to their enterprise.

As ransomware, misconfigurations, and other vulnerabilities continue to be stubborn threats to mitigate, CISA and the FBI promise election security, and the FAA is pushing for tighter regulations. Learn about these top stories and more in this week's Friday Five!

The importance of resilience and business continuity dominated conversations at Black Hat USA 2024. In this blog, security expert Antonio Sanchez shares his take on this year’s event.

Stories on rare, albeit encouraging wins against ransomware gangs took the top headlines this past week. Additionally, read about a massive breach involving Americans' sensitive data, the UN's new cybercrime treaty, and more in this week's Friday Five.

Cybersecurity experts from over 70 countries share their insights, candor, and challenges when it comes to raising the level of cybersecurity awareness in their organizations. Learn how Fortra’s Terranova Security can help.

The three CVSS 9.8 vulnerabilities included in this month’s patch drop are likely to be the first thing that catches anyone’s attention this month. All three are remote, unauthenticated code execution, the very type of vulnerability where we previously would have used the word, “wormable.”

Of the three forms of threat intelligence (strategic, operational, and tactical), tactical threat intelligence is the most directly actionable. Tactical threat intelligence also enables defenders to engage in threat hunting or root cause analysis activities when examining historical (attempted) intrusions. This is useful in detecting breaches that may have occurred, understanding the cause of a previous breach, and understanding whether a particular adversary or TTP is being attempted against your organization.

Data mining security helps safeguard mined data from unauthorized access, alteration, or disclosure throughout the mining process.

As an emerging ransomware group made headlines with their record-setting $75 million payout, Congress moves toward qualifying those groups' actions as terrorism, new attacks target ISPs and Microsoft 365 users, and more. Read more about these headlines in this week's Friday Five.

Organizations must constantly make decisions about their data. This can be challenging, especially given today’s high-frequency volume and variety.Data classification guidelines provide a structure for managing, protecting, and utilizing data effectively in an organization. By following the guidelines enumerated in this article, organizations can ensure a functional and effective data...

A data security policy is an organization's set of guidelines and rules for managing and protecting its data assets. Learn what goes into a data security policy, how to implement one, and best practices in this new blog.

You don’t know you’ve experienced a ransomware attack until you’ve been delivered the note. Understanding more about the ransomware process can help you stop the attack in the act before it escalates that far.

Cybersecurity experts offer insights into safeguarding digital assets and protection strategies. Explore the emerging role of AI in enhancing cybersecurity efforts.

Understanding how cyberattacks unfold is key to stopping them. In this blog, Fortra’s threat researchers break down the anatomy of a recent smishing campaign, revealing the tactics, techniques, and infrastructure behind the attack. The Smishing Attack The smishing text contains a banking alert about a transaction being put on hold and urges the reader...

Bottom-feeding cybercriminals are seizing new opportunities in the wake of a massive Crowdstrike outage. Meanwhile, more prominent hackers from China, North Korea, and Russia aren't showing signs of slowing down. Read up on all these stories in this week's Friday Five!