Security threat actors are becoming smarter, and their attacks more devious. Staying ahead of cybercriminals and vulnerabilities is the only way to defeat the attackers at their own game. If you want to protect your organization from cyber threats, then you need to think like an attacker. Operational security, also known as OPSEC, is a discipline that considers the perspective of potential threat actors.

Deepfakes are forged images, audio, and videos that are created using Artificial Intelligence (AI), and Machine Learning technologies. According to the World Economic Forum (WEF), deepfake videos are increasing at an annual rate of 900%, and recent technological advances have made it easier to produce them. VMware states that two out of three defenders report that deepfakes were used as a part of an attack to influence operations, or to launch disinformation campaigns.

Governments play a key role in the continued operation of society. While getting a speeding ticket or paying taxes may not be anyone’s favorite thing to do, they contribute to the government’s ability to protect its citizens while maintaining its infrastructure and services. Cybersecurity is critical for all organizations and government agencies, as they may hold sensitive information on both individuals, as well as key infrastructure.

They’re far from old news: despite the hype about “increasingly sophisticated, automated attacks,” these 10 tried-and-true website security attacks are still top of the list for career malicious hackers. No one likes to work harder than they have to, and black hats are no different. Why repel from the ceiling when you could just try the front door?

OpenAI's ChatGPT chatbot has been a phenomenon, taking the internet by storm. Whether it is composing poetry, writing essays for college students, or finding bugs in computer code, it has impressed millions of people and proven itself to be the most accessible form of artificial intelligence ever seen.

Kubernetes observability refers to the ability to monitor and diagnose the performance and behavior of a Kubernetes cluster and its applications. This includes monitoring resource usage, tracking the status of pods and deployments, and identifying and troubleshooting errors. Observability tools for Kubernetes typically include metrics, logging, and tracing capabilities.

Organizations are progressively moving towards a predominantly cloud-based computing environment. What this means is that essentially all of their back-end infrastructure, systems, and client-facing applications can be accessed and distributed through the cloud. Modern cloud computing goes a step further than simply being present in a virtual environment.

A ransomware outfit is advising its victims to secretly tell them how much insurance they have, so their extortion demands will be met. As security researchers at Varonis describe, a new strain of the HardBit ransomware has taken the unusual step of asking targeted companies to spill the beans of whether they have cyber insurance (and the terms of that insurance) anonymously.

As governments and organizations standardize and harmonize their responses to better mitigate the increasing number of cyber-attacks, so do cybercriminals. In Europe, security decision-makers and businesses face similar attack techniques as their global counterparts. While the methodologies employed are identical because they all rely on the same digital technologies exploiting similar vulnerabilities, the motivations vary.

There’s a good chance that you have heard the word phishing or probably even been a victim in the past, however you do not understand what it really means and how to protect yourself from being a victim. According to CNBC, there were 225 million phishing attacks in 2022 which depicts a 61% increase from the number of reported cases in 2021.

Application dependencies occur when technology components, applications, and servers depend on each other to provide a business solution or service. Developers have a specific technology stack in mind when building solutions. This can typically include operating systems, database engines, and development frameworks (such as.Net or Java), as well as other infrastructure.

Mail filters play a huge role in protecting organizations from cyberattacks. Even though their task is quite small, they are very important for an organization’s ability to deter many malicious phishing and spam emails before delivery to a person’s inbox. According to the IBM X-Force Threat Intelligence Index, 40% of attacks in the manufacturing industry are phishing attacks, and 1 in 3 employees are most likely to fall for a phishing scam.

As the world grows increasingly digital and dependent on the internet, cyberthreats are constantly evolving to clash with newer and more rigid security features. Despite cybercriminals’ propensity for finding new and innovative ways to take advantage of their targets, however, there are also tactics that have been in use since the early days of the internet.

The owner of a Russian penetration-testing company has been found guilty of being part of an elaborate scheme that netted $90 million after stealing SEC earning reports. For nearly three years, 42-year-old Vladislav Klyushin - the owner of Moscow-based cybersecurity firm M-13 - and his co-conspirators had hacked into two US-based filing agents used by publicly-traded American companies to file earning reports to the Securities and Exchange Commission.

Only those hiding from the news, prospects, and customers can miss the data security and privacy challenges that are occurring. More businesses are relying on data analytics (garnered from data collection) for more and improved service and product offerings. More individuals want data privacy and security. More nations want their citizens protected from corporate tactics that rely on mining and scraping personal data. More customers want tailored experiences that only come through data analytics.

The fact that scammers haunt Facebook and Twitter is not surprising. Even so, digital criminals don’t stop with just those two platforms. They’re also known to stalk users on LinkedIn where connections carry greater professional gravity. Fortunately, users can stay alert of such activity by familiarizing themselves with the most common types of LinkedIn scams. In no particular order, here are five such ruses that should be on everyone’s radar.

When it comes to acronyms, Technology and Cybersecurity often rival various branches of government. Technology acronyms are usually somewhat bland, amounting to little more than the arcane argot of the profession, such as SOC, SIEM, and DNS.

Today’s energy sector is undergoing massive change, especially as more utilities try to usher in clean or renewable energy alternatives like solar, geothermal, hydroelectric, and wind power. In addition to the clean energy transition, grid modernization is another major shift in the energy industry. The Industrial Internet of Things (IIoT) is expected to transform the energy grid and support modernization efforts.

A brute force attack is an attempt to reveal passwords and login credentials in order to gain access to network resources. These attacks are mainly done with the purpose of gaining unauthorized, and undetected access to compromise systems. Threat actors usually prefer this attack method since it is simple to carry out, and can cause significant damage. Once a person’s credentials are revealed, the attacker can log in, generally unnoticed.

We create massive amounts of data daily, from the exercise stats compiled by our wearable devices to smart meters used at our homes to reduce expense consumption to maintenance statistics of critical systems in industrial settings. If data creation continues at its present rate, more than a yottabyte (a million trillion megabytes) will likely be generated annually by 2030.

A truism about the free tools online is that if you aren’t paying for the service, then you are the product. Take your grocery store's “club” card program. You sign up and give them your name and phone number, and every time you shop, you swipe your card and get discounts on certain items. If you shop at the same store all the time, it makes total sense to take advantage of these discounts to save yourself some cash.

February 7th is the 20th Safer Internet Day, a day to focus on addressing ways to reduce the risks created by our now very online world. Painting the internet as an inherently dangerous place full of predators and … would be using too broad a brush. The internet is an amazing technology - an information sharing resource unrivaled in depth, breadth, and reach. Despite all the good, useful, and fun the internet brings, it has one major drawback: on the other end of the computer is a person.

It’s another new year and hence another occasion to predict how the cybersecurity landscape will evolve in 2023. Once again, it will be challenging, as most every year is, and could wind up being an unusually difficult 12 months because of multiple headwinds.

Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control systems like Remote Terminal Units (RTU) and Programmable Logic Controllers (PLC).

2022 saw privacy truly take hold in the U.S., while Europe buttressed its position as the global leader and other regions worked to get up-to-speed with new or amended laws.

UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from December 2020 - January 2022, TSB determined that romance fraud almost doubled compared to pre-pandemic levels, with a record increase in losses of 91% - averaging £6,100 per incident.

The cybersecurity landscape has become something of a battle royale: companies and cyber criminals are continually trying to outsmart one another in an effort to be the last one standing. Thankfully, many businesses are seeking a proactive approach, aiming to avoid the proverbial egg on their face when it comes to cybersecurity breaches. Learning from other organizations’ costly misfortunes, many businesses are ensuring that security features prominently in strategy and budget meetings.

The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not fully understood.