An undisclosed number of customers of outdoor clothing retailer The North Face have had their passwords reset by the company, following a credential-stuffing attack. The company has revealed that on October 9, 2020, it became aware that hackers had used usernames and passwords stolen from a third-party website to gain unauthorised access to customer accounts.

The number of successful ransomware attacks on the education sector increased 388% in the third quarter of 2020. According to Emsisoft, the education sector reported 31 ransomware incidents in Q3 2020. That’s a 388% increase over the 8 incidents that occurred in the previous quarter. Nine of the 31 ransomware attacks disclosed in the third quarter of the year involved data exfiltration, a tactic which has become common with ransomware gangs over the past year.

Securing your cloud environment effectively is no easy task. What cloud security issues should you be prepared for? What are the most serious security risks? Which best practices are most effective at keeping your data safe? In this article, we will explore the two primary cloud models and the principal security concerns you will face when using each model.

Organizing and finding information efficiently is at the heart of any robust content management system. Though content is typically classified as structured or unstructured, the difference between structured and unstructured information is a matter of degree – it is a spectrum.

Scams occurring during online purchases have spiked since the start of the pandemic, as reported in new research conducted by the Better Business Bureau (BBB). Around 80.5% of consumers who reported this type of scam this year lost money, compared to 71.2% in 2015. Online purchasers scams have been among the three riskiest scams for the past three years but the situation has become significantly more severe in 2020.

Bulletproof has released its Annual Cyber Security Industry Report 2021, where we look at the security challenges facing businesses in 2021 and discover what organisations can do to stay ahead of the hackers. In this blog we highlight 4 key findings from the report and explore what they mean for business’ security in 2021 and beyond.

The ultimate objective of any software developer is to create performant, secure, and usable applications. Realizing this goal requires every application to be tested thoroughly. Testing is therefore a critical aspect of creating robust applications. It’s what ensures the developed software meets the desired quality expectations. This blog examines one of the vital testing methods: white box penetration testing.

At the convergence of digital transformation, an industry-wide focus on SASE, and the effects of the continuing COVID-19 pandemic, there are key forces that security practitioners need to be aware of and operate within. This is the second blog in a series of three detailing these forces and how security leaders and practitioners can adapt to them in a digitally transforming, SASE-enabled world. This blog covers the forces of Organizational Culture and Adversaries and Threats.

On September 29, 2020, the U.S. Department of Defense (DoD) released an interim rule titled Assessing Contractor Implementation of Cybersecurity Requirements (Defense Federal Acquisition Regulation Supplement (DFARS) Case 2019-D041). The rule amends the DFARS, and at the same time, implements the DoD Cybersecurity Maturity Model Certification (CMMC) program.

When we talk about training security analysts, you probably immediately think about earning certifications such as CFCE or OSCP. This year’s Devo SOC Performance ReportTM found that among survey respondents who don’t consider their SOC to be a high performer, only 31% of those organizations have a defined program for training analysts. While practical skills are vital in the SOC, they’re not the end-all, be-all of reaching the next career level.