The latest data from Comcast Business’ analysis of over 23.5 billion cyber attacks on their business customers shows the importance and role of phishing in attacks. Over the years there has been a consistent mantra, where everyone agrees that “90-something” percent of cyber attacks start with phishing. There have been plenty of sources that corroborate this using percentages in the 90th percentile, but the overall message is phishing is your greatest Initial Access tactic.

Most social engineering scams search out their potential victims, often sending emails to known email addresses, sending chat messages to them or calling known phone numbers. The attackers take an active role in seeking out and making contact with their victims.

The second quarter of this year has become the focus of some new firsts in ransomware attacks, according to new data from cybersecurity vendor Reliaquest. None of us want to see ransomware continue “up and to the right” on a chart. But it appears that this is the case, according to Reliaquest’s Ransomware Report: Q2 2023.

Generative artificial intelligence tools are changing the world and the software development landscape significantly. Our webinar series will help you understand how. The popular press continues to reverberate with stories about the miracles of generative artificial intelligence (GAI) and machine learning (ML), and all the ways it might be used for good—and for bad. There’s hardly a tech company that isn’t talking about how GAI/ML can enhance its offerings.

Cyber attacks have grown significantly over the last few years, and their cost to victim organizations marches ceaselessly upward as well. Now many of those victim organizations are learning the hard way that business insurance policies often won’t cover the regulatory fines from security incidents that are considered “preventable.” Hence the need for extra protections from “cyber insurance” to fill any coverage gaps you might have.

A web application firewall is a security software that observes and filters HTTP/HTTPS traffic between a web application and the internet. While this has been available for decades, with the evolution of the threat landscape, WAFs have also added additional capabilities to protect not only web apps but also APIs against a range of attacks, including DDoS and bot attacks. So, the category has evolved and is currently called Web Application and API Protection (WAAP).

The SafeBreach Labs team is committed to conducting original research to uncover new threats and ensure our Hacker’s Playbook provides the most comprehensive collection of attacks.

There is a widespread misunderstanding regarding cloud services, particularly in relation to Software as a Service (SaaS). Many organizations mistakenly believe that once they migrate to the cloud, the responsibility for all aspects of security and data protection rests solely with the SaaS provider. This misconception creates a false sense of security, which can be detrimental.

AI applications are becoming a primary target for cyber threats due to their reliance on vast amounts of sensitive data. Traditional security measures often fall short in protecting AI-driven environments. A privacy vault is essential for securing AI data, ensuring that sensitive information is protected while enabling innovation. AI models depend on vast datasets for training and operation, but this dependency introduces critical security risks.