Technological advances in how we create and consume media have repeatedly transformed how election campaigns are fought: social media, TV and radio were all revolutions in their times.There have always been concerns about the impact these new technologies would have on democracy: the Milwaukee Journal worried following the first televised presidential debate, in 1960, that “American Presidential campaigning will never be the same again.” Perhaps they were right…

Keeping money and ideas safe from outsiders is relatively easy. But what happens when you have to keep them safe from insiders? Asset misappropriation is a type of fraud that employees commit in their organizations, usually taking advantage of their position. This makes it not only harder to prevent but also difficult to identify if you don’t have the right systems in place.

Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.

Phishers are in the business of deception. They trick unsuspecting individuals into compromising sensitive data, potentially bringing an entire organization to its knees. Awareness training for employees is one of the most important tools a company can use in its anti-phishing strategy. However, it also has its downsides. Some of these flaws can, and should be fixed. Others leave no choice but to complement training with additional anti-phishing tools.

Another day, another API breach in the news. The latest breach occurred on the Life360 platform where an advisory was able to gleam 400k user phone numbers, based on the article written on Bleepingcomputer.com. Known only by their 'emo' handle, they said the unsecured API endpoint used to steal the data provided an easy way to verify each impacted user's email address, name, and phone number.

In the world of government-adjacent security and compliance, there are many different terms and acronyms you’ll encounter for the processes you have to perform. Often, these terms are interrelated in a single process, so you tend to learn them in clusters. One such cluster includes STIGs, SRGs, SCAP, and CCIs. What are these, what do they mean, and what do you need to do to utilize them properly? Let’s answer the most commonly asked questions.

Breakdancing is coming to the world stage while French citizens stage a creative protest with the hashtag “JeChieDansLaSeineLe23Juin.” We’ll leave the dirty research on that to you. Regardless, the ramp-up to the 2024 Paris Olympics is proving to be an exciting and controversial affair. However, the Olympic call isn’t reserved for top athletes and sports enthusiasts. It’s also a prime opportunity for scam artists and fraudsters to exploit an influx of tourists.

Your organization deals with various forms of sensitive information. It could be company secrets, customer data, or proprietary research — whatever the case, security should be your top priority. This is especially true given the heightened security concerns worldwide, with malicious actors targeting businesses everywhere. As such, you must protect your business’s interests and comply with regulatory requirements for data protection.

Business continuity is at the forefront of most systems and process design at Indusface. In a recent blog, we discussed how Indusface follows design-for-failure principles a powerful approach that enables us to deploy faster. In this blog, I will talk about the processes we have to ensure that our code and rule deployments do not cause widespread downtime to our protected assets.