SIM swapping, also known as SIM jacking, is a technique used by attackers to gain access to a person’s phone number and, ultimately, their two-factor authentication (2FA) codes.

It is always interesting to learn about real-world examples of technologies at work. So, when ThreatQuotient invited me to share how we at Sysdig are using the ThreatQ Platform to enhance our cloud detection and response solutions, I was happy to participate.

Staying up-to-date on the current state of security and understanding the implications of today’s growing threat landscape is critical to my role as CISO at Elastic. Part of this includes closely following the latest security threat reports, highlighting trends, and offering valuable insights into methods bad actors use to compromise environments.

Recently, I met with Or Weis — a Snyk Ambassador — to discuss access control in the cloud. Or is an entrepreneur, based in Tel Aviv, where he founded Permit.io, a solution that empowers developers to bake in permissions and access control into any product in minutes and takes away the pain of constantly rebuilding them.

The World Economic Forum (WEF) Centre for Cybersecurity will host its annual meeting focusing on cybersecurity from November 15-16 in Geneva, Switzerland. Among the primary themes for the 2022 event is cyber resilience, with a focus on organizations developing the proper leadership and cooperation to deal with the growing threat landscape.

In times of economic volatility, precious metals are a safe harbor for investors of all sizes. This has been reflected in choppy pricing for metals such as gold, which, according to CNBC, have only just settled down after weeks of gradual rise against a weakening dollar.

As innovations in the world of application development and data computation grow every year, the “attack surface” of these technologies grows as well. The attack surface has to be understood from two sides—from the attacker’s side and from the organization being attacked.

Enterprises are embracing cloud-native applications in the name of business agility. These applications enable developers to take advantage of the cloud’s scalability and flexibility, allow customers and developers to benefit from the increased velocity of DevOps processes and help businesses quickly react to customer needs and potentially lower their cost of deployment.

With December 9 just weeks away, auto dealerships need to prepare for changes in the FTC Safeguards rule and understand how they’re going to move forward in compliance with the new rule. With roots in the Gramm-Leach-Bliley Act (GLBA), the Safeguards Rule expands the definition of “financial institution” to include a broader swath of industries that provide financial services to customers.

Phishing is one of the most common online security threats. A phishing website tries to mimic a legitimate page in order to obtain sensitive data such as usernames, passwords, or financial and health-related information from potential victims. Machine learning (ML) algorithms have been used to detect phishing websites, as a complementary approach to signature matching and heuristics.