Digital cookies have become a ubiquitous tool in how websites identify visitors, understand their online behaviour, and make browsing more convenient for the user. Cookies are small text files which store data to identify your computer. Cookies aren't necessarily bad. They're useful for encryption, delivering webchats, improving marketing campaigns by personalising the content displayed, and many other digital services.

In 2021, malicious Office documents accounted for 37% of all malware downloads detected by Netskope, showing favoritism for this infection vector among attackers. This is likely due to the ubiquitous usage of Microsoft Office in enterprises across the globe. Throughout 2021 we have analyzed many techniques used by attackers to deliver payloads through infected documents, which included the return of Emotet, a campaign that primarily uses infected documents to spread malware.

It's easy for cybersecurity teams to think they're doing everything to stay ahead of data breaches and cyberattacks in this post-pandemic era. For instance, you've probably rallied qualified experts to augment your IT ecosystem and supplied them with state-of-the-art threat detection and mitigation technologies that offer real-time insight into your infrastructure security.

Artificial Intelligence (AI) is one of the most high-profile technology developments in recent history. It would appear that there is no end to what AI can do. Fom driverless cars, dictation tools, translator apps, predictive analytics and application tracking, as well as retail tools such as smart shelves and carts to apps that help people with disabilities, AI can be a powerful component of wonderful tech products and services.

It has been a long time coming! The upgrade to the international standard for information security management systems, ISO27001:2013, is here (almost). Hallelujah! If you’re reading this article, then there’s a reasonable assumption that you know what ISO27001 is and you’re not going to be too worried about the back story. But let’s all be clear on a couple of points. The current version of the Information Security Management Standard is ISO27001:2013.

We wanted to call out some great adjacent research from the team at Sophoslabs Uncut that was released on December 21, 2021. Research groups frequently analyze similar (or in this case, identical) campaigns through their own unique lens. This is fantastic for the security community, as the campaign gets more eyes and different perspectives applied towards the same problem.

In 2008, Data Privacy Day started as an extension of Europe’s Data Protection Day, which commemorates the signing of Convention 108. This year, the National Cybersecurity Alliance (NCA) established Data Privacy Week to empower individuals and businesses to respect privacy, safeguard data and enable trust. Plus, data privacy is so important that it needs more than just a single day of discussion!

Spam filters are essential. Without them we couldn’t cut through the noise of phishing scams and malware links to read our messages. Hatred of spam is well entrenched in society, just as bots (especially scalpers) have become the bane of so many lives in recent years. There are several parallels between the email spam in our inboxes and malicious bots that crawl the web. Both are designed to cause harm to businesses and individuals. Both exploit systems designed to be useful.

A managed services partner should do more than run the tests you choose. The right partner will work with you to shape your application security program. If your firm has attempted to hire internal security experts lately, you know they’re few and far between.

White House memo directs the Defense Department and Intelligence Community to implement its May 2021 Executive Order on improving national cybersecurity.