Cybercrime is a major concern for individuals, businesses, and governments alike. As technology advances, so do the tactics and sophistication of those who seek to exploit it for nefarious purposes. Data shows that, on average, a cyber attack occurs every 39 seconds, affecting one in three Americans annually.

Cyber insurance has a strange past: AIG first took cyber insurance to market in 1997 despite a total lack of actuarial data to inform premiums or policies. Essentially, the industry ran on guesswork. Even today, the cyber insurance market is remarkably unpredictable compared to long-established insurance policies such as those for housing or health.

Formjacking is a cyberattack where attackers inject malicious JavaScript code into webpages containing form fields, usually on login pages or payment forms. The objective is to steal sensitive information, such as credit card details, passwords, and other personal data, directly from users as they enter it into the compromised forms. Formjacking attack occurs entirely on the client side—within the user’s browser—making it particularly challenging to detect.

To further raise awareness on threat actor activity in the dark web and hacking communities, today we are introducing the Cato CTRL Threat Actor Profile. This will be a blog series that profiles various threat actors and documents notable activity that we are observing. Our inaugural Cato CTRL Threat Actor Profile is on Yashechka.

In November 2023, Datadog announced the launch of Security Inbox, a solution that equips security and engineering teams with valuable insights for mitigating security risks. Security Inbox takes the guesswork out of addressing the most pressing security risks by automatically organizing them into an actionable list for remediation. As of today, Security Inbox has already served thousands of security and engineering teams, giving them the right context at the right time for protecting their environments.

SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in real-world environments.

Happy International Dog Day! This official holiday celebrates our furry friends and the joy they bring to our lives! Today is particularly special for all of us at Snyk because of our four-legged mascot, Patch the Doberman. But what exactly does a dog have to do with application security? Here at Snyk, we see the idea of a “guard dog” protecting someone’s home as similar to how AppSec solutions can protect today’s development practices.

You can mitigate the risk of ransomware attacks by regularly backing up your data, updating your device with the latest software, implementing least-privilege access, using a business password manager and educating employees about security awareness, among other things. Ransomware attacks occur when organizations are prevented from accessing files and data until they’ve paid a ransom to the cybercriminal who infected their devices with malware.

The Internet of Bodies, or IoB, represents a groundbreaking shift in the healthcare industry, connecting vital health management devices like pacemakers, insulin pumps, and health monitors to the Internet. While these advancements come with many remarkable benefits, they also expose these essential devices to new cybersecurity vulnerabilities.

Cybercrime is as lucrative as ever, generating millions in illicit revenues for threat actors. Between 2021 and 2023, global data breaches rose by 72%, breaking all previous records. Meanwhile, data breach costs continue to rise. The average cost of an enterprise data breach in 2024 is $4.88 million — another all-time high. This puts managed service providers (MSPs) in a tight position. Cyber liability insurance can help reduce exposure to steep losses associated with cyberattacks.