Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: India busts fake Microsoft and Amazon call centers, Vastaamo hacker charged with over 30,000 counts of computer crimes, and more.

The impact of AI tools on software development is starting to make itself felt. As the productivity of developers increases, so does the necessity for software testing. Luckily, AI is also seeing increasing adoption in testing, enabling dev teams to ensure robust and secure software despite increasing output. In this in-depth guide, we will explore the top 18 AI testing tools in 2023 that have the potential to take your testing processes to the next level. Overview.

In light of the recent data breach at Okta, it’s important to pay attention to the potential risks of sharing HAR files in SaaS data silos like Zendesk.

A panel of cybersecurity experts from BT, Cranfield University and Netacea recently came together to discuss the accumulating cost businesses face due to malicious automation. The webinar is now available to watch on demand (scroll to the bottom of this page or click here to watch it in full). You’ll hear our specialist panel analyze results from this year’s extensive survey into what bot attacks cost enterprise businesses.

A number of JUMPSEC clients have expressed a degree of confusion about their preparedness for the new Digital Organisational Resilience Act (DORA). Enacted in December 2022, DORA has mandated regulations for financial sector organisations and their critical third-parties.

The Fireblocks research team recently uncovered an ERC-4337 Account Abstraction vulnerability in the smart contract wallet UniPass. Fireblocks worked with UniPass to fully mitigate the vulnerability, which was found in hundreds of mainnet wallets in a whitehat operation. All funds are now safe and accounted for.

In August 2023, Netskope Threat Labs highlighted an increase in downloads of PDF phishing attachments in Microsoft Live Outlook, caused by a series of phishing campaigns targeting users of the email service. We took a closer look and found that these campaigns are mostly Amazon-themed scams with a few Apple and IRS-themed phishing attempts sprinkled throughout. Just like in our previously reported phishing blog posts, attackers are abusing free services in these campaigns.

The world had a security wake-up call recently. Organizations were alerted to nearly 100,000 exposed industrial control systems (ICS), potentially allowing an attacker to access and control physical infrastructure such as power grids, traffic light systems, security and water systems, and more. That’s not only a stark statistic but a critical call-to-action for organizations around the world.

What is the culture of cybersecurity, anyway? When most people hear the phrase “Cybersecurity is a Culture,” their minds jump immediately to cybersecurity awareness training videos that help employees avoid phishing scams. Certainly, that is an important part of driving security awareness in your organization, but the true culture of cybersecurity is so much more. To quote our CTO, Jerald Dawkins, Ph.D., “Cybersecurity is a team sport.

Red teamers at IBM X-Force warn that AI-generated phishing emails are nearly as convincing as human-crafted ones, and can be created in a fraction of the time. The researchers tricked ChatGPT into quickly crafting a phishing lure, then tested the lure against real employees.