Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking world at DEFCON 32 in Las Vegas. This annual pilgrimage to the mecca of cybersecurity (and more importantly, hacking) is more than just a conference – it’s a hands-on deep dive into the cutting edge of hacking techniques and defensive strategies.

As 98% of businesses are using some form of cloud computing, keeping track of who has access to what has become a major challenge, especially as cloud environments often span multiple platforms and locations.

Over the last 18 months, you’ve probably heard about Large Language Models (LLMs) like OpenAI’s GPT and Google’s Gemini. Whether you’re using them as a personal research assistant, an editor, or a data analyst, these tools represent a new frontier of Machine Learning (ML) and Artificial Intelligence (AI) and arguably will have the most significant impact of any technology in this decade.

The events of Friday the 19th 2024 had a profound impact on organizations around the globe. I suppose a widespread global IT outage has a way of clarifying the mind—and IT leaders are recognizing that resilience is crucial for maintaining operations for their consumers, customers, staff, partners, and shareholders. But much of the post-mortem analysis seems to be misunderstanding key lessons from the outage.

Several tactics can lead to medical identity theft, including someone physically stealing your sensitive information, phishing scams, insider attacks and data breaches. Continue reading to learn what medical identity theft is, how it can happen and ways you can protect yourself against it.

For bad actors, using synthetic voices is easy, cheap, and worryingly effective.

Threat actors are increasingly tailoring their attacks to target social media apps and smartphone users, according to a new report from the Anti-Phishing Working Group (APWG). As email security technologies improve, scammers are turning to social media apps, text messages, and voice calls to conduct social engineering attacks.

From ransomware attacks to data breaches, the threats lurking within supply chains are more pervasive than you might realize. Many security teams aren’t aware of the various supply chain cyber risks lurking within their network, most of which are difficult to detect, manage, and mitigate. Let’s explore how to achieve a more secure and resilient supply chain.

If you answer a spam call, you might start receiving more spam and scam calls, become a victim of SIM card swapping or get your phone number spoofed. Based on Truecaller’s findings, from July 2023 to July 2024, Americans collectively spent approximately 234,000,000 hours answering spam calls. While not every spam call is intended to deceive you like a scam call, receiving unwanted phone calls from persistent telemarketers can quickly become annoying.

As financial services companies, such as banks, hedge funds, and stock exchanges, move to the cloud, sensitive data often unintentionally moves with them. To help avoid costly breaches and address governance, risk, and compliance (GRC) requirements such as PCI-DSS, GDPR, and SOC 2, these organizations may need to identify where in the cloud sensitive data can leak and be able to redact it at scale.