As governments, businesses, and organizations increasingly rely on digital systems, cyberattacks have become more systematic and widespread. These coordinated attacks can disrupt a country’s operations just as much as a physical offensive, making it crucial to understand their possible impact.…
Category: Information Security Buzz
Strengthening Healthcare Cybersecurity: Lessons from Recent Supplier Attacks
The global healthcare system has become increasingly integrated with third-party medical suppliers in recent years. These suppliers are vital in providing essential services, medical equipment, pharmaceuticals, and digital tools that healthcare organizations depend on to operate efficiently. However, while these…
Payment Gateway Breach Exposes 1.7 Million Customers
A significant data breach at the payment gateway provider SLIM CD has exposed over 1.7 million customers to the risk of identity theft and financial fraud. The breach, which took place between August 2023 and June 2024, compromised sensitive personal…
The Role of SIEM in Regulatory Compliance
Organizations of every size and in every industry must adhere to stringent compliance standards. Regulations like the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), and the Payment Card Industry Data Security Standard (PCI DSS)…
Advanced surveillance is key to countering emerging global threats
Almost 80 years ago, George Orwell coined the phrase “Big Brother is watching you” in his dystopian thriller, 1984. Even he couldn’t image the advances and capabilities in surveillance that are prevalent today. Geopolitical unrest and extremist ideology are a…
Predator Spyware Resurfaces: Renewed Threats and Global Implications
Intellexa’s Predator spyware is back. After facing sanctions and exposure by the US government, the scourge appeared to decline. However, recent findings from Insikt Group, the threat research arm of cyber security company Recorded Future, reveal that Predator’s infrastructure is…
Prevalent, Indigocube Security Partner to Elevate Third-Party Risk Management Solutions in SA
Prevalent, a third-party risk management solutions provider, has partnered with Indigocube Security, a cybersecurity consultancy in SA. This collaboration aims to enhance the way organizations in SA manage and mitigate third-party risks, offering comprehensive solutions that enhance security, resilience, and…
Tropic Trooper Expands Targeting: Middle East Government Entity Hit in Strategic Cyber Attack
Kaspersky has discovered that an advanced persistent threat (APT) group, Tropic Trooper, also known as KeyBoy and Pirate Panda, has been linked to a series of targeted attacks on a government entity in the Middle East. This is a strategic…
Bitdefender Debuts Security Solution for YouTube Content Creators and Influencers
Bitdefender has unveiled Bitdefender Security for Creators, a service specifically designed for digital content producers, online creative professionals, and social media influencers who are prime targets for account takeovers, fraud, and other cybercrimes. Initially the new offering protects YouTube accounts with…
A Deep Dive into IoT Communication Protocols
The Internet of Things (IoT) has revolutionized the way devices interact and share information. IoT communication protocols are at the heart of this technological advancement – the rules and standards that enable diverse devices to communicate effectively. This article explores…
New PyPI Supply Chain Attack Technique Puts 22,000 Packages at Risk
A newly discovered PyPI hijack technique called “Revival Hijack” has been exploited in the wild, posing a significant threat to thousands of Python packages. Identified by JFrog’s security research team, the method takes advantage of a loophole in the PyPI…
Double Trouble: DOJ Exposes Russian AI-Powered Disinformation
The US Department of Justice has disrupted a covert Russian government-sponsored influence operation targeting audiences within its borders and other nations. The operation, dubbed “Doppelganger,” involved using influencers, AI-generated content, and paid social media advertisements to spread disinformation aimed at…
The Six Most Dangerous New Threats Security Teams Need to Know About
The rise of AI presents both extraordinary opportunities and intimidating challenges in cybersecurity. While AI can easily identify and exploit vulnerabilities, deploying it without robust security measures introduces significant risks. As the technology evolves, many organisations prioritise AI innovation at…
Phishing Remains Top Cyber Threat Despite Drop in Incidents
Phishing remains the most common cyber threat, representing 37% of incidents in Q3 2024. However, incidents of credential exposure have increased to almost 89%, raising concerns about data security risks across industries, according to the latest report by ReliaQuest on…
Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility
Cisco has warned of multiple critical vulnerabilities in its Smart Licensing Utility, potentially enabling unauthenticated, remote attackers to collect sensitive information or gain administrative control over the software. The vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, can be found in several…
Can Every Business Afford to Be a Target?
As malicious actors increasingly create cybercriminal business models, small and medium-sized businesses (SMBs) face a changing cyber threat landscape. Today, being a cybercriminal no longer requires advanced technical skills, expanding the number of attackers and their attack capabilities. Unlike larger…
Webinar: Unveiling Hidden APIs and Securing Vulnerabilities in the Healthcare Sector
The healthcare industry is a magnet for cybercriminals, and it’s easy to see why. First, the treasure trove of personal health information (PHI) is incredibly valuable—from detailed medical histories to sensitive financial data, this information isn’t just gold—it’s like striking…
Explaining the OWASP API Security Top 10
Any company that employs APIs can tell you that they’re the glue that holds all things together, the hub that simplifies and scales digital growth. However, not all can tell you how to protect them. And that’s a problem. Thankfully,…
SLOW#TEMPEST Campaign Targets Chinese Users with Advanced Tactics
A sophisticated cyber campaign, dubbed SLOW#TEMPEST, has been uncovered by the Securonix Threat Research team, targeting Chinese-speaking users. The attack, characterized by the deployment of Cobalt Strike payloads, managed to evade detection for over two weeks, demonstrating the malicious actors’…
The MadRadar Hack Can Cause Autonomous Cars to Malfunction and Hallucinate
Self-driving cars come closer to being a reality every day. Many vehicles already have autonomous features, but several challenges remain. Cybersecurity shortcomings are among the most concerning, and a recent experiment dubbed “MadRadar” heightens these worries. How Does the MadRadar…
North Korean Threat Actor Exploits Chrome Zero-Day
A North Korean threat actor has been found exploiting a zero-day vulnerability in Chromium, now designated as CVE-2024-7971. The exploit, which enables remote code execution (RCE), is being attributed with high confidence to a North Korean group known as Citrine…
SQL Injection Vulnerability Could Enable Attackers to Bypass Airport Security
Cybersecurity researchers discovered a vulnerability in the Known Crewmember (KCM) system, a TSA program that allows airline pilots and flight attendants to bypass security screening. The flaw, which could potentially compromise the safety of millions of air travelers, was found…
Malware Masquerading as Palo Alto GlobalProtect Tool Targets Middle East Users
Users in the Middle East are being targeted by sophisticated threat actors deploying malware disguised as the Palo Alto GlobalProtect tool, Trend Micro has revealed. The malware employs a two-stage infection process, leveraging advanced command-and-control (C&C) infrastructure to evade detection…
FBI: RansomHub Hits Over 200 Entities Since Feb
RansomHub, previously known as Cyclops and Knight, has quickly gained traction, targeting over 210 victims across US critical infrastructure sectors. This ransomware-as-a-service (RaaS) model has been active since February 2024. These include water and wastewater, information technology, government services and…
Top Cost-Effective Cybersecurity Strategies for SMBs
Safeguarding your small or medium-sized business against escalating cyber threats is essential, yet the steep costs of sophisticated security measures can be daunting. This guide delves into smart, budget-friendly cybersecurity tactics designed to fortify your business without draining your finances.…
Meeting the New Cyber Insurance Requirements
In the event of a cyberattack, companies – especially small to mid-sized businesses – often face losses so great they risk pulling their business under. With the number of ransomware attacks, phishing schemes, and data breaches on the rise, it…
MacOS Version of HZ Rat Backdoor Discovered Targeting DingTalk and WeChat Users
In June 2024, cybersecurity researchers from Kaspersky identified a new macOS version of the HZ Rat backdoor, marking the first time this malware has been observed targeting macOS users. The backdoor was found attacking users of the enterprise messaging platform…
Watchdog Criticizes FBI for Inadequate Digital Storage and Destruction Practices
The FBI needs to improve its handling of electronic media designated for destruction at its facilities, according to a scathing audit from the Justice Department’s Inspector General, released publicly last week. . The memo, issued by DOJ Inspector General Michael…
Cyberattacks on UK Law Firms Surge by 77% Amid Rising Ransomware Threat
The number of successful cyber attacks on UK law firms has soared by 77% over the past year, rising from 538 incidents to 954, according to a recent study. The increase is attributed to the lucrative nature of law firms…
MFP security: How Can Resellers Ensure Customers Have The Proper Protection?
Decades ago, office printers had one job: to present documents or images in a paper format. However, with technology evolving rapidly, the role of the office printer has changed drastically. Now, printers are multifunctional, allowing workers to copy, scan, send, or…
Why Companies Need Real-Time Compliance
The need for real-time compliance has never been more critical. As regulatory landscapes evolve and become more complex, organizations face mounting pressure to ensure they remain compliant at all times. This shift from traditional, periodic audits to continuous, real-time compliance…
Global Field Service Management Provider Exposes Nearly 32 Million Documents Online
Nearly 32 million documents, including invoices, contracts, and agreements, were exposed online by ServiceBridge, a global field service management provider. Cybersecurity researcher Jeremiah Fowler made the discovery, reporting the unprotected database to WebsitePlanet. The database contained 31.5 million records, including…
Flights Disrupted at Seattle-Tacoma Airport Due to Possible Cyberattack
Seattle-Tacoma International Airport (SEA-TAC) appears to have been targeted by a cyberattack, with critical systems experiencing widespread internet outages for the third consecutive day, according to officials from the Port of Seattle. The disruptions, which began early on Saturday, have…
Stealthy Linux Malware “sedexp” Exploits udev Rules for Persistence and Evasion
Stroz Friedberg, a risk management firm under Aon, has identified a sophisticated malware strain targeting Linux systems. Dubbed “sedexp,” the malware exploits udev rules to maintain persistence and evade detection. According to researchers Zachary Reichert, Daniel Stein, and Joshua Pivirotto,…
Discovering The Importance of Cybersecurity Advisory Boards (CABs)
In today’s rapidly evolving digital landscape, Cybersecurity Advisory Boards (CABs) are crucial in helping organizations navigate the complexities of today’s digital landscape. By bringing together industry leaders, CABs provide strategic insights, foster collaboration, and ensure cybersecurity strategies stay ahead of…
Ransomware Attacks, Demands, and Payments Rise in Q2
In Q2 2024, new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit and some additional lesser-known factions, led a series of attacks that eclipsed the first quarter of this year by 16% and the second quarter of 2023 by…
Prism Infosec Debuts Red Team Engagement Service
Prism Infosec, an independent cybersecurity consultancy,has introduced PULSE testing service. The service aims to help entities that may not have the resources to dedicate to a full-scale red team exercise and assess their defense capabilities against real-world threats. The company…
The Evolving Landscape of Identity and Access Management in 2024
In the digital age, where cyber threats are increasingly sophisticated and data privacy regulations are more stringent than ever, Identity and Access Management (IAM) has become a cornerstone of organizational security. As we navigate through 2024, the IAM landscape continues…
FIDO Alliance Releases Authenticate 2024 Agenda
The FIDO Alliance has announced its agenda today for Authenticate 2024, the only industry conference dedicated to all aspects of user authentication. The event will be held from 14 to 16 October 2024 at the Omni La Costa Resort and Spa in Carlsbad,…
Qilin Targets Chrome-Stored Credentials in “Troubling” New Attack
The Qilin ransomware group, already infamous for its devastating attacks, has now been caught stealing credentials stored in Google Chrome browsers. This new tactic could amplify the chaos typically associated with ransomware breaches, spreading the impact far beyond the initial…
Millions of Office and Hotel RFID Smart Cards Vulnerable to Instant Cloning Through Hidden Backdoor
Researchers from Quarkslab have uncovered critical vulnerabilities in the latest variant of MIFARE Classic compatible cards. Despite being touted as a secure alternative, the FM11RF08S card, developed by Shanghai Fudan Microelectronics, has been found to contain a hardware backdoor, among…
Navigating the Challenges of AI in Software Development: A Call to Action to Comply with the EU AI Act
In today’s rapidly evolving software development landscape, Artificial Intelligence (AI) and Machine Learning (ML) have emerged as significant threat vectors. Organizations worldwide are witnessing a surge in targeted attacks aimed at software developers, data scientists, and the infrastructure supporting the…
Extortion Campaign Targets 110,000 Domains Using Exposed AWS Files
A sophisticated cloud extortion campaign has compromised over 110,000 domains by exploiting misconfigured Amazon Web Services (AWS) environment variable (.env) files. By scanning for exposed .env files on unsecured web applications, threat actors were able to obtain AWS Identity and…
Innovative Phishing Campaign Targets Mobile Users with PWAs
In a new twist on phishing tactics, ESET analysts have uncovered a series of sophisticated campaigns targeting mobile users by leveraging Progressive Web Applications (PWAs). This use of PWAs, which are essentially websites functioning as standalone apps, sets this phishing…
US Intelligence Agencies Warn of Iranian Election Influence Efforts
In a joint statement, the Office of the Director of National Intelligence (ODNI), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) have warned about heightened Iranian efforts to interfere in the upcoming US elections.…
FlightAware Notifies Users of Data Security Incident
FlightAware, a provider of real-time flight tracking information, has informed users of a data security incident that may have exposed personal information. The company is taking precautionary measures by requiring all potentially impacted users to reset their passwords. The incident,…
Cyberattack Forces Microchip Technology to Scale Back Amid Global Chip Race
Microchip Technology Inc. announced Tuesday that it had been targeted by a cyberattack, prompting the US chipmaker to shut down some systems and reduce its operations. According to a regulatory filing, Microchip, a key supplier to the US defense industry,…
10 Strategies for Safely Migrating a Data Center on a Limited Budget
Data centers have become integral to modern companies, considering the amount of information necessary for operations. These systems remain in place most of the time, but your business could determine it is time to move. How can you ensure safety…
5 Emerging Malware Variants You Must Be Aware Of
The cybersecurity landscape is marked by sophisticated malware strains designed to harvest sensitive data, get a foothold on company networks, and generally wreak havoc. A new report from ReliaQuest examines five malware variants that have recently impacted the threat landscape…
Ransom Denied: Cyber Insurance Claims Shrink as Businesses Opt for DIY Recovery
Claims on cyber insurance have dropped by more than a third between 2022 and 2024, despite more organizations than ever having this type of cover. This was revealed in Databarracks’ Data Health Check – an annual survey of 500 UK…
Ransomware’s Record Year: 2024 Earnings Soar Amid Overall Cybercrime Dip
In a year marked by significant shifts in the cybercrime landscape, 2024 is on track to become the highest-grossing year for ransomware, even as overall illicit activity on the blockchain has declined by nearly 20% year-to-date. This trend highlights the…
Interoperability in Healthcare: How APIs are Bridging the Gap
Interoperability is the lifeblood of the modern healthcare sector. Effective patient care relies on the ability of disparate healthcare systems, devices, and applications to seamlessly access, exchange, and ultimately use data; without interoperability, this would not be possible. A failure…
Ransomware Gangs Introduce New EDR-Killing Tool
Sophos researchers have uncovered a new tool, EDRKillShifter, that malicious actors are using to target endpoint detection and response (EDR) systems. The discovery came after an unsuccessful ransomware attack in May. The threat actors deployed the tool to disable endpoint…
National Public Data Admits to Breach Leaking Millions of Social Security Numbers
Background check provider National Public Data (NPD) has confirmed a data breach after hackers leaked a stolen database containing millions of Social Security numbers and other sensitive information. The compromised data reportedly includes names, email addresses, phone numbers, Social Security…
Pool your Cybersecurity Resources to Build The Perfect Security Ecosystem
Cybersecurity has never been something to set once and leave running in the background—it is a constantly evolving landscape. While the migration of data and applications to the cloud provides numerous business benefits, many organisations struggle to secure their networks…
Cybersecurity in Healthcare: A New Era of Regulation, Incentives, and Patient Safety
Over the last few years, attacks against the healthcare sector have been severe and widespread, targeting sensitive patient data and critical medical operations. The 2020 ransomware attack on Universal Health Services, which led to the shutdown of systems across 400…
Taming Identity Sprawl With a Least Privilege Approach
Remember the Hydra, the multi-headed creature from Greek mythology? Warriors attempting to slay the beast faced a seemingly impossible challenge: when they cut off one head, multiple heads re-emerged. Security teams entrusted with Identity and Access Management (IAM) can relate…
China-linked Attackers Target Russian Govt Entities
Researchers from Kaspersky have detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government entities and IT organizations. The bad actors infected devices via phishing emails with malicious shortcut attachments. These shortcuts were used to deliver…
Russian Sentenced to 40 Months for Selling Stolen Data on Dark Web
A Moscow-based Russian national, Georgy Kavzharadze, has been sentenced to 40 months in federal prison for selling stolen financial information on the dark web marketplace known as Slilpp. The US Attorney’s Office for the District of Columbia announced that Kavzharadze,…
Malware Loaders Dominate Cybersecurity Threats in 2024
Malware loaders are a significant threat in the cybersecurity landscape, with nearly 40% of all malware observed in critical security incidents involving these specialized tools. Among the most prevalent loaders are “SocGholish,” “GootLoader,” and “Raspberry Robin,” which have been frequently…
When Disinformation Floods the Internet, Preserving Truth Requires Proper Equipment
The World Wide Web is the greatest tool for sharing information humankind has ever created. Unfortunately, lies and fake news spread over the Internet just as well. It is so easy for disinformation to proliferate online that it takes the…
Email Breach Report 2024: The Most Vulnerable Names and Providers Exposed
In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email…
NIST Debuts First Set of Finalized Post-Quantum Encryption Standards
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has officially released its first set of finalized encryption standards designed to withstand attacks from quantum computers. These post-quantum encryption standards are expected to secure a wide array…
Twitter’s AI Ambitions Face GDPR Backlash: Nine New Complaints Filed
Twitter, recently rebranded as “X,” is under increased scrutiny after nine additional complaints were filed across Europe, alleging the company unlawfully used the personal data of over 60 million EU/EEA users to train its AI technologies without their consent. This…
Email Security Risk Remains Alarmingly High
A staggering 94% of companies have fallen victim to phishing attacks over the last year, while 91% experienced data loss or exfiltration incidents. It’s not surprising, then, that 95% of cybersecurity leaders are increasingly stressed about email security, particularly phishing…
Six Reasons Healthcare Organizations Need Robust Cybersecurity
Medical organizations must implement robust cybersecurity solutions due to the sensitivity of the data they handle and the increasing frequency of cyberattacks. As these organizations rely more heavily on technology for storing and managing patient data in the digital era,…
Emerging Exfiltration Tools Highlight Growing Threats to Enterprise Data
Cybercriminals have significantly increased their use of data-exfiltration tools, which are highly effective for stealing sensitive data and evading detection. This was revealed in a recent report by ReliaQuest, which highlights the evolving strategies of threat actors in the digital…
The Importance of APIs/API Security in Financial Services
In the evolving financial services landscape, Application Programming Interfaces (APIs) have become fundamental tools for facilitating seamless digital transactions and interactions. However, as the reliance on these technologies grows, so does the need for stringent API security. Ensuring the safety…
Next-Gen Vehicle Technologies Present New Challenges for Cybersecurity Professionals
Modern technology has led to the rise of self-driving cars. While advantageous in some aspects, the autonomous vehicle concept introduces cybersecurity challenges. There is also innovation and concern with aviation cybersecurity and autonomous aircraft. Here’s what you need to know…
Passwordless Prescription: The Cure for Healthcare Cybersecurity
The healthcare industry is poised for a cybersecurity transformation, with passwordless authentication at the forefront. Utilizing passkeys and biometrics improves user experience and significantly strengthens data security against contemporary threats such as credential stuffing and MFA fatigue. So says Phil…
Vectra AI Expands XDR Platform
Vectra AI, a provider of AI-driven Extended Detection and Response (XDR) solutions, has expanded its Vectra AI Platform, enhancing its ability to provide Security Operations Center (SOC) teams with a real-time view of their active posture. This expansion leverages the…
Optimizing AWS GuardDuty for Enhanced Security Monitoring
Approximately 2.38 million customers worldwide use Amazon Web Services (AWS) to host and power their cloud-based business assets, per a recent market report. If you’re reading this, you’re probably one of them. With officially over half (50.1%) of the market…
Provisional £6m Fine Imposed on Software Provider Following NHS Ransomware Attack
Advanced Computer Software Group Ltd (Advanced) is facing a provisional fine of £6.09 million following a 2022 ransomware attack that disrupted NHS and social care services. The Information Commissioner’s Office (ICO) has preliminarily determined that the company failed to implement…
Police Recover Over USD 40 Million from International Email Scam
A global stop-payment mechanism developed by INTERPOL has enabled Singapore authorities to recover over USD 40 million from a business email compromise (BEC) scam, marking their largest-ever recovery of fraudulently obtained funds. On 23 July 2024, a commodity firm based…
Ransomware Attack Targets Grand Palais, Paris
French cybercrime police are investigating a ransomware attack on the Grand Palais Exhibition Hall in Paris, a venue for Olympic events such as fencing and Taekwondo. According to Reuters, the central computer system of the Grand Palais was targeted, but…
Microsoft’s Security Efforts Leave Much To Be Desired, Especially For Email Security
While many small businesses rely on Microsoft 365 as their default software because of its flexibility and scalability, the seemingly endless, persistent threat of cyberattacks on email security suggests that its security standards must be revised. My opinion on the…
Tech Contractor Exposes Data of 4.6 Million US Voters
A US technology contractor has inadvertently exposed the personal data of 4.6 million voters and election documents from multiple counties in Illinois, sparking significant concerns over election security and voter privacy. The databases, managed by Platinum Technology Resource, were found…
The Illusion of Reputational Damage
In June, the HIPAA Journal reported a story that seems to be the trifecta of insider threat, third party risk, and medical technology risk. A terminated subcontractor employee of a medical transcription service stole at least one million patient records.…
Proficio Unveils ProBAS Breach and Attack Simulation Service
Proficio, a Managed Detection and Response (MDR) provider, has rolled out its ProBAS Breach and Attack Simulation service. The solution “rigorously” tests businesses’ security defenses, to ensure they can prevent compromise events and detect attacks throughout the entire threat detection and…
LianSpy Spyware ‘LianSpy’ Targets Android Users
Security researchers at Kaspersky have uncovered a new Android spyware campaign called LianSpy, which has been used for cyberespionage against targeted Android device users in Russia. The malware, dubbed “LianSpy,” has been in operation since July 2021, quietly harvesting sensitive…
Wristband Releases Public Beta of its B2B Authentication Platform
Wristband, a developer-first authentication platform designed for B2B SaaS, has released the public beta launch of its B2B authentication platform. Jim Verducci, CEO of Wristband, says building robust B2B authentication in-house is a complex and time-consuming process that can take…
Evasive Panda Compromises ISP to Distribute Malicious Software Updates
The cyber espionage group dubbed Evasive Panda (also known as StormBamboo and previously tracked as StromCloud) compromised an unnamed Internet Service Provider (ISP) in mid-2023 to push malicious software updates to target entities. This incident marks a significant escalation in…
Infosec Institute Partners with Career.io to Help Students Launch Cybersecurity Careers
Infosec Institute, a cybersecurity education provider, is parterning with Career.io, a provider of professional career-development products and services. This collaboration aims to offer comprehensive career services to students enrolled in Infosec’s Immersive Boot Camps, equipping them with the skills and…
DNS Vulnerability: ‘Sitting Ducks’ Exposes Millions of Domains to Hijacking
A recently discovered vulnerability in the Domain Name System (DNS), dubbed ‘Sitting Ducks,’ has left millions of domains susceptible to hijacking. This attack vector, actively exploited since 2019, enables threat actors to deliver malware, phish, impersonate brands, and exfiltrate data.…
How AI is Shaping Fraud: VIPRE Reveals 40% of BEC Emails Are Now AI-Generated
Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…
How AI is Shaping Fraud: Vipre Reveals 40% of BEC Emails Are Now AI-Generated
Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…
Dark Angels gang scores a record-breaking $75 million ransom
Staff Reporter Over the past year, ransomware attacks have reached unprecedented levels of ambition and boldness, highlighted by a significant increase in extortion attacks. In fact, research from Zscaler ThreatLabz revealed an unparalleled ransom payout of $75 million – the…
The Critical Role of Response Time in Cybersecurity
In today’s digital landscape, cybercriminals pose a perpetual threat to organisations. We are repeatedly reminded of the consequences of inadequate cybersecurity measures. In a cybersecurity breach, response time is critical to mitigating damage. Most cyber-attacks are like wildfires. Without the…
What Every Business Needs to Know About Ransomware
Today’s businesses rely heavily on technology to streamline operations, enhance productivity, and connect with customers. However, this dependency has also opened the door to a growing threat: ransomware attacks. By 2031, the cost of ransomware attacks is estimated to reach…
Bridging the Expertise Gap: Enhancing Cybersecurity Skills in Compliance Professionals
In the complex world of compliance, professionals deal with many responsibilities that go well beyond just cybersecurity. Compliance can encompass areas such as financial regulations, anti-money laundering practices, and safety standards, each requiring its own set of specialized skills; however,…
A Guide to Select the Best Operating System for NAS Data Recovery
Home users and businesses use NAS (Network-Attached Storage) to store and manage data clearly and organise it and make it easy to access. With simplified scripts and hardware pre-installed with an optimised operating system, the NAS architecture helps improve the…
Navigating the Cyber Landscape: Understanding Threat Intelligence
In today’s digital world, cybersecurity is a top concern for organizations of all sizes. As our reliance on technology grows, so do the risks associated with cyber threats. Many organizations are turning to threat intelligence as a critical component of…
4 Ways BYOI and Social Login Enhance User Experience
We live in an era where customers demand convenience and instant gratification and want to use their smartphones and mobile devices to access their apps and services instantly. At the same time, trust in established brands such as Google or…
The time is NOW to Support Passkeys for Your Customer Authentication!
The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…
The time is NOW to Support Passkeys for Your Customer Authentication!
The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…
The time is NOW to Support Passkeys for Your Customer Authentication!
The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…
The Cybersecurity Maelstrom of 2024: A Dizzying Dance of Threats and Defenses
2024 has ushered in a slew of new cybersecurity challenges. Gone are the days of simple firewalls and antivirus software; we’ve entered an era where AI battles AI, quantum computing looms like a cryptographic doomsday clock, and our fridges might…
The hidden pitfalls of AI: why implementing AI without a strategic vision could harm your business
For all of Artificial Intelligence’s advantages, getting it wrong can be costly, says Bartek Roszak, Head of AI at STX Next The potential of Artificial Intelligence seems limitless, from AI-powered recommendation engines to reinforcement learning. However, the rush to implement…
Nine IT Experts Weigh in On Managed File Transfer (MFT)
In an era where everything IT-leaning is getting leaner, meaner, faster, and more secure, we need to make sure not to leave file transfers behind. As the security and IT landscapes modernize, organizations are increasingly looking for a way to…
Implementing Digital Rights Management Systems To Safeguard Against Unauthorized Access Of Protected Content
Digital Rights Management (DRM) systems are a crucial tool for protecting digital content from unauthorized access or reproduction. Whether you’re a content creator looking to protect your intellectual property or a business looking to protect revenue streams, DRM is an…