While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remain vigilant for any signs of suspicious activity.

As mobile technology becomes integral to day-to-day life, fraudsters are refining phishing techniques to exploit vulnerabilities in mobile browsing. According to Zimperium’s 2024 zLabs Global Mobile Threat report, 82% of phishing sites specifically targeted mobile devices in 2023. To protect customer data, enterprises need to counter-adapt.

To find out if someone else is using your Social Security number (SSN), you should check your credit reports, review your mySocialSecurity account and be cautious of calls from debt collectors. The idea of a stranger having such sensitive information about your identity can be terrifying. You may even be a victim of the recent data breach in which over 2.9 billion pieces of personal data were stolen from National Public Data.

Passwords are bad, and our whole industry is trying to move away from these simple strings granting access to our systems. But change is slow, and adopting newer standards is difficult, even if passwords are deeply problematic. Now, the National Institute of Standards and Technology (NIST) is updating the core standard for authentication – and it adopts the “new school” of password policies.

If you’re an avid reader of Application Security surveys, analyst papers, or incident reports, you may have concluded that the biggest issue most organizations have with application security is NOT finding the flaws in their codebase, but is, in fact, finding ways to remediate them while also creating new applications and updates, oh and keeping the lights on. Many organizations are drowning in security debt.

Vanta’s mission is to secure the internet and protect consumer data. Following the launch of the U.S. Cybersecurity and Infrastructure Security Agency (CISA)’s Secure by Design pledge on May 8, 2024, Vanta continues to reinforce our commitment to our mission daily as one of the first organizations to adopt CISA’s Secure by Design pledge. ‍ This pledge simplifies the implementation of best security practices for software companies—raising the bar for protecting customer data.

The Trinity ransomware gang is launching double-extortion attacks against organizations in the healthcare sector, according to an advisory from the US Department of Health and Human Services (HHS). The ransomware gains initial access via phishing emails or software vulnerabilities. “Trinity ransomware was first seen around May 2024,” the advisory says.

Information and digital security frameworks like FedRAMP, CMMC, and ISO 27001 are not static documents. They provide a static framework for your business to comply with and achieve, but that framework is only valid for so long. Several different forces are in play to ensure that the stipulations and security measures outlined in these frameworks remain valid over time.

In September 2024, Frost & Sullivan released its Frost Radar: Application Security Posture Management (ASPM), 2024, highlighting the leaders in this rapidly growing market. We’re proud to be recognized as a top player, reflecting our strong growth and impact in the ASPM space. Our customers use Nucleus to achieve a comprehensive and unified application security posture.

Working remotely using cloud applications is now the norm for getting things done. But while these shifts offer greater flexibility, they also bring new security challenges. For years, virtual private networks (VPNs) were the go-to solution for securing remote access. But when used at such a large scale, VPNs are inefficient, slowing users down and undoing the productivity gains that come along with remote work. Worse, they expose organizations to unnecessary security risks like lateral movement attacks.