The Verizon Data Breach Investigations Report is to security what the Vogue September issue is to fashion: a glossy, buzzy publication that guides the industry’s conversations for an entire year.

User and Entity Behavior Analytics (UEBA) is a long-term that essentially refers to a security process that utilizes analytics to identify abnormal network behavior. UEBA takes a proactive approach by scanning the actions of users and entities within a network. It doesn’t just react to threats but also establishes a baseline from which it learns to be more precise and timely, empowering you to stay ahead of potential security breaches!

KEV! KEV! KEV! No, you aren’t standing outside a frat house while some college kids encourage their buddy Kevin to finish his beverage. Rather, it’s the sound of people extolling the virtues of the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities(KEV) Catalog.

The “Security Alert” scam is a prevalent tech-support fraud that threatens both Windows and Apple users. It exploits the trust of users by masquerading as an official support site, using fake pop-up warnings to lure users into dialing scam phone numbers by conveying a sense of urgency. The ultimate goal is gaining remote access to the user’s system and pilfering personal data to extort money.

Cloud storage services and SaaS apps like Google Drive and Microsoft OneDrive provide convenient, scalable solutions for managing documents, photos, and more—making them indispensable for modern work and personal life. However, misconfigured settings and permissions can lead to serious security breaches, noncompliance, and even the loss of customer trust. Let’s explore the 5 most common misconfiguration issues with real-world examples.

ToddyCat deploys advanced tools for industrial scale data theft, hackers use eScan updates to spread GuptiMiner malware, and Russia’s APT28 exploits a Windows Print Spooler flaw.

As the number and severity of third-party breaches continues to rise, companies are scrutinizing more closely not just how they handle data, but how their vendors do as well. For security leaders, this means more security reviews are coming across their desk everyday. ‍ Limited resources and legacy processes make it hard for security teams to keep up with the pace of business.

In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra, a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the FinTech space.

After speaking with customers, we renamed 1Password Teams and Business private vaults to employee vaults to reduce confusion between work and personal accounts. No functionality is changing – just the name.

When you think of cybersecurity, your mind likely goes to external threat actors — malware, ransomware, spearphishing attacks, and other malicious activity. However, it’s crucial to note that 60% of data breaches are caused by insider threats, and a staggering 74% of organizations are at least moderately vulnerable to them. It’s not everybody else your organization needs to worry about; it’s your own people.