David Bisson

Contributing Editor

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

CISO November 30, 2022

How do you plan to celebrate National Computer Security Day?

3 min read - In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The history of National…

News February 9, 2022

Attackers used malicious telegram installer to distribute Purple Fox rootkit

2 min read - Threat actors leveraged a malicious Telegram installer to infect users with the Purple Fox rootkit. A case study in evasion With the help of MalwareHunterTeam, Minerva Labs looked into a malicious Telegram installer and found that it was a compiled…

News February 2, 2022

Over 1,200 phishing kits found in the wild with ability to Steal 2FA codes

2 min read - Academics discovered more than 1,200 phishing kits equipped with the ability to intercept users’ two-factor authentication (2FA) codes in the wild. Two types of 2FA phishing As noted by researchers from Stony Brook University sponsored by security firm Palo Alto…

News January 26, 2022

How a cyber criminal justice system resolves disputes

2 min read - The darknet community uses its own underground justice system to solve disputes that arise between one cyber criminal and another. Crime and punishment for cyber criminals In this underground justice system, a ‘case’ begins when two parties experience a disagreement.…

Data Protection January 24, 2022

What CISA Incident Response Playbooks Mean for Your Organization

4 min read - What does the latest U.S. federal ruling on cybersecurity mean for you? The recent executive order and U.S. Cybersecurity & Infrastructure Security Agency (CISA) commentary on it could provide a good framework for defending against ransomware and other attacks. In…

Identity & Access January 19, 2022

Don’t ditch the password yet: Countering a brute force attack

2 min read - There’s been a lot of chatter lately about moving on from passwords. But long passwords are still a good defense against some types of attacks. Brute force attack actors dedicate just a fraction of their efforts to cracking them, a…

Cloud Security January 18, 2022

3 Cloud Security Trends to Watch in 2022

3 min read - Many organizations have cloud security on their minds going into 2022. In April 2021, for instance, Gartner predicted that global end-user spending on cloud management and security services would reach $18 million the following year. That’s a growth of 30%…

Incident Response January 17, 2022

What It Takes to Build the Blue Team of Tomorrow

5 min read - A good defense takes some testing. Ethical hacking involves pitting two teams together for the sake of strengthening digital security defenses. The red team attempts to bypass digital security barriers. By doing so, they reveal both misconceptions and flaws in…

Identity & Access January 17, 2022

The State of Credential Stuffing Attacks

4 min read - Credential stuffing has become a preferred tactic among digital attackers over the past few years. As reported by Help Net Security, researchers detected 193 billion credential stuffing attacks globally in 2020. Financial services groups suffered 3.4 billion of those attacks.…

Data Protection January 12, 2022

Sabbath ransomware gang targets critical infrastructure, backups

2 min read - A ransomware gang known as Sabbath is going after critical infrastructure groups in North America. In addition, it sets itself apart by targeting backups. Backups singled out A rebrand of UNC2190, Sabbath has targeted U.S. and Canadian critical infrastructure. That…

Cloud Security January 11, 2022

Cloud Security Trends: What Is Cybersecurity Mesh?

2 min read - Have you heard of cybersecurity mesh? Some are calling it one of the more notable trends for cloud security and today’s other cyber concerns. So, what is it, and how does it work? The technology stack is breaking down as…

Incident Response January 7, 2022

5 Things New with Bug Bounty Programs

4 min read - On September 29, HackerOne announced the latest version of its Internet Bug Bounty (IBB) program. This initiative helped to coordinate the discovery of more than 1,000 security weaknesses in open-source software between 2013 and 2021. HackerOne’s latest version aims to…

Failed to load data

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

{{title}}

Topics

David Bisson

How do you plan to celebrate National Computer Security Day?

Attackers used malicious telegram installer to distribute Purple Fox rootkit

Over 1,200 phishing kits found in the wild with ability to Steal 2FA codes

How a cyber criminal justice system resolves disputes

What CISA Incident Response Playbooks Mean for Your Organization

Don’t ditch the password yet: Countering a brute force attack

3 Cloud Security Trends to Watch in 2022

What It Takes to Build the Blue Team of Tomorrow

The State of Credential Stuffing Attacks

Sabbath ransomware gang targets critical infrastructure, backups

Cloud Security Trends: What Is Cybersecurity Mesh?

5 Things New with Bug Bounty Programs

{{{title}}}

Topic updates