Mobile devices have become so integral to both business and personal lives that it is difficult to imagine a life without them. There’s more attack surface area as a result, and it’s IT’s job to mitigate the risk of cyberattacks. Insider threats are often involved, because employees and their devices can be one of the weakest links in the security chain.

Learn about the basics of employee experience, including how technology influences employee satisfaction and the need to enhance digital workspaces to create happier, more productive teams.

A large-scale fraud operation, dubbed "Ticket Heist," is exploiting over 700 domain names to sell fake tickets for the upcoming Summer Olympics in Paris. This campaign, which appears to predominantly target Russian-speaking users, extends beyond the Olympics to other major sports and music events, posing a significant risk to potential ticket buyers. Details of the Ticket Heist Campaign.

Opinions regarding artificial intelligence (AI) range from fears of Skynet taking over to hope regarding medical advancements enabled by AI models. Regardless of where you sit on this spectrum of anxiety and hype, it is evident that the AI epoch is upon us.

New data illuminates how healthcare leaders can prioritize resilience. Organizations find themselves at the intersection of progress and peril in the rapidly evolving digital healthcare landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to healthcare institutions. One of the foremost obstacles is the disconnect between senior executives and cybersecurity priorities.

Employee fraud is not just a rare occurrence, but a prevalent issue in the American workplace. Shockingly, three out of four employees have confessed to stealing from their workplace at least once for personal gain. The types of fraud are diverse, ranging from petty theft to complex schemes involving benefits, accounts receivable fraud, or intellectual property. The risk of employee fraud affects both small and large businesses.

Over 100,000 websites fell victim to a recent web supply chain attack through the Polyfill JavaScript library. This incident underscores significant vulnerabilities in third-party script integration across the web. This article covers what Polyfill does, why it’s now a threat, and the steps you should take if your website relies on it.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of real nasty Open Source issues in the past week. The first and most recent is Ghostscript. Could well be a lot of SaaS products affected.

Business leaders often see security as an insurance policy – a box that CISOs need to tick just in case the organization comes under attack. This make it difficult for InfoSec decision makers to justify the cost of upgrading defenses. After all, we already ticked that box – right? But when it comes to automated attacks, it’s not a matter of “if” bots will target your business. It’s not even a question of “when”.

This is a Bulletproof Tech Talk article: original research from our red team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. This blog looks at obfuscating Linux Symbols using dl_iterate_phdr with callbacks. It represents original security research from the Bulletproof Red Team.