Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

Keeper Improves Security Audit and Browser Extension Functionality

Keeper Security is pleased to announce significant improvements to the Security Audit tab of the Admin Console for business users, as well as the Browser Extension for organizations and individuals alike. The updates include a refreshed User Interface (UI) for both, new functionality to refresh and reset Security Audit scores, the ability to generate a passphrase via the Browser Extension and more.

Nearly Two-Thirds of IT Leaders Have Fallen For Phishing Attacks

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization won’t fall victim to a phishing attack. The survey found that 34% of organizations send simulated phishing emails to their employees at least once every two weeks, but only 15% of end users are aware of them. Likewise, the IT and security leaders surveyed said 83% of their employees fall for the phishing simulations.

More Than 33,000 People in the UK Have Been Hacked Over the Past Year

Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year. Most of these hacks were the result of phishing and other social engineering tactics. Action Fraud describes one technique that involves using a compromised account to target the victim’s friends.

Monitor your Windows event logs with Datadog Cloud SIEM

Windows event logs are a key source of important information about your Windows environments, including detailed records of user activities, system performance, and potential security issues. However, with the sheer volume of logs modern environments generate, it can be overwhelming for security teams to efficiently detect, triage, and respond to threats in real time.

A trainer's take: "Training alone won't change behaviours"

I've spent over 35 years as a trainer in various capacities, so it might surprise you to hear me say that training alone isn't enough to change behaviours—particularly when it comes to security. This isn't just my opinion; it's a conclusion from our State of Human Risk Management in 2024 Report. To understand why training isn't the full solution, we need to delve into the field of human error. Mistakes—errors caused by wrongly applied knowledge—can often be corrected with training.

The Past, Present, and Future of File Integrity Monitoring

Also known as change monitoring, File Integrity Monitoring (FIM) solutions monitor and detect file changes that could indicate a cyberattack. They determine if and when files change, who changed them, and what can be done to restore files if those changes are unauthorized. As such, FIM solutions are useful for detecting malware and achieving compliance with regulations like PCI DSS and are a crucial part of any enterprise security stack.

Falcon Foundry: Build Custom Apps to Solve Tough Security Challenges

Not all security operation centers (SOCs) are equal. They have teams of different sizes, with varying skill levels, protecting a wide range of industries around the world. However, they have a few things in common — for one, they face many of the same threats, and many SOC teams struggle with the complexity of managing several disparate tools to detect and disrupt them. As the cybersecurity industry matures, SOC teams have more options to consolidate the security tools they use.

CrowdStrike + Fortinet: Unifying AI-Native Endpoint and Next-Gen Firewall Protection

In today’s fast-evolving cybersecurity landscape, organizations face an increasing barrage of sophisticated threats targeting endpoints, networks and every layer in between. CrowdStrike and Fortinet have formed a powerful partnership to deliver industry-leading protection from endpoint to firewall.

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. The 2024 Trustwave Risk Radar Report: Retail Sector will cover in detail the threats facing the industry, the most prominent adversaries in the field, and the commonly used methods to attack retailers. The main report is supported by two supplementary pieces.

Attributes and Types of Security Testing

Security testing aims to find vulnerabilities and security weaknesses in the software/ application. By subjecting the software or application to controlled security scenarios, cyber security testing ensures that the system is adequately prepared to withstand attacks and unforeseen failures. Security experts and testers use different types of security testing to identify potential threats, measure the probability of exploitation of vulnerabilities, and gauge the overall risks facing the software/ app.