Unfortunately, it will often take some kind of disaster in the business world before a government takes action to prevent it from happening again. It’s only when significant data breaches happen that states implement compliance laws to avoid mishandling data; in this case, SOX compliance has a similar backstory. In the early 2000s, the collapse of corporate giants Enron, Tyco, and WorldCom exposed flaws in corporate accountability, leading to widespread fraud and massive investor losses.

In February of 2024, SenseOn was contacted to assist with investigating suspicious activity on a customer’s estate. SenseOn analysts quickly identified a malware infection and identified the variant as SocGholish. This blog will showcase SenseOn’s detection and response capabilities against the malware and a breakdown of SocGholish’s techniques and that of the threat actor observed.

Data privacy and security are critical concerns for businesses using Large Language Models (LLMs), especially when dealing with sensitive information like Personally Identifiable Information (PII) and Protected Health Information (PHI). Companies typically rely on data masking tools such as Microsoft’s Presidio to safeguard this data. However, these tools often struggle in scenarios involving LLMs/AI Agents.

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security. URL rewriting is a security technique used by many email security platforms to analyze links in emails to verify their safety before users are allowed to click on them. However, this technique can also be abused to mask the original phishing link.

BDRSuite has taken a significant step forward with its latest beta release, focusing on expanding backup support for Proxmox cluster environments. This beta version introduces several powerful features designed to enhance the flexibility and efficiency of backup and recovery processes.

We are excited to announce that Jonathan Freedman has joined The Cyber Helpline as our new Head of Information Security. With over two decades of experience in Information Technology, Enterprise Architecture, and Cybersecurity, Jonathan is dedicated to safeguarding the digital landscape. He currently serves as the Head of Information Security at London law firm Howard Kennedy, where he leads the Cybersecurity Team.

Dynamic Application Security Testing (DAST), sometimes referred to as “pentesting in a box”, tests running code for a variety of issues that can’t easily be found by analyzing code with static scanning tools. DAST tools are platform and language agnostic—as long as you have a website or API they can connect to, they’ll get the job done, and find real vulnerabilities in the same places an attacker would.

We’re excited to announce that Kivera, a cloud security, data protection, and compliance company, has joined Cloudflare. This acquisition extends our SASE portfolio to incorporate inline cloud app controls, empowering Cloudflare One customers with preventative security controls for all their cloud services.

Mitigating risk based on the threat landscape is a complicated yet essential part of being a CISO, which is why threat reports like the 2024 Elastic Global Threat Report are a huge help for me. In addition to providing an in-depth understanding of what’s happening, threat reports also offer a quick overview of what needs to be explained or communicated to the rest of the organization.

No, jailbreaking your iPhone is not safe and can result in your personal information being stolen, your phone becoming infected with malware and your software malfunctioning. When you jailbreak your iPhone, you increase the number of security vulnerabilities that cybercriminals can exploit to access your private information. Continue reading to learn what jailbreaking is and why you should never jailbreak your iPhone.