SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies
New SpyCloud research highlights the expansion of phishing attacks as AI and phishing-as-a-service fuel enterprise targeting.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The latest News and Information on Data Security including privacy, protection, and encryption.
AI Data Exfiltration: Types, Risks, Prevention Strategies
Generative AI has revolutionized productivity — but it has also introduced a massive, often invisible new vulnerability: AI data exfiltration. Whether it’s a well-meaning engineer pasting source code into an LLM for debugging, or a marketer feeding sensitive customer data into a prompt for analysis, your organization’s most valuable intellectual property is likely walking out the virtual front door.
Nightfall's integration with Claude's Compliance API is now live
What this milestone means for enterprise AI security - and why we built it. AI adoption inside the enterprise didn't slow down and wait for security to catch up. It accelerated. And nowhere is that more visible than in the rapid deployment of large language models like Claude across enterprise workflows. Customer support teams use it to summarize tickets. Legal teams use it to review contracts. Engineers use it to write and review code. Finance teams use it to draft reports.
The Security Risk That May Already Be Sitting Inside Your Home
The idea of digital privacy often feels straightforward. People create passwords, enable security settings, and assume that taking a few precautions is enough to keep unwanted visitors out of their lives. Yet many privacy concerns do not begin with hackers targeting large organizations or criminals developing sophisticated attacks. They begin with devices that people voluntarily bring into their homes.
The Hidden Path From a Household Gadget to Your Personal Data
Most people think about cybersecurity in terms of computers and smartphones. When they hear about data breaches, identity theft, or compromised accounts, they picture hackers targeting laptops, email inboxes, or financial institutions. Few people imagine that a device mounted quietly on a wall could become part of the story.
Securing Your AI Agents: Today's New Data Threat
AI agents are already inside your company - reading files, calling APIs, executing code. Most of them were never approved by security. In this session, Nightfall AI walks through exactly how agents become an attack surface: prompt injection, malicious MCP servers, credential exfiltration, and more.
PII protection: 8-step framework from discovery to security
Most organizations can't answer three basic auditor questions simultaneously: where PII lives, who can access it, and how it's protected. One-off scans and manual classification go stale as data volumes grow. A repeatable, eight-step PII protection program from initial discovery through ongoing governance is what separates a defensible compliance posture from a snapshot that collapses under scrutiny.
Microsoft 365 DLP: what it covers and where it falls short
Microsoft 365 DLP delivers real protection for regulated data in Exchange, SharePoint, Teams, and managed Windows endpoints, but only within that boundary. On-premises file servers, Linux endpoints, unmanaged devices, and non-Microsoft SaaS fall outside enforcement regardless of how policies are configured. Most security teams can't yet clearly distinguish the gaps that configuration fixes can address from those that require supplemental controls.
archTIS and Mattermost Partner to Deliver Secure Collaboration for Defence Operations
archTIS and Mattermost are pleased to announce a collaboration to deliver policy-enforced, data-centric security to secure operational collaboration for Defence Ministries, NATO Allies, and coalition partners worldwide. The collaboration combines Mattermost’s secure, mission-critical command-and-control surface with archTIS Trusted Data Integration (TDI) platform, to enable secure collaboration using dynamic policy orchestration via Attribute-Based Access Control (ABAC).
Why MCP Breaks the Financial Services Security Stack
A relationship manager asks the firm's AI assistant to "summarize my top wealth clients by AUM and flag anyone with a pending transfer over $500K." The agent calls a CRM MCP server, then a core banking MCP server, then a market data MCP server, and returns a clean answer in twelve seconds. Names, balances, account numbers, pending wire details, all rendered in plain text inside the chat window. No file moved. No email left the network. No DLP channel triggered.