Identity theft is one of the things you never expect to happen to you until it does. The scariest part is not the theft itself but what follows after. Victims of identity theft don't often discover their financial, reputational, and bureaucratic lives are destroyed until long after the crime was committed. This delay makes it extremely difficult for authorities to investigate identity theft cases.

In January 2023, the European Commission (EC) released an updated version of the European Union (EU) Network and Information Security Directive (NIS2) to strengthen cybersecurity risk management across Europe’s essential services. NIS2 updates the original NIS directive and focuses more on regulations for cloud infrastructure, internet exchanges, domain service providers, and digital service providers.

There’s one major between organizations that fall victim to a data breach and those that don’t - attack surface awareness. Even between those who have implemented an attack surface management solution and those who haven’t, the more successful the cybersecurity programs more likely to defend against a greater scope of cyber threats are those with greater attack surface visibility.

Some Apple users have reported phishing attacks using the password reset feature.

Clifford Stoll, astronomer, author, and teacher, often joked about computer passwords. He said, “Treat your passwords like a toothbrush. Don’t let anybody else use it, and get a new one every six months.”

The Publishers Clearing House (PCH) appeared in 1967, promoting magazine subscriptions, merchandise, time-share vacations, and their famous cash prize sweepstakes. Since 67’ over 11 million people have won PCH sweepstakes, totaling over $593 million in cash winnings. More people than ever have entered the PCH sweepstakes, looking for their chance to win thousands - sometimes millions - of dollars overnight.

In July 2022, the Pentagon’s acquisition office issued a memo reminding acquisition officials of the DoD’s requirements for handling controlled unclassified information (CUI). The standard which applies to Defense contractors is not new. The original Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012 requirement went into effect in 2017.

Containers are integral to modern application development portability, resource efficiency, and ease of deployment. But there is a flip side to these benefits. Unlike traditional applications, containers bundle everything needed to run, making them a scattered setup for hidden security issues. 54% of container images in Docker Hub were found to contain sensitive information that could lead to unauthorized access, data breaches, or identity theft.

Zero Standing Privileges (ZSP) is a Privileged Access Management (PAM) strategy in which organizations limit access to sensitive data by removing all permanent user access. It requires users to request specific access to resources needed to complete a task. However, instead of granting users continuous access, ZSP will grant them temporary access until the task is complete.

After a new zero-day vulnerability is announced, the National Vulnerability Database (NVD) publishes a measure of its severity under the Common Vulnerability Scoring System (CVSS). CVSS scores are a crucial tool for organizations as they give an approximation of the severity of disclosed vulnerabilities.