A new BazarCall phishing campaign is using Google Forms to send phony invoices, according to researchers at Abnormal Security. “BazarCall/BazaCall attacks typically start with a phishing email designed to appear as a payment notification or subscription confirmation from a known brand,” Abnormal explains. “Within the email, recipients can find the amount to be charged—generally between $49.99 to $500 or more, depending on the subscription or service being impersonated.

Security awareness training (SAT) works! A well-designed security awareness training campaign will significantly reduce cybersecurity risk. We can safely state that from over 13 years of experience with tens of thousands of customer organizations and hundreds of millions of customer interactions. We have the data to prove it. The average new customer comes to us with about a third of their workforce proven to click on any phishing email.

Each day there are more and more cyber attacks and threats occurring, with those looking to exploit your IT systems finding various different methods to infiltrate your IT infrastructure. This means it's more vital than ever that you limit the vulnerabilities of your IT infrastructure and guarantee its security. In regards to this, a viable solution available to you is vulnerability assessment.

Forrester has named CrowdStrike a Leader in The Forrester Wave™: Managed Detection And Response Services In Europe, Q4 2023, only a few months after naming CrowdStrike a Leader in The Forrester Wave™: Managed Detection and Response, Q2 2023. In Forrester’s MDR report for Europe, CrowdStrike Falcon® Complete received the highest scores in the Current Offering and Strategy categories, as well as the highest possible scores in 13 of 22 criteria.

Nightfall AI is excited to announce a new generation of detectors powered by generative AI (GenAI). Read on to learn more about recent advancements in our PII, PHI, secrets, and images detectors—as well as how they stack up against competitors like AWS Comprehend, Google DLP, and Microsoft Purview.

There are various ways to measure any given machine learning (ML) model’s ability to produce correct predictions, depending on the task that the system performs. Named Entity Recognition (NER) is one such task, in which a model identifies spans of sensitive data within a document. Nightfall uses NER models extensively to detect sensitive data across cloud apps like Slack, Microsoft Teams, GitHub, Jira, ChatGPT, and more.

Researchers at Abnormal have discovered the latest evolution in call-back phishing campaigns.

Our guest today is Rita Gurevich, the CEO and Founder of SPHERE, an identity hygiene platform. Gurevich joins host David Puner to explore the challenges and dynamics surrounding identity and cyber hygiene in today’s cybersecurity landscape. The conversation begins by addressing the accelerated pace at which cyber controls and identity hygiene requirements are evolving, emphasizing the critical role they play in cybersecurity strategies.

The recent SURGe in popularity of generative artificial intelligence tools has raised many questions around potential use cases in cybersecurity, both from an offensive and defensive point of view. Will chat-based AI-assistants provide more utility to attackers, or defenders?

On December 13th, The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) have issued an urgent advisory about the ongoing exploit of CVE-2023-42793 by Russian Foreign Intelligence Service (SVR) threat actors.