Sophos describes a QR code phishing (quishing) campaign that targeted its employees in an attempt to steal information. The attackers sent phishing emails that appeared to be related to employee benefits and retirement plans. The emails contained PDF attachments which, when opened, displayed a QR code. If an employee scanned the code, they would be taken to a phishing page that spoofed a Microsoft 365 login form. The page was designed to steal login credentials and multi-factor authentication codes.

Insider risk management is more critical than ever as human error and insider threats drive escalating security breaches. While many organizations have adopted User and Entity Behavior Analytics (UEBA) to monitor potential risks, relying solely on UEBA may fall short of the depth needed to stay ahead of these increasingly complex threats.

CrowdStrike is proud to announce cloud security support for Google Cloud’s first custom ARM-based processor, Axion, delivered by the unified, cloud-native CrowdStrike Falcon platform. This extends industry-leading protection to our customers with extensive coverage for Google Cloud environments. We are excited to collaborate with Google Cloud, which today unveils its new C4A Virtual Machines.

The booming e-commerce industry, with its projected $5 trillion in sales by 2025, has become a prime target for cybercriminals, a fact highlighted in the new Trustwave SpiderLabs report, Retail Sector Deep Dive: Rise of E-Commerce Threats.

Passphrases are quickly emerging as a user-friendly alternative to traditional passwords. Earlier this year, Keeper integrated a passphrase generator into our web vault. Now, our users can take advantage of this ultra-secure, convenient functionality on our Android mobile app and KeeperFill Browser Extension, with iOS coming soon. Like Keeper’s password generator, you can generate a passphrase within your vault or record screen with a simple click of the dice.

With the Cybersecurity Maturity Model Certification (CMMC) 2.0 now finalized by the U.S. Department of Defense (DoD), contractors and suppliers across the Defense Industrial Base (DIB) must ensure they meet stricter cybersecurity standards to maintain eligibility for DoD contracts. Achieving and maintaining CMMC compliance is no small task — it requires robust security protocols, continuous monitoring and strict control over access to sensitive information.

Yes, Two-Factor Authentication (2FA) can stop hackers from accessing your accounts, but it’s not entirely foolproof and some forms of 2FA are stronger than others. 2FA is a type of Multi-Factor Authentication (MFA) that requires two authentication factors. With 2FA, you will need your username, password and another authentication method before you can access an online account.

Kubernetes has become a cornerstone in modern IT environments, significantly revolutionizing the way applications are deployed and managed. Its ability to automate scaling, deployment, and management of containerized applications makes it indispensable for businesses aiming for agility, scalability, and efficiency. As organizations increasingly adopt microservices architectures, Kubernetes’ role in providing seamless orchestration and robust security continues to grow in importance.