In the second quarter of 2024, 877,536 phishing attacks were reported, a marked decrease from the 963,994 attacks reported in the first quarter of the same year. However, this might not be a reason to celebrate just yet, as this reduction might be due to the fact that email providers have made it increasingly difficult for users to report phishing attempts.

Migrating virtual machines (VMs) from VMware to next-generation open infrastructure platforms like KubeVirt and OpenShift Virtualization carries some VM migration risks that can impact business operations if not managed properly. One of the key challenges is compatibility, as the architecture, configurations, and dependencies of VMs in VMware may not seamlessly translate to new environments, leading to issues with performance, application functionality, or even failed migrations. Process risks include.

Whether you’re the CISO or part of the incident response team, it’s likely you have heard of exposure management (EM). Introduced by Gartner in 2022 as the evolution of vulnerability management (VM), the name “exposure management” was adopted by vendors faster than you can say “next gen” or “AI-powered”. Unfortunately for consumers the hype added more confusion than clarity. This blog is a chance to reset expectations.

In today’s digital age, cybersecurity is no longer just an IT concern; it’s a critical component of retail success. As more customers shop online and engage with brands through digital platforms, the risks associated with cyber threats continue to grow. Whether you run a brick-and-mortar store, an e-commerce site, or a hybrid model, safeguarding your business from cyber attacks is essential.

Depending on who you ask, between 70 and 90 percent of cyber risk has human error as the root cause. That's why Human Risk Management (HRM) is so important. And here is the next major advance in HRM. We're thrilled to announce the second version of our risk score architecture. It is so far advanced we have renamed—promoted really—our initial "Virtual Risk Officer" to SmartRisk Agent.

Important note: there may be other CVEs issued related to these vulnerabilities and others detected by Simone, the original researcher. We will update this blog with new details as needed.

In today’s digital landscape, cybersecurity threats don’t take breaks — and neither should your small business. In fact, small and medium-sized businesses (SMBs) are prime targets, seen as easy prey due to their limited resources and often weaker security postures. But here’s the reality: Lack of resources doesn’t mean you lack options. SMBs can still build a robust defense against cyber threats without a massive security budget.

In recent years, critical infrastructure (CI) has become a primary target for cybercriminals and nation-state actors. The systems that provide essential services such as energy, water, transportation, and healthcare are increasingly vulnerable to attacks that could have devastating consequences for entire regions or even nations.

We’ve all seen it happen: you create a solid remediation plan, map out the misconfigurations and vulnerabilities, and develop a plan to fix them, but when it comes time to execute, things start to fall apart. Why do remediation plans fail even when they seem solid on paper? The truth is, it’s often not the plan itself, but how it’s executed. Let’s break down the common obstacles that cause remediation efforts to go wrong and what you can do to avoid them.

Earlier this year, we launched a new Domains page to give you more powerful and flexible attack surface insights. When the recent CUPS vulnerability hit the news, our new page quickly allowed users to create a policy to detect potential threats on port 631—something that wasn’t possible before. Since then, we’ve rolled out dozens of improvements to help security teams like yours feel more confident in managing their ever-changing attack surface.