Data privacy continues to be a growing concern for all internet users. While the internet gives us so much more freedom and access to information we might not have otherwise, online privacy continues to be a significant risk. It’s not just cybercriminals that invade your privacy, but businesses as well. Data has become more valuable than ever, and companies will do whatever they can to collect your information. Proxies have been a popular option for protecting your online privacy.

On November 17, 2023 AT&T announced the creation of a new managed security services business backed by WillJam Ventures. Press release here. Businesses of all types and sizes want to, and need to focus on innovation, growth, and transformation strategies. Meanwhile, the complexity of managing the evolving cybersecurity landscape continues to expand. Adversaries are determined, well-funded, and on a mission to disrupt businesses of all types and sizes.

Today’s adversaries increasingly use compromised credentials to breach target environments, move laterally and cause damage. When attackers are logging in — not breaking in — legacy endpoint security offers little help in detecting and stopping breaches. Exacerbating the problem is an expanding attack surface, largely due to the growth of remote work and evolving supply chains.

In recent years, the cybersecurity landscape has evolved dramatically, with more advanced threats and operational challenges for organizations. Many vendors offer security platforms that address these changes and streamline security management. This post explores vital capabilities managed service providers (MSPs) should prioritize when assessing such platforms and explains some shortcomings observed in other security platforms.

It's that time of year again when the security delegates from Tech Field Day descend on Silicon Valley (well, in this case, descend virtually on Silicon Valley) to hear about the cool new things vendors are doing in the security space. This year, I was fortunate to be one of the presenters at XFD10 along with my partner in crime, Matt Honea, Head of Security and Compliance at Forward Networks.

In today's digital landscape, organizations face increasingly sophisticated cyber threats that can compromise sensitive data, disrupt operations, and tarnish their reputation. To mitigate these risks, regulatory frameworks have been developed to ensure robust cybersecurity practices.

In the current cyber threat landscape, where online security is paramount, the threat of session cookie replay attacks looms large. These attacks sidestep the conventional need for credentials and aim to hijack your online sessions, potentially compromising sensitive data and taking over user accounts. This blog post delves into the intricacies of session cookie replay attacks, shedding light on what they are, how they work, and the potential consequences they can unleash.

The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control. It’s usually bad when we compare one month or quarter to another and see an increase. But when it’s a single month compared to more than half a year, you know it’s REALLY bad. And that’s what we find in security vendor ReliaQuest’s latest blog covering how Quishing is being used.

Social engineering remains one of the top attack vectors that cybercriminals use to execute malicious acts. KnowBe4’s security awareness training and simulated phishing platform allows workforces to make smarter decisions, strengthen an organization’s security culture and human risk by protecting their organization from phishing, social engineering and ransomware.

Software development at the speed of business is a constant balance of tradeoffs, and managing the risk of open-source software is one of the most emerging prominent examples. This is driven home by high-profile supply chain attacks such as the ones on SolarWinds, Log4J, and MoveIt. Each of these examples represents a different type of abuse, including.