Shipping secure code rapidly and at scale is a challenge across the software industry, as evidenced by continued news of high-profile data breaches and critical vulnerabilities. To address this challenge, organizations are increasingly adopting DevSecOps, a practice in which application developers work closely alongside operations and security teams throughout the development life cycle.

Over the last year there has been a prevailing sentiment that while AI will not necessarily be replacing humans, humans who use AI will replace those that don’t.

Let’s explore how SpiderLabs created and incorporated user prompts, specifically Windows dialog boxes into its malware loader to make it more convincing to phishing targets during a Red Team engagement.

The world is going cashless. The Federal Reserve Bank of San Francisco reported that cash was used in just 18% of all U.S. transactions in 2022. And that number will continue to decline. The widespread use of credit and debit cards, plus the rise of digital wallets and contactless payments, have reshaped the financial landscape in many wonderful ways — increasing flexibility as well as financial protection. However, it’s also increased the levels of fraud.

Pickle in Python is primarily used in serializing and deserializing a Python object structure. In other words, it’s the process of converting a Python object into a byte stream to store it in a file/database, maintain program state across sessions, or transport data over the network. The pickled byte stream can be used to re-create the original object hierarchy by unpickling the stream. This whole process is similar to object serialization in Java or.Net.

Recently a large service provider in Eastern Europe contacted the A10 threat research team for insight into a series of DDoS attacks against its network. While the attacks were not service impacting, the frequency and persistence of the attacks raised internal concerns that the attacks might mask a more malicious intent: could this be a state actor planting malware or testing their defenses for a larger attack against critical infrastructure?

We are excited to announce that KnowBe4 has been named a leader in the Spring 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the 12th consecutive quarter! The latest G2 Grid Report compares Security Orchestration, Automation, and Response (SOAR) Software vendors based on user reviews, customer satisfaction, popularity and market presence. Based on 278 G2 customer reviews, KnowBe4’s PhishER platform is the top ranked SOAR software.

In a landmark development, the U.S. Department of Homeland Security (DHS) has unveiled its pioneering Artificial Intelligence Roadmap, marking a significant stride towards incorporating generative AI models into federal agencies' operations. Under the leadership of Secretary Alejandro N. Mayorkas and Chief Information Officer Eric Hysen, DHS aims to harness AI technologies to bolster national security while safeguarding individual privacy and civil liberties.

Cybersecurity has always been a complex field. Its adversarial nature means the margins between failure and success are much finer than in other sectors. As technology evolves, those margins get even finer, with attackers and defenders scrambling to exploit them and gain a competitive edge. This is especially true for AI.

It’s a concern for families everywhere: keeping kids safe online. For parents with teenagers, there’s the added complication of trying to balance a child’s safety with their right to privacy. But is online safety just families’ problem?