Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: Microsoft fixes a Windows zero-day, the US sanctions Iranian hackers linked to ransomware attacks, and more.

For many workers, accessing the tools required to do their jobs is a hassle. This ‘login fatigue’ could be putting your business at risk as employees find less secure workarounds to complete tasks, or, in some cases, give up on a task altogether.

Global survey shows cybersecurity was the top business priority for organizations that use tools that enable the search of data across multiple sources It’s time to re-evaluate how we define the term “search.” Today, search has far broader applications than those of a standard search engine query. That’s especially true when it comes to cybersecurity.

At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively collecting open-source intelligence (OSINT), which drew interest from various threat actor groups. Heightened interest in the OSINT data led to additional actors joining , growing its membership to include not only Russian cyber criminals, but uniting other cyber gangs sympathetic to Russia.

Cybersecurity and Infrastructure Security Agency’s (CISA) has released their 2023-2025 Strategic Plan, its first comprehensive strategic plan since the agency was created four years ago. “This is an important step in planning and preparing to combat the evolving cyber threats,” said Bill Rucker, president of Trustwave Government Solutions (TGS). “I appreciate the emphasis on working with the private sector in the plan.

Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. In a newly-published advisory directed at the healthcare payment industry, the FBI warns that cybercriminals are using a cocktail of publicly-available Personally Identifiable Information (PII) and social engineering techniques to impersonate victims and obtain access to files, healthcare portals, payment information, and websites.

After a two-year hiatus, the Gartner Security and Risk Management, London is back! I had the privilege of attending a number of sessions, spending time talking with analysts and digesting some of the latest cybersecurity trends and strategies, including the Top Cybersecurity Predictions for 2022-2023 from Gartner. Two themes that stood out to me were security service edge (SSE) and extended detection and response (XDR) Below are some of my key takeaways from this year’s conference.

On August 9, 2022, we released a blog post about a phishing campaign where attackers were abusing Google Sites and Microsoft Azure Web Apps to steal cryptocurrency wallets and accounts from different targets, namely Coinbase, MetaMask, Kraken, and Gemini. The attackers were abusing SEO techniques to spread the pages and using advanced techniques to steal data, such as using live chats to interact with victims.

Security infrastructure as a service (SIaaS) is an engineering-centric, infrastructure-first approach to cybersecurity—and is at the heart of everything we do at LimaCharlie. In this post, we’ll explain more about what SIaaS is, why it’s important, and how it differs from legacy models of cybersecurity.

Security and compliance has a major role in every organization. Businesses are nothing without the trust and loyalty of their customers, and for many companies — from early-stage startups to multinational corporations — winning that trust starts by demonstrating that you have the correct security controls in place. Internationally-recognized compliance standards, such as ISO 27001, PCI-DSS, and SOC 2, make up the industry-standard goals that most businesses and organizations pursue.