Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
- News21 Nov 2025
News brief: U.S. cyberdefenses take aim at foreign threats
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip17 Nov 2025
What agentic AI means for cybersecurity
Agentic AI technology promises a more autonomous and proactive approach to protecting enterprise assets. But deploying tools that require less human intervention also carries risk. Continue Reading
By- Amy Larsen DeCarlo,GlobalData
- News14 Nov 2025
News brief: Agentic AI disrupts security, for better or worse
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Feature14 Nov 2025
Black Friday poses ultimate IT stress test for CIOs
CIOs must ensure scalable systems, real-time analytics, AI-driven automation and strong collaboration to maintain performance in the face of Black Friday IT demands. Continue Reading
- News07 Nov 2025
News brief: Collaboration apps face security scrutiny -- again
Check out the latest security news from the Informa TechTarget team. Continue Reading
- News31 Oct 2025
News brief: Nation-state threats evolve and escalate
Check out the latest security news from the Informa TechTarget team. Continue Reading
- News17 Oct 2025
News brief: National cyberdefenses under mounting pressure
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip16 Oct 2025
7 top deception technology vendors for active defense
Once reserved for the most mature organizations, cyber deception technology is picking up steam on the ground and in practice. Here are seven platforms for CISOs to consider. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- Definition16 Oct 2025
What is antivirus software?
Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices. Continue Reading
By- Paul Kirvan
- Kinza Yasar,Technical Writer
- Linda Rosencrance
- Definition15 Oct 2025
What is a cloud access security broker (CASB)?
A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure. Continue Reading
By- Paul Kirvan
- Alexander S. Gillis,Technical Writer and Editor
- Dan Sullivan
- Tip09 Oct 2025
How CISOs can get out of security debt and why it matters
Like technical debt, security debt accumulates quickly, due to unpatched software, rushed security testing and poor visibility. When the bill comes due, it could mean a breach. Continue Reading
By- Ashwin Krishnan,StandOutin90Sec
- Tip08 Oct 2025
What CISOs should know about DeepSeek cybersecurity risks
DeepSeek poses significant risks to U.S. enterprises -- even those that don't greenlight it for internal use. CISOs should take steps to reduce the threat. Continue Reading
By- Jerald Murphy,Nemertes Research
- News03 Oct 2025
News brief: Cybersecurity weakened by government shutdown
Check out the latest security news from the Informa TechTarget team. Continue Reading
- News01 Oct 2025
Databricks boosts data security with AI-powered suite
With cyberattacks becoming more sophisticated, the vendor's new set of features includes agents, AI-powered dashboards and integrations with specialists. Continue Reading
By- Eric Avidon,Senior News Writer
- Tip26 Sep 2025
What to know about 5G security threats in the enterprise
Learn about key 5G security threats facing enterprises, plus practical defense strategies for CISOs. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- News26 Sep 2025
News brief: AI cybersecurity worries mount
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip22 Sep 2025
8 best practices for securing RESTful APIs
The REST architectural style helps applications communicate with each other. Be sure RESTful APIs have the protections necessary to keep attackers at bay. Continue Reading
By- Ravi Das,ML Tech Inc.
- News19 Sep 2025
News brief: KillSec, Yurei score successful ransomware attacks
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Definition12 Sep 2025
What is a stealth virus and how does it work?
A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software. Continue Reading
By- Nick Barney,Technology Writer
- Rahul Awati
- Opinion05 Sep 2025
Is storage the weak link in your cyber-resilience strategy?
While challenges exist in applying cyber resilience to storage platforms, vendors are starting to make it easier for organizations to add that needed layer of protection. Continue Reading
By- Simon Robinson,Principal Analyst
- Omdia
Intelligence and advice powered by decades of global expertise and comprehensive coverage of the tech markets.
- Tip04 Sep 2025
How to prevent and remove mobile spyware
Mobile devices can store a lot of data, from sensitive user information to work apps and files. Mobile spyware gives bad actors access to this data and brings major security risks. Continue Reading
By- Katie Fenton,Site Editor
- Tip03 Sep 2025
What Android security threats should IT know about?
IT must understand the nature of the most recent Android security issues to protect users. Learn the current top threats and where to find out about them when they emerge. Continue Reading
- Tip27 Aug 2025
How AI malware works and how to defend against it
AI malware is evolving faster than traditional defenses. Learn how attackers weaponize AI and how organizations can implement effective countermeasures. Continue Reading
By- Matthew Smith,Seemless Transition LLC
- Sharon Shea,Executive Editor
- News25 Aug 2025
System shocks? EV smart charging tech poses cyber-risks
Trend Micro's Salvatore Gariuolo talks with the Black Hat USA 2025 News Desk about how the new ISO 15118 standard for electric vehicle smart charging and vehicle-to-grid communications can be weaponized by threat actors. Continue Reading
— Dark Reading - News25 Aug 2025
Why video game anti-cheat systems are a cybersecurity goldmine
Sam Collins and Marius Muench of the University of Birmingham, UK, join the Black Hat USA 2025 News Desk to explain how anti-cheat systems in video games provide valuable lessons on defending against threat actors' techniques and strategies. Continue Reading
— Dark Reading - News25 Aug 2025
Tree of AST: A bug-hunting framework powered by LLMs
Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitations of the past. Continue Reading
— Dark Reading - Definition22 Aug 2025
What is a SIM swap attack (SIM intercept attack)?
A SIM swap attack (SIM intercept attack) is a form of identity fraud in which the attacker transfers a user's phone number to a different SIM card to gain access to the user's phone calls, text messages, bank accounts, credit card numbers and other sensitive information. Continue Reading
- News20 Aug 2025
How outer space became the next big attack surface
VisionSpace Technologies' Andrzej Olchawa and Milenko Starcik discussed a set of vulnerabilities capable of ending space missions at the Black Hat USA 2025 News Desk. Continue Reading
— Dark Reading - News20 Aug 2025
AI agents access everything, fall to zero-click exploit
Zenity CTO Michael Bargury joins the Black Hat USA 2025 News Desk to discuss research on a dangerous exploit, how generative AI technology has "grown arms and legs" -- and what that means for cyber-risk. Continue Reading
— Dark Reading - News20 Aug 2025
Agentic AI, Apple Intelligence, EV chargers: Everyday cybersecurity peril abounds
Cybersecurity risks can come from everywhere, as these riveting Dark Reading News Desk videos detail. Check out Part 1 of our broadcast coverage of the top research presented at Black Hat USA 2025. Continue Reading
— Dark Reading - News13 Aug 2025
Researchers warn of 'hidden risks' in passwordless account recovery
Passwordless authentication is becoming more common, but account recovery poses increased risks that can lead to account takeovers. It's especially dangerous because even low-skilled attackers can achieve success. Continue Reading
— Dark Reading - Conference Coverage13 Aug 2025
The latest from Black Hat USA 2025
This is your guide to the breaking news, trending topics and more from Black Hat USA 2025, one of the world's top cybersecurity conferences. Continue Reading
By- Sharon Shea,Executive Editor
- News12 Aug 2025
REvil actor accuses Russia of planning 2021 Kaseya attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack's execution. Continue Reading
— Dark Reading - News12 Aug 2025
Research shows AI agents are highly vulnerable to hijacking attacks
Experts from Zenity Labs demonstrated how attackers could exploit widely deployed AI technologies for data theft and manipulation. Continue Reading
— Cybersecurity Dive - News11 Aug 2025
Privilege escalation issue in Amazon ECS leads to IAM hijacking
A software developer discovered a way to abuse an undocumented protocol in Amazon's Elastic Container Service to escalate privileges, cross boundaries, and gain access to other cloud resources. Continue Reading
— Dark Reading - Tip08 Aug 2025
How to prevent DoS attacks and what to do if they happen
The worst DoS attacks are like digital tsunamis that put critical business operations at risk. Learn how they work, ways to stop them and how systems can withstand the flood. Continue Reading
- Feature08 Aug 2025
Experts weigh in on securing AI effectively
Using AI comes with security risks. Learn what the top attack vectors and privacy threats are, then discover how to mitigate them through proper strategy, monitoring and more. Continue Reading
By- Brenda L. Horrigan,Executive Managing Editor
- News08 Aug 2025
Black Hat news: Exposed vaults, firmware flaws, AI hacks
Check out the latest security news from the Informa TechTarget team. Continue Reading
- News07 Aug 2025
Google Gemini AI bot hijacks smart homes, turns off the lights
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence. Continue Reading
— Dark Reading - News07 Aug 2025
VexTrio cybercrime outfit run by legit ad tech firms
New research reveals that a malicious traffic distribution system (TDS) is run not by 'hackers in hoodies,' but by a series of corporations operating in the commercial digital advertising industry. Continue Reading
— Dark Reading - News07 Aug 2025
'ReVault' security flaws impact millions of Dell laptops
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems. Continue Reading
— Dark Reading - Definition07 Aug 2025
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
By- Paul Kirvan
- Kinza Yasar,Technical Writer
- Ben Lutkevich,Site Editor
- News07 Aug 2025
Critical zero-day bugs crack open CyberArk, HashiCorp password vaults
Secrets managers hold all the keys to an enterprise's kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities. Continue Reading
— Dark Reading - Tip07 Aug 2025
Prevent and manage cloud shadow AI with policies and tools
Unmanaged cloud-based AI tool use can result in data loss and reputational harm, among other risks. The time to stop and prevent cloud-based shadow AI use is now. Continue Reading
By- Dave Shackleford,Voodoo Security
- Feature06 Aug 2025
Malware vs. ransomware: What's the difference?
Ransomware is malware, but malware isn't always ransomware. It can be confusing, and the terms are sometimes used interchangeably, but the threats have distinct characteristics. Continue Reading
By- Phil Sweeney,Industry Editor
- Andy Patrizio
- Video05 Aug 2025
AI security: Top experts weigh in on the why and how
AI is everywhere, so security focus on this new technology is essential. In this podcast episode, three top security experts review the risks and discuss ways to mitigate them. Continue Reading
- Tip05 Aug 2025
8 ways to enhance data center physical security
Data center physical security is just as important as cybersecurity. Organizations can follow these eight security approaches to enhance facility access monitoring. Continue Reading
By- Damon Garn,Cogspinner Coaction
- Feature05 Aug 2025
How to prepare for post-quantum computing security
One of the biggest fears about quantum computing is its ability to easily break current encryption algorithms. Learn why and how to start making quantum security preparations. Continue Reading
By- Kyle Johnson,Technology Editor
- Tip04 Aug 2025
How to recover from a ransomware attack: A complete guide
With a ransomware recovery plan, organizations can act quickly to prevent data loss without descending into chaos. Learn the crucial steps to incorporate into your plan. Continue Reading
By- John Burke,Nemertes Research
- News01 Aug 2025
Low-code tools in Microsoft Azure allowed unprivileged access
Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers. Continue Reading
— Dark Reading - News01 Aug 2025
New 'Shade BIOS' technique beats every kind of security
What if malware didn't require an operating system to function? How would anyone possibly notice, let alone disable it? Continue Reading
— Dark Reading - Tutorial01 Aug 2025
How to use the John the Ripper password cracker
Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool. Continue Reading
By- Ed Moyle,SecurityCurve
- News01 Aug 2025
News brief: Rise of AI exploits and the cost of shadow AI
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip31 Jul 2025
How to remove ransomware, step by step
Prevention is the best weapon against a ransomware infection. But in the event of compromise, consider these responses to contain and remove ransomware. Continue Reading
- Tip30 Jul 2025
Build IT resilience to avoid paying ransomware demands
No one wants to pay the ransom after a cyberattack, but many organizations feel like they have no choice. Explore the benefits of investing in resilience over making payments. Continue Reading
- Opinion30 Jul 2025
Is post-quantum cryptography the next Y2K?
Quantum computing threatens public-key encryption, which organizations use to secure communications and data. Migrating to quantum-safe cryptography harkens back to the Y2K threat. Continue Reading
By- Jon Brown,Senior Analyst
- Omdia
Intelligence and advice powered by decades of global expertise and comprehensive coverage of the tech markets.
- Definition29 Jul 2025
What is an input validation attack?
An input validation attack is any malicious cyberattack that involves an attacker manually entering strange, suspicious or unsafe information into a normal user input field of a target computer system. Continue Reading
- News28 Jul 2025
Stop AI bot traffic: Protecting your organization's website
As crawlers and bots bog down websites in the era of AI, some researchers say that the solution for the Internet's most vulnerable websites is already here. Continue Reading
— Dark Reading - News28 Jul 2025
Malicious implants are coming to AI components, applications
A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered applications. Continue Reading
— Dark Reading - News28 Jul 2025
Human digital twins could give attackers a dangerous advantage
While this emerging impersonation technology offers many benefits, digital twins also have several drawbacks, including use in social engineering attacks. Continue Reading
— Dark Reading - News25 Jul 2025
News brief: SharePoint attacks hammer globe
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip25 Jul 2025
How to discover and manage shadow APIs
Connecting applications, especially if external-facing, with unapproved APIs is a recipe for disaster. Detecting and managing shadow APIs is vital to keeping the company secure. Continue Reading
By- Dave Shackleford,Voodoo Security
- Feature25 Jul 2025
Scam baiting explained: The internet's war on scammers
Scam baiting flips the script on digital scammers by deliberately engaging with and frustrating them. This growing practice uses social engineering as a tool against online scams. Continue Reading
- Answer24 Jul 2025
How extortionware, cyberextortion and ransomware differ
Prevention is the only line of defense against an extortionware attack. Learn how extortionware works and why it can be more damaging than ransomware. Continue Reading
By- Andrew Froehlich,West Gate Networks
- Tip23 Jul 2025
Top DevSecOps certifications and trainings for 2025
DevOps Institute, Practical DevSecOps, EXIN and EC-Council are among the organizations that offer DevSecOps certifications and trainings for cybersecurity professionals. Continue Reading
- News21 Jul 2025
Microsoft SharePoint attacks target on-premises servers
Thousands of organizations, including government agencies, running SharePoint on-premises are vulnerable after Microsoft issued a security alert warning of active attacks. Continue Reading
By- Shane Snider,Senior News Writer
- Feature18 Jul 2025
CISO role in ASM could add runtime security, tokenization
Runtime security and tokenization stand to play a bigger role in attack surface management, a development that could influence security leaders' responsibilities. Continue Reading
By- John Moore,Industry Editor
- News18 Jul 2025
News brief: Cyberattack trends signal security arms race
Check out the latest security news from the Informa TechTarget team. Continue Reading
- News17 Jul 2025
Hackers make hay? Smart tractors vulnerable to full takeover
Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an aftermarket steering system. Continue Reading
— Dark Reading - News17 Jul 2025
New AI malware PoC reliably evades Microsoft Defender
Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that. Continue Reading
— Dark Reading - News17 Jul 2025
An Nvidia container bug and chance to harden Kubernetes
A container escape flaw involving the NVIDIA Container Toolkit could have enabled a threat actor to access AI datasets across tenants. Continue Reading
— Dark Reading - Definition15 Jul 2025
What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks and data from digital threats. Continue Reading
By- Kinza Yasar,Technical Writer
- Sharon Shea,Executive Editor
- Alexander S. Gillis,Technical Writer and Editor
- Guest Post14 Jul 2025
Prompt injection attacks: From pranks to security threats
Prompt injection attacks manipulate AI systems to bypass security guardrails, enabling data theft and code execution -- yet they lack comprehensive defenses and CVE tracking. Continue Reading
By- Joshua Wright,SANS Institute
- News11 Jul 2025
News brief: Hafnium, Scattered Spider hackers arrested
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Tip09 Jul 2025
How to perform a cybersecurity risk assessment in 5 steps
When assessing cybersecurity risk, be sure to consider the scope of the project, your organization's specific assets and leadership's tolerance for risk. Continue Reading
By- Char Sample,ICF International
- Feature08 Jul 2025
Phishing prevention: How to spot, stop and respond to scams
From email scams to BEC attacks, phishing is one of the biggest fish organizations must fry. Get advice on how to identify, prevent and respond to phishing schemes. Continue Reading
By- Sharon Shea,Executive Editor
- Feature08 Jul 2025
How to implement zero trust: 7 expert steps
Zero trust means a lot more than determining how users access resources. Successful implementation takes time, commitment and ongoing support. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- Alissa Irei,Senior Site Editor
- Feature07 Jul 2025
What is the future of cybersecurity?
As cyberthreats grow more sophisticated, enterprises face mounting challenges. What does the future of cybersecurity hold, and how can organizations stay ahead? Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- Definition02 Jul 2025
What is post-quantum cryptography? Comprehensive guide
Post-quantum cryptography, also known as quantum encryption or PQC, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers. Continue Reading
By- Nick Barney,Technology Writer
- Rob Clyde,Isaca
- Alexander S. Gillis,Technical Writer and Editor
- Definition02 Jul 2025
What is a threat actor?
A threat actor, also called a malicious actor, is an entity that poses a security risk and seeks to cause harm to individuals, devices, networks or digital systems, often by exploiting vulnerabilities. Continue Reading
By- Kinza Yasar,Technical Writer
- Rahul Awati
- Ivy Wigmore
- Definition02 Jul 2025
What is an SBOM (software bill of materials)?
An SBOM (software bill of materials) is a detailed inventory of all components and software dependencies involved in the development and delivery of an application. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Sean Michael Kerner
- Definition02 Jul 2025
What is SIEM (security information and event management)?
SIEM (security information and event management) is software that helps organizations detect, analyze, and respond to security threats by collecting and correlating security event data from across the IT environment in real time. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Linda Rosencrance
- Tip02 Jul 2025
How to build a cybersecurity strategy and plan in 4 steps
A cybersecurity strategy isn't meant to be perfect, but this high-level plan must be proactive, effective, actively supported and evolving. Here are four key steps to get there. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- News30 Jun 2025
News brief: AI security threats surge as governance lags
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Video30 Jun 2025
Ransomware: Examples, prevention and mitigating the damage
Top cybersecurity experts gathered to discuss the latest threats from ransomware and how organizations, large and small, can prevent or, at least, mitigate an attack. Continue Reading
- Tip30 Jun 2025
What is attack surface management? Guide for organizations
Attack surface management can help CISOs and other cybersecurity managers address the growth in the number of potential entry points threat actors might exploit. Continue Reading
By- John Moore,Industry Editor
- Definition30 Jun 2025
What is vulnerability management? Definition, process and strategy
Vulnerability management is the process of identifying, assessing, remediating and mitigating security vulnerabilities in software and computer systems. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Sean Michael Kerner
- Feature30 Jun 2025
Enterprise cybersecurity: A strategic guide for CISOs
CISOs and others responsible for safeguarding an organization's systems, networks and data need to manage day-to-day threats while also planning strategically for what's ahead. Continue Reading
By- Phil Sweeney,Industry Editor
- Craig Stedman,Industry Editor
- Definition27 Jun 2025
What is phishing? Understanding enterprise phishing threats
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person to trick users into revealing sensitive information. Continue Reading
By- Kinza Yasar,Technical Writer
- Alexander S. Gillis,Technical Writer and Editor
- Tip27 Jun 2025
Cybersecurity skills gap: Why it exists and how to address it
The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- Definition26 Jun 2025
What is cyber resilience?
Cyber resilience is the ability of a computing system to identify, respond to and recover quickly from a security incident. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Corinne Bernstein
- Tip26 Jun 2025
12 smart contract vulnerabilities and how to mitigate them
Smart contracts execute tasks automatically when specific events occur, and they often handle large data and resource flows. This makes them particularly attractive to attackers. Continue Reading
By- Karen Scarfone,Scarfone Cybersecurity
- Michael Cobb
- Guest Post25 Jun 2025
Authorization sprawl: Attacking modern access models
Attackers exploit authorization sprawl by using legitimate credentials and SSO tokens to move between systems, bypassing security controls and deploying ransomware undetected. Continue Reading
By- Joshua Wright,SANS Institute
- Tip25 Jun 2025
Ransomware threat actors today and how to thwart them
Top experts convened on BrightTALK's 'CISO Insights' to discuss 'Ransomware 3.0' -- the current threat and what organizations, large and small, must do to thwart these bad actors. Continue Reading
- Tip25 Jun 2025
10 remote work cybersecurity risks and how to prevent them
Larger attack surfaces, limited oversight of data use, AI-driven attacks and vulnerable enterprise technologies are among the security risks faced in remote work environments. Continue Reading
- Definition23 Jun 2025
What is a SYN flood DoS attack?
A SYN flood attack is a type of denial-of-service (DoS) attack on a computer server. This exploit is also known as a 'half-open attack.' Continue Reading
By- Scott Robinson,New Era Technology
- Ben Lutkevich,Site Editor
- Tip23 Jun 2025
What is a cyberattack? 16 common types and how to prevent them
To stop cybercrime, companies must understand how they're being attacked. Here are the most damaging types of cyberattacks, how to prevent them and their effect on daily business. Continue Reading
- News20 Jun 2025
News brief: LOTL attacks, spoofed sites, malicious repositories
Check out the latest security news from the Informa TechTarget team. Continue Reading
- Definition18 Jun 2025
What is an advanced persistent threat (APT)?
An advanced persistent threat (APT) is a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Kinza Yasar,Technical Writer
- Linda Rosencrance
- Definition18 Jun 2025
What is an attack surface? Examples and best practices
An attack surface is the total number of possible entry points and attack vectors an organization or system has that are susceptible to unauthorized access. Continue Reading
By- Alexander S. Gillis,Technical Writer and Editor
- Katie Terrell Hanna
- Tip17 Jun 2025
Shadow AI: How CISOs can regain control in 2025 and beyond
Shadow AI threatens enterprises as employees increasingly use unauthorized AI tools. Discover the risks, governance strategies, and outlook for managing AI in today's workplace. Continue Reading
- Tip17 Jun 2025
How to create an SBOM: Example and free template
SBOMs provide an inventory of every component in an organization's software supply chain. Use this free downloadable SBOM template to create one for your organization. Continue Reading
- How to use the John the Ripper password cracker
- How to build a cyber-resilience culture in the enterprise
- The Change Healthcare attack: Explaining how it happened
- Risk & Repeat: Okta under fire after support system breach
- What is 6G? Overview of 6G networks & technology
- phase-locked loop (PLL)
- What is identity and access management? Guide to IAM
- What are AI agents? Types and examples
- What is time-sensitive networking (TSN) via 5G?
- What is millimeter wave (mmWave)?
- What are eMBB, URLLC and mMTC in 5G? Use cases explained
- What is Open RAN (ORAN)? Benefits and use cases
- Agentic process automation: The enterprise guide to autonomous AI workflows
- What is an intelligent agent? Definition, use cases and benefits
- 5G-Advanced features: Pervasive AI, broader reach, precision
The interim standard brings a boatload of major improvements to 5G on the way to 6G's planned release in 2030. Learn what they do...
- Private 5G for utilities: Benefits, use cases and deployment
Utilities increasingly choose private over public 5G for its superior control, flexibility and security, enabling applications ...
- Breaking down Palo Alto Networks' $3.35B Chronosphere deal
Palo Alto Networks acquired observability platform Chronosphere for $3.35 billion. The deal aims to enable AI-driven autonomous ...
- Top 12 business process management certifications for 2026
These certifications and courses can help you gain the specialized knowledge you need to bolster your credentials and ...
- Strategic IT outlook: Tech conferences and events calendar
Tech conferences are a vital way for CIOs and IT leaders to keep abreast of trends and make real-life connections in a ...
- Short-form video governance for IT leaders
Enterprises are embracing short-form video for speed and engagement, but its rise brings new complexities. CIOs must establish ...
- How IT admins can check BIOS or UEFI versions in Windows 11
Firmware, such as BIOS or UEFI, plays a crucial role in how securely a Windows device starts and operates. Organizations need to ...
- Microsoft opens Copilot agent building to office rank and file
The battle for desktop agent mindshare heats up. Microsoft is the latest to arm everyday office workers with tools to make their ...
- Set up MFA in Microsoft 365 to safeguard data
Learn how to set up multifactor authentication in Microsoft 365 to enhance security, prevent unauthorized access and protect ...
- How to import existing AWS resources into a CloudFormation stack
Transform manually created AWS resources into manageable, automated infrastructure with CloudFormation's import resource with ...
- Unlocking the cloud's potential: Strategies for migration, AI scalability and cost optimization
In today's rapidly changing tech landscape, cloud strategy is more important than ever. This guide explores how to best use your ...
- The big three grab two-thirds of $107B cloud market in Q3
Cloud dominance intensifies as AWS, Microsoft and Google capture 63% of the $107B market. AWS leads at 29%, despite erosion, ...
- Can business software empower rather than control workers?
Acclaim Autism is a US organisation that has increased employee task discretion, with an increase in insurance approvals by using...
- CCRC refers case based on third faulty Post Office system
The latest Post Office prosecution to be sent to the Court of Appeal involves a third IT system in a 2001 case, after previous ...
- Budget 2025: Extra NHS IT cash welcome, but plan lacks clarity
Industry and healthcare leaders are concerned that NHS tech funding is too focused on already approved platforms, fails to tackle...