Once upon a time, organizations saw cybersecurity as a technical challenge that affected just technical stakeholders. Those days are over. Security has become a business problem. Aware of the danger that cyberattacks pose to business revenue and reputation, executives and boards are focusing more extensively on ensuring that their IT organizations are handling security risks, which means CISOs face more pressure than ever.

Artificial intelligence (AI) is transforming modern society at unprecedented speed. It can do your homework, help you make better investment decisions, turn your selfie into a Renaissance painting or write code on your behalf. While ChatGPT and other generative AI tools can be powerful forces for good, they’ve also unleashed a tsunami of attacker innovation and concerns are mounting quickly.

In today's digital landscape, ensuring the security of your applications is of paramount importance. AppSec, short for Application Security, involves safeguarding your software applications against potential threats and vulnerabilities. While implementing robust AppSec practices is crucial, effective leadership plays a vital role in setting up your business for AppSec success.

Trustwave is one of the finest pure-play cybersecurity companies in the business, capable of helping clients from almost any industry remain safe from cyberattack, but one little-known, non-cybersecurity service we offer is helping our channel partners decipher and answer request for proposals (RFPs).

When most people think about social media and cybersecurity, they typically think about hackers taking over Instagram accounts or Facebook Messenger scammers taking private information. It’s for good reason that this is top-of-mind. The Identity Theft Resource Center’s 2022 Consumer Impact Report revealed that social media account takeovers have grown by 1,000% in one year.

Contrary to stereotype, today’s cyberattacks aren’t limited to complex tactics such as the use of zero-day exploits or polymorphic malware that flies under the radar of traditional defenses. Instead of going the extra mile to set such schemes in motion, most threat actors take a shortcut and piggyback the human factor.

The GNU General Public License (GPL) is one of the most widely used open source software licenses. It was created by the Free Software Foundation (FSF) to protect the GNU’s software from being made proprietary. The GPL emphasizes the principles of software freedom and promotes the sharing of knowledge and collaboration. It is a copyleft license that requires any modified versions or derivative works to be licensed under the GPL.

Cloudflare Area 1 is a cloud-native email security service that identifies and blocks attacks before they hit user inboxes, enabling more effective protection against spear phishing, Business Email Compromise (BEC), and other advanced threats.

I've been pentesting applications for nearly two decades now and throughout that time you get to see trends. One of these is the gradual adoption of Single Sign-On (SSO) in the corporate environment for lots of previously isolated applications. These applications would usually have their own user database and the users (the employees) would need to authenticate directly to them with specific 'local' credentials. With this setup comes varying password expiry times, complexity requirements, etc.

Read also: Multiple firms impacted in the widespread MOVEit hacking spree, a hack drains at least $35M in crypto from Atomic Wallet users, and more.